# Fichero de configuracion base de agentes de Pandora # Base config file for Pandora agents # Version 1.1 # FreeBSD/IPSO version # Licenced under GPL licence, 2003-2004 Sancho Lerena, and others # General Parameters # ================== server_ip pandora_server server_path /opt/pandora_server/data_in pandora_path /opt/pandora_agent temporal /opt/pandora_agent/data_out interval 300 #agent_name bsdbox01 debug 0 checksum 1 # Module Definition # ================= # Conexiones del Firewall module_begin module_name fwcon module_type generic_data module_exec cpstat -f policy fw | tr -s " " " " | grep "Num." |awk '{print $3}' module_end module_begin module_name max_fwconn module_type generic_data module_exec cpstat -f policy fw | tr -s " " " " |grep "Peak" | awk '{print $4}' module_end # Consumo de CPU module_begin module_name cpu_user module_type generic_data module_exec vmstat 1 2 | tail -1 | awk '{ print $17 }' module_end module_begin module_name cpu_sys module_type generic_data module_exec vmstat 1 2 | tail -1 | awk '{ print $18 }' module_end # Parametros generales del sistema module_begin module_name system_freemem module_type generic_data module_exec vmstat | tail -1 | awk '{ print ($5*100)/($4+$5) }' module_end module_begin module_name system_disk_var_free module_type generic_data module_exec df -k /var | tail -1 | tr -s "%" " " | awk '{ print 100-$5 }' module_end # Parametros generales del Firewall y del S.O module_begin module_name policy_name module_type generic_data_string module_exec cpstat -f policy fw | grep "Policy name:" | tr -s " " " " | awk '{print $3}' module_end module_begin module_name policy_date module_type generic_data_string module_exec cpstat -f policy fw | grep "Policy install time:" | tr -s " " " " | awk '{print $4" "$5" "$6" "$7" "$8}' module_end module_begin module_name ipso_ver module_type generic_data_string module_exec uname -a module_end module_begin module_name fw_ver module_type generic_data_string module_exec fw ver | awk '{ print substr($0,46) }' module_end # Estado de HA module_begin module_name run_ha_ckp module_type generic_proc module_exec cpstat -f all ha | tr -s " " " " | awk '/Status short: OK|HA started: yes|HA state: active/{x+=1} END { if (x == 3) print "1"; else print "0"}' module_end module_begin module_name ha_fw_ckp module_type generic_proc module_exec cpstat -f sync fw | tr -s " " " " | awk '/sync - configured: Yes|sync - out state: On|sync - in state: On/{x+=1} END { if (x == 3) print "1"; else print "0"}' module_end module_begin module_name proc_cphamcset module_type generic_proc module_exec ps -x | grep "/opt/CPfw1-R55p/bin/cphamcset" | grep -v "grep" | wc -l | tr -s " " " " module_end # Paquetes procesados por el FW module_begin module_name accept_pkt module_type generic_data_inc module_exec cpstat -f totals fw | tail -4 | head -1 | tr -s "|" " " | awk '{ print $1 }' module_end module_begin module_name drop_pkt module_type generic_data_inc module_exec cpstat -f totals fw | tail -4 | head -1 | tr -s "|" " " | awk '{ print $2 }' module_end # Consumo (%) de MEMORIA y CPU de los tres procesos principales del firewall mdq, fwd y cpd module_begin module_name MDQ_MEM module_type generic_data module_exec ps auxmw | grep " mdq" | grep -v grep | tr -s " " " " | awk '{ print $4 }' module_end module_begin module_name MDQ_CPU module_type generic_data module_exec ps auxmw | grep " mdq" | grep -v grep | tr -s " " " " | awk '{ print $3 }' module_end module_begin module_name FWD_MEM module_type generic_data module_exec ps auxmw | grep " fwd" | grep -v grep | tr -s " " " " | awk '{ print $4 }' module_end module_begin module_name FWD_CPU module_type generic_data module_exec ps auxmw | grep " fwd" | grep -v grep | tr -s " " " " | awk '{ print $3 }' module_end module_begin module_name CPD_MEM module_type generic_data module_exec ps auxmw | grep " cpd" | grep -v grep | tr -s " " " " | awk '{ print $4 }' module_end module_begin module_name CPD_CPU module_type generic_data module_exec ps auxmw | grep " cpd" | grep -v grep | tr -s " " " " | awk '{ print $3 }' module_end