283 lines
7.0 KiB
Perl
Executable File
283 lines
7.0 KiB
Perl
Executable File
#!/usr/bin/perl
|
|
#
|
|
################################################################################
|
|
#
|
|
# SNMP wizard process
|
|
#
|
|
# Requirements:
|
|
# Net::SNMP
|
|
# Crypt::DES
|
|
# Digest::SHA1
|
|
#
|
|
# (c) Enrique Martin Garcia <enrique.martin@artica.es>
|
|
#
|
|
# 2020/03/10
|
|
#
|
|
################################################################################
|
|
|
|
use strict;
|
|
use warnings;
|
|
|
|
use POSIX qw(strftime);
|
|
|
|
use Encode;
|
|
use Encode::Locale;
|
|
use Getopt::Long;
|
|
use Net::SNMP;
|
|
use Net::SNMP::Security::USM;
|
|
|
|
my $HELP=<<EO_HELP;
|
|
|
|
Check if a process is running (1) or not (0) in OID .1.3.6.1.2.1.25.4.2.1.2 SNMP tree.
|
|
|
|
Usage: $0 -host "<ip_address>" -version "<snmp_version>" [SNMP] [SNMPv3] -process "<process_name>"
|
|
|
|
-host Target host
|
|
-version SNMP version (1, 2c, 3)
|
|
|
|
-process Process name to check if is running (case sensitive)
|
|
|
|
[SNMP]
|
|
-community Community (only version 1 and 2c)
|
|
-port Target UDP port (Default 161)
|
|
|
|
[SNMPv3]
|
|
-user Username
|
|
-authMethod Authentication method (MD5, SHA)
|
|
-authPass Authentication password
|
|
-privMethod Privacy method (DES, AES)
|
|
-privPass Privacy password
|
|
-secLevel Security level (noAuthNoPriv, authNoPriv, authPriv)
|
|
|
|
Example: $0 -host 192.168.80.43 -community public -version 1 -process "httpd"
|
|
|
|
EO_HELP
|
|
|
|
#
|
|
# FUNCTIONS
|
|
##############
|
|
|
|
sub new_snmp_target {
|
|
my ($config) = @_;
|
|
my $target;
|
|
my $error;
|
|
|
|
if ($config->{'version'} ne '3'){
|
|
($target, $error) = Net::SNMP->session(
|
|
-hostname => $config->{'host'},
|
|
-port => $config->{'port'},
|
|
-version => $config->{'version'},
|
|
-timeout => $config->{'timeout'},
|
|
-translate => 0,
|
|
-community => $config->{'community'}
|
|
);
|
|
}else{
|
|
if ($config->{'sec_level'} =~ /^noAuthNoPriv$/i){
|
|
($target, $error) = Net::SNMP->session(
|
|
-hostname => $config->{'host'},
|
|
-port => $config->{'port'},
|
|
-version => $config->{'version'},
|
|
-timeout => $config->{'timeout'},
|
|
-translate => 0,
|
|
-username => $config->{'user'}
|
|
);
|
|
}elsif ($config->{'sec_level'} =~ /^authNoPriv$/i){
|
|
($target, $error) = Net::SNMP->session(
|
|
-hostname => $config->{'host'},
|
|
-port => $config->{'port'},
|
|
-version => $config->{'version'},
|
|
-timeout => $config->{'timeout'},
|
|
-translate => 0,
|
|
-username => $config->{'user'},
|
|
-authpassword => $config->{'auth_pass'},
|
|
-authprotocol => $config->{'auth_method'}
|
|
);
|
|
}elsif ($config->{'sec_level'} =~ /^authPriv$/i){
|
|
($target, $error) = Net::SNMP->session(
|
|
-hostname => $config->{'host'},
|
|
-port => $config->{'port'},
|
|
-version => $config->{'version'},
|
|
-timeout => $config->{'timeout'},
|
|
-translate => 0,
|
|
-username => $config->{'user'},
|
|
-authpassword => $config->{'auth_pass'},
|
|
-authprotocol => $config->{'auth_method'},
|
|
-privpassword => $config->{'priv_pass'},
|
|
-privprotocol => $config->{'priv_method'}
|
|
);
|
|
}
|
|
}
|
|
|
|
|
|
return ($target, $error);
|
|
}
|
|
|
|
sub snmp_walk {
|
|
my ($target, $oid) = @_;
|
|
my $result = {};
|
|
|
|
my $walk = $target->get_table(
|
|
-baseoid => $oid,
|
|
);
|
|
|
|
if (defined($walk)){
|
|
$result = $walk;
|
|
}
|
|
|
|
return $result;
|
|
}
|
|
|
|
sub snmp_get {
|
|
my ($target, $oid) = @_;
|
|
my $result = '';
|
|
|
|
my $get = $target->get_request(
|
|
-varbindlist => [$oid],
|
|
);
|
|
|
|
if (defined($get)){
|
|
$result = $get->{$oid};
|
|
}
|
|
|
|
return $result;
|
|
}
|
|
|
|
#
|
|
# MAIN
|
|
##############
|
|
|
|
@ARGV = map { decode(locale => $_, 1) } @ARGV if -t STDIN;
|
|
binmode STDOUT, ":encoding(console_out)" if -t STDOUT;
|
|
binmode STDERR, ":encoding(console_out)" if -t STDERR;
|
|
|
|
my %Param = ();
|
|
GetOptions(
|
|
\%Param,
|
|
# General
|
|
'community=s',
|
|
'version=s',
|
|
'host=s',
|
|
'port=s',
|
|
'timeout=s',
|
|
# Version 3
|
|
'user=s',
|
|
'authMethod=s',
|
|
'authPass=s',
|
|
'privMethod=s',
|
|
'privPass=s',
|
|
'secLevel=s',
|
|
# Process
|
|
'process=s',
|
|
# Help option
|
|
'Help',
|
|
);
|
|
|
|
if ($Param{Help}){
|
|
print $HELP;
|
|
exit 0;
|
|
}
|
|
|
|
my $config;
|
|
|
|
# General parameters
|
|
$config->{'community'} = $Param{community} || '';
|
|
$config->{'version'} = $Param{version} || '';
|
|
$config->{'host'} = $Param{host} || '';
|
|
$config->{'port'} = $Param{port} || '161';
|
|
$config->{'timeout'} = $Param{timeout} || '2';
|
|
|
|
# Version 3 parameters
|
|
$config->{'auth_method'} = $Param{authMethod} || '';
|
|
$config->{'user'} = $Param{user} || '';
|
|
$config->{'auth_pass'} = $Param{authPass} || '';
|
|
$config->{'priv_method'} = $Param{privMethod} || '';
|
|
$config->{'priv_pass'} = $Param{privPass} || '';
|
|
$config->{'sec_level'} = $Param{secLevel} || '';
|
|
|
|
$config->{'auth_method'} = uc($config->{'auth_method'});
|
|
$config->{'priv_method'} = uc($config->{'priv_method'});
|
|
|
|
# Operation
|
|
my $process = $Param{process} || '';
|
|
|
|
# Verify parameters
|
|
if (!$config->{'host'} || !$config->{'version'} || !$process){
|
|
print $HELP;
|
|
print "Host, version and process are required.\n";
|
|
exit 1;
|
|
}
|
|
|
|
if ($config->{'version'} ne '1' && $config->{'version'} ne '2c' && $config->{'version'} ne '3'){
|
|
print $HELP;
|
|
print "Invalid SNMP version provided.\n";
|
|
exit 1;
|
|
}
|
|
|
|
if ($config->{'version'} eq '1' || $config->{'version'} eq '2c'){
|
|
if (!$config->{'community'}){
|
|
print $HELP;
|
|
print "SNMP community required for version 1 or 2c.\n";
|
|
exit 1;
|
|
}
|
|
}
|
|
|
|
if ($config->{'version'} eq '3'){
|
|
if ($config->{'sec_level'} =~ /^noAuthNoPriv$/i){
|
|
if (!$config->{'user'}){
|
|
print $HELP;
|
|
print "Username required for SNMP version 3 and security level 'noAuthNoPriv'.\n";
|
|
exit 1;
|
|
}
|
|
}elsif ($config->{'sec_level'} =~ /^authNoPriv$/i){
|
|
if (!$config->{'user'} && !$config->{'auth_pass'} && !$config->{'auth_method'}){
|
|
print $HELP;
|
|
print "Username, authentication password and authentication method required for SNMP version 3 and security level 'authNoPriv'.\n";
|
|
exit 1;
|
|
}
|
|
}elsif ($config->{'sec_level'} =~ /^authPriv$/i){
|
|
if (!$config->{'user'} && !$config->{'auth_pass'} && !$config->{'auth_method'} && !$config->{'priv_pass'} && !$config->{'priv_method'}){
|
|
print $HELP;
|
|
print "Username, authentication password, authentication method, privacy password and privacy method required for SNMP version 3 and security level 'authPriv'.\n";
|
|
exit 1;
|
|
}
|
|
}else{
|
|
print $HELP;
|
|
print "Invalid SNMP security level provided for version 3.\n";
|
|
exit 1;
|
|
}
|
|
|
|
if ($config->{'auth_method'} && $config->{'auth_method'} ne 'MD5' && $config->{'auth_method'} ne 'SHA'){
|
|
print $HELP;
|
|
print "Invalid SNMP authentication method provided for version 3.\n";
|
|
exit 1;
|
|
}
|
|
|
|
if ($config->{'priv_method'} && $config->{'priv_method'} ne 'DES' && $config->{'priv_method'} ne 'AES'){
|
|
print $HELP;
|
|
print "Invalid SNMP privacy method provided for version 3.\n";
|
|
exit 1;
|
|
}
|
|
}
|
|
|
|
# Create SNMP target
|
|
my ($target, $error) = new_snmp_target($config);
|
|
|
|
if (!$target){
|
|
print $error . "\n";
|
|
exit 1;
|
|
}
|
|
|
|
# Get all running processes
|
|
my $processes = snmp_walk($target, '.1.3.6.1.2.1.25.4.2.1.2');
|
|
|
|
my $result = 0;
|
|
|
|
# Search process name
|
|
foreach my $k (keys %{$processes}){
|
|
if ($processes->{$k} eq $process){
|
|
$result = 1;
|
|
last;
|
|
}
|
|
}
|
|
|
|
print $result . "\n"; |