Announcement

Collapse
No announcement yet.

Pb exécution plugin perl

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Pb exécution plugin perl

    Bonjour,

    je développe des plugin en perl afin de superviser des paramètres spécifiques sur des équipements réseaux via snmp.

    Je veux ici détecter la configuration de certains ports d'un switch en vérifiant au préalable dans un fichier texte si le port ne fait pas parti d'une liste d'exeption.

    Pour que mon plugin lise ce fichier texte, j'utilise:


    Code:
    use Net::SNMP;
    use Getopt::Long;
    
    
    my $exep = "./test";
    my @lect = undef;
    
    sub lecture{
        open (IN, $exep) || die "impossible de lire le fichier d'exeptions, erreur: $!";
        @lect = <IN>;
        close IN;
    
    }


    lorsque je teste mon plugin dans mon shell (./monplugin.pl), j'obtiens le résultat escompté...
    mais lorsque j'intègre ce plugin à Nagios et que ce dernier l'exécute, Nagios me retourne une erreur du style le fichier n'existe pas (je mettrai le msg exact demain :-D )...

    apparement l'instruction open n'est pas interprété correctement par l'ePN de Nagios...

    Pour le moment j'ai remplacé ce sous programme par du shell mais bon c'est pas très beau et en therme de performance c'est pas vraiment des plus efficace.


    Si vous avez rencontré le même problème ou avez une solution, je suis preneur

    A+ boblemarin

  • #2
    Tu as la possibilité de mettre ton plugins a dispo que l'on puisse également tester ?

    En plus ca pourrai etre cool de les mettres a dispo de tout le monde (contrib power)
    Centreon 2.x

    Comment


    • #3
      Salut,
      Voici mes petites productions, je me suis basé sur le code d'un plugin mis en ligne sur le site de manubulon.
      Le code ne doit pas être optimisé (je débute en perl ) et faiblement commenté.

      Voici le plugin (son but est de détecter et lister les ports des switchs n'ayant pas port security activé tout en tenant compte d'une liste d'exeption) posant problème, plus précisément la fonction lecture qui me renvoie l'erreur suivante Aucun fichier ou répertoire de ce type at (eval 1) line 108,". alors que lorsque je lance ce plugin via le shell je n'ai aucun souci...

      Code:
         #! /usr/bin/perl -w
      
      use strict;
      use Net::SNMP;
      use Getopt::Long;
      
      
      use utils qw(%ERRORS $TIMEOUT);
      
      #Definition des OID a surveiller
      
      #5000 (CISCO-STACK-MIB)
      my $modIndexoid = '1.3.6.1.4.1.9.5.1.3.1.1.1';
      my $modNumPortoid = '1.3.6.1.4.1.9.5.1.3.1.1.14';
      my $AdmStaoid = '1.3.6.1.4.1.9.5.1.10.1.1.3';
      my $ViolPoloid = '1.3.6.1.4.1.9.5.1.10.1.1.10';
      
      #2900 (CISCO-C2900-MIB)
      my $PortUsaoid = '1.3.6.1.4.1.9.9.87.1.4.1.1.3';
      my $ViolAct2900oid = '1.3.6.1.4.1.9.9.87.1.4.1.1.26';
      
      #2960 (CISCO-PORT-SECURITY-MIB)
      my $SecEnaoid = '1.3.6.1.4.1.9.9.315.1.2.1.1.1';
      my $ViolActoid = '1.3.6.1.4.1.9.9.315.1.2.1.1.8';
      
      
      #Definition des etat sur 5000, 6500 et LS ATTENTION les indices changent entre les equipements
      my @C5000_etat = ("","UNKNOWN","OK","WARNING","CRITICAL");
      my @C6500_etat = ("","NORMAL","WARNING","CRITICAL","SHUTDOWN","NOT-PRESENT","NOT-FUNCTIONING");
      my @LS_etat = ("","UNKNOWN","OK","FAULT","FAN-ALARM","PARTIAL-FAULT","EMPTY");
      
      #Fichier des ports non securises volontairement
      
      my $exep = "./test";
      my @lect = undef;
      
      # Globals
      my $Version='0';
      
      my $o_host = 	undef; 		# hostname
      my $o_community = undef; 	# community
      my $o_group = 	undef; 		# hostgroup (2900,2960,5000,6500)
      my $o_port = 	161; 		# port
      my $o_help=	undef; 		# wan't some help ?
      #my $o_verb=	undef;		# verbose mode
      my $o_version=	undef;		# print version
      my $o_timeout=  undef; 		# Timeout (Default 5)
      my $o_perf=     undef;          # Output performance data
      my $o_version2= undef;          # use snmp v2c
      
      # SNMPv3 specific
      my $o_login=	undef;		# Login for snmpv3
      my $o_passwd=	undef;		# Pass for snmpv3
      my $v3protocols=undef;	        # V3 protocol list.
      my $o_authproto='md5';		# Auth protocol
      my $o_privproto='des';		# Priv protocol
      my $o_privpass= undef;		# priv password
      
      
      #Fonctions
      sub p_version { print "check_snmp_env5000 version : $Version\n"; }
      
      sub print_usage {
          print "Usage: $0 [-v] -H <host> -C <snmp_community> -G <hostgroup> [-2] | (-l login -x passwd [-X pass -L <authp>,<privp>]) \n";
      }
      
      sub check_options {
          Getopt::Long::Configure ("bundling");
          GetOptions(
              'H:s'   => \$o_host,		'hostname:s'	=> \$o_host,
              'C:s'   => \$o_community,	'community:s'	=> \$o_community,
              'G:s'   => \$o_group,   	'group:s'	=> \$o_group,
      	'l:s'	=> \$o_login,		'login:s'	=> \$o_login,
      	'x:s'	=> \$o_passwd,		'passwd:s'	=> \$o_passwd,
      	'X:s'	=> \$o_privpass,	'privpass:s'	=> \$o_privpass,
      	'L:s'	=> \$v3protocols,	'protocols:s'	=> \$v3protocols,
              't:i'   => \$o_timeout,       	'timeout:i'     => \$o_timeout,
      	'V'	=> \$o_version,		'version'	=> \$o_version,
      	'2'     => \$o_version2,        'v2c'           => \$o_version2,
      	);
      
      
          
         
      #Basic checks
            if (defined ($o_help) ) { help(); exit $ERRORS{"UNKNOWN"}};
            if (defined($o_version)) { p_version(); exit $ERRORS{"UNKNOWN"}};
            if ( ! defined($o_host) || ! defined($o_group)) # check host and filter 
            { print_usage(); exit $ERRORS{"UNKNOWN"}}
            if (!defined ($o_timeout)) {$o_timeout='1'}; #Si pas de timeout on le definit
      #Check snmp information
            if ( !defined($o_community) && (!defined($o_login) || !defined($o_passwd)) )
            { print "Put snmp login info!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
            if ((defined($o_login) || defined($o_passwd)) && (defined($o_community) || defined($o_version2)) )
            { print "He gamin melange pas snmp v1,2c,3 !!!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
            if (defined ($v3protocols)) {
      	  if (!defined($o_login)) { print "Put snmp V3 login info with protocols!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
      	  my @v3proto=split(/,/,$v3protocols);
      	  if ((defined ($v3proto[0])) && ($v3proto[0] ne "")) {$o_authproto=$v3proto[0];	} # Auth protocol
      	  if (defined ($v3proto[1])) {$o_privproto=$v3proto[1];	}	# Priv  protocol
      	  if ((defined ($v3proto[1])) && (!defined($o_privpass))) {
      	    print "Put snmp V3 priv login info with priv protocols!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
      	}
      }
      
      sub lecture{
          open (IN, $exep) or die "impossible de lire le fichier d'exeptions, erreur: $!";
          @lect = <IN>;
          chomp @lect;
          close IN;
      }
      
      ##MAIN
      
      check_options();
      
      ###Connexion SNMP
      my ($session,$error);
      if ( defined($o_login) && defined($o_passwd)) {
      # SNMPv3 login
      #  verb("SNMPv3 login");
          if (!defined ($o_privpass)) {
      #  verb("SNMPv3 AuthNoPriv login : $o_login, $o_authproto");
          ($session, $error) = Net::SNMP->session(
            -hostname   	=> $o_host,
            -version		=> '3',
            -username		=> $o_login,
            -authpassword	=> $o_passwd,
            -authprotocol	=> $o_authproto,
            -timeout          => $o_timeout
          );  
        } else {
          verb("SNMPv3 AuthPriv login : $o_login, $o_authproto, $o_privproto");
          ($session, $error) = Net::SNMP->session(
            -hostname   	=> $o_host,
            -version		=> '3',
            -username		=> $o_login,
            -authpassword	=> $o_passwd,
            -authprotocol	=> $o_authproto,
            -privpassword	=> $o_privpass,
            -privprotocol     => $o_privproto,
            -timeout          => $o_timeout
          );
        }
      } else {
      	if (defined ($o_version2)) {
      		# SNMPv2 Login
      #		verb("SNMP v2c login");
      		  ($session, $error) = Net::SNMP->session(
      		 -hostname  => $o_host,
      		 -version   => 2,
      		 -community => $o_community,
      		 -port      => $o_port,
      		 -timeout   => $o_timeout
      		);
        	} else {
      	  # SNMPV1 login
      #	  verb("SNMP v1 login");
      	  ($session, $error) = Net::SNMP->session(
      		-hostname  => $o_host,
      		-community => $o_community,
      		-port      => $o_port,
      		-timeout   => $o_timeout
      	  );
      	}
      }
      
      
      ###########
      
      if (!defined($session)) {
          printf("ERROR: %s.\n", $error);
          exit 1;
      }
      
      lecture();
      
      ##POUR LES 2900
      if ($o_group eq "C2900") {
      
          my $PortSec2900 = $session->get_table(Baseoid => $PortUsaoid);
          my $ViolAct2900 = $session->get_table(Baseoid => $ViolAct2900oid);
          my $a = 0;
      
          for (my $i = 1; $i<=24; $i++){
      	my $Adm = $$PortSec2900{$PortUsaoid.".0.".$i};
      	my $Act = $$ViolAct2900{$ViolAct2900oid.".0.".$i};
      
      	if ($Adm != "2" && $Act != "4"){
      
      	    foreach my $lign (@lect){
      
      		if ($lign =~ /$o_host/){
      		    if ($lign =~ /0\/$i/){}	
      		    else {
      			print " 0/$i,";
      			$a = 1;
      		    }
      		}
      	    }
      	}
      	
          }
          if ($a == "0"){
      	print "pas de ports non securisés";
          }
          else{
      	exit $a;
          }
      }
      
      ##POUR LES 2960
      if ($o_group eq "C2960") {
      
          my $PortSec2960 = $session->get_table(Baseoid => $SecEnaoid);
          my $ViolAct2960 = $session->get_table(Baseoid => $ViolActoid);
          my $a = 0;
      
      for (my $i = 1; $i<=9; $i++ ){
      	my $Adm = $$PortSec2960{$SecEnaoid.".1010".$i};
      	my $Act = $$ViolAct2960{$ViolActoid.".1010".$i};
      
      	if ($Adm != "1" && $Act != "1"){
      	    foreach my $lign (@lect){
      		if ($lign =~ /$o_host/){
      		    if ($lign =~ /0\/$i/){}	
      		    else {
      			print " 0/$i,";
      			$a = 1;
      		    }
      		}
      	    }      
      	}
          }
          for (my $i = 10; $i<=24; $i++ ){
      	my $Adm = $$PortSec2960{$SecEnaoid.".101".$i};
      	my $Act = $$ViolAct2960{$ViolActoid.".101".$i};
      
      	if ($Adm != "1" && $Act != "1"){
      	    foreach my $lign (@lect){
      		if ($lign =~ /$o_host/){
      		    if ($lign =~ /0\/$i/){}	
      		    else {
      			print " 0/$i,";
      			$a = 1;
      		    }
      		}
      	    }	 
      	}
          }	
      
          if ($a == "0"){
      	print "Pas de ports non sécurisés";
      	exit $a;
          }
          else{
      	exit $a;
      	}
      
          
      }
      
      ##POUR LES 5000 et 6500
      if ($o_group eq "C5000" || $o_group eq "C6500") {
      
          my $ModIndex = $session->get_table(Baseoid => $modIndexoid);
          my $NombPortMod = $session->get_table(Baseoid => $modNumPortoid);
          my $AdmSta = $session->get_table(Baseoid => $AdmStaoid);
          my $ViolPol = $session->get_table(Baseoid => $ViolPoloid);    
          my $a = 0;
      
      #    print "6500";
      
          foreach my $key (sort keys %$ModIndex) {
      	my $m = $$ModIndex{$key};
      	my $np = $$NombPortMod{$modNumPortoid.".".$m};
      
      	if ($np == 0 || $np == 1 || $np == 2){}
      	else{
      	    for (my $i = 1; $i<=$np; $i++ ){
      		my $Adm = $$AdmSta{$AdmStaoid.".".$m.".".$i};
      		my $Act = $$ViolPol{$ViolPoloid.".".$m.".".$i};
      
      		if ($Adm != "1" && $Act != "2"){
      		    if ($Adm != "1" && $Act != "1"){
      			foreach my $lign (@lect){
      			    if ($lign =~ /$o_host/){
      				if ($lign =~ /$m\/$i/){}
      				else {
      				    print " $m/$i,";
      				    $a = 1;
      				}
      			    }
      			}	 
      		    }
      		}
      	    }
      	}
          }
          if ($a == "0"){
      	print "Pas de ports non sécurisés";
      	exit $a;
          }
          else{
      	exit $a;
          }
      
      
      }
      exit;
      le fichier d'exeptions (test) se présente de la sorte et se trouve pour le moment dans le meme répertoire que le plugin:
      nom_équipement |numéros_de_port_faisant exeption

      c345_t |4/23,2/12,1/4

      Le plugin se lance en shell de la manière suivante

      ./monplugin.pl -H nom de l'host -C communautésnmp -G groupe du switch(C2900, C2960, C5000 ou C6500) j'ai fait mes premiers tests avec la catégorie C2900.

      Si vous avez des idées pour mon souci concernant ce sript je suis preneur :-D

      j'utilise Nagios 2.8 sous centos

      A+ Boblemarin
      Last edited by boblemarin; 26 April 2007, 09:33.

      Comment


      • #4
        Un plugin qui récupère l'état des alim et ventilos de switch cisco 5000, 6500 ou ls1010:

        Code:
          #! /usr/bin/perl -w
        
        use strict;
        use Net::SNMP;
        use Getopt::Long;
        
        use utils qw(%ERRORS $TIMEOUT);
        
        #Definition des OID a surveiller
        #5000
        my $PS1status5 = '1.3.6.1.4.1.9.5.1.2.4.0';
        my $PS2status5 = '1.3.6.1.4.1.9.5.1.2.7.0';
        my $FANstatus5 = '1.3.6.1.4.1.9.5.1.2.9.0';
        
        #6500
        my $FANstatus6 = '1.3.6.1.4.1.9.9.13.1.4.1.3.1';
        my $PS1status6 = '1.3.6.1.4.1.9.9.13.1.5.1.3.1';
        my $PS2status6 = '1.3.6.1.4.1.9.9.13.1.5.1.3.2';
        
        #LS1010
        my $FANstatusLS = '1.3.6.1.4.1.9.5.11.1.1.11.0';
        my $PS1statusLS = '1.3.6.1.4.1.9.5.11.1.1.5.0';
        my $PS2statusLS = '1.3.6.1.4.1.9.5.11.1.1.9.0';
        
        
        #Variables
        my $FAN = "";
        my $PS1 = "";
        my $PS2 = "";
        
        
        #Definition des etat sur 5000 ATTENTION les indices changent entre les equipements
        my @C5000_etat = ("","UNKNOWN","OK","WARNING","CRITICAL");
        my @C6500_etat = ("","NORMAL","WARNING","CRITICAL","SHUTDOWN","NOT-PRESENT","NOT-FUNCTIONING");
        my @LS_etat = ("","UNKNOWN","OK","FAULT","FAN-ALARM","PARTIAL-FAULT","EMPTY");
        
        # Globals
        my $Version='0';
        
        my $o_host = 	undef; 		# hostname
        my $o_community = undef; 	# community
        my $o_port = 	161; 		# port
        my $o_help=	undef; 		# wan't some help ?
        #my $o_verb=	undef;		# verbose mode
        my $o_version=	undef;		# print version
        my $o_timeout=  undef; 		# Timeout (Default 5)
        my $o_perf=     undef;          # Output performance data
        my $o_version2= undef;          # use snmp v2c
        
        # SNMPv3 specific
        my $o_login=	undef;		# Login for snmpv3
        my $o_passwd=	undef;		# Pass for snmpv3
        my $v3protocols=undef;	        # V3 protocol list.
        my $o_authproto='md5';		# Auth protocol
        my $o_privproto='des';		# Priv protocol
        my $o_privpass= undef;		# priv password
        
        
        #Fonctions
        sub p_version { print "check_snmp_env5000 version : $Version\n"; }
        
        sub print_usage {
            print "Usage: $0 [-v] -H <host> -C <snmp_community> [-2] | (-l login -x passwd [-X pass -L <authp>,<privp>]) \n";
        }
        
        sub check_options {
            Getopt::Long::Configure ("bundling");
            GetOptions(
                'H:s'   => \$o_host,		'hostname:s'	=> \$o_host,
                'C:s'   => \$o_community,	'community:s'	=> \$o_community,
        	'l:s'	=> \$o_login,		'login:s'	=> \$o_login,
        	'x:s'	=> \$o_passwd,		'passwd:s'	=> \$o_passwd,
        	'X:s'	=> \$o_privpass,	'privpass:s'	=> \$o_privpass,
        	'L:s'	=> \$v3protocols,	'protocols:s'	=> \$v3protocols,
                't:i'   => \$o_timeout,       	'timeout:i'     => \$o_timeout,
        	'V'	=> \$o_version,		'version'	=> \$o_version,
        	'2'     => \$o_version2,        'v2c'           => \$o_version2,
        	);
        
        
            
           
        #Basic checks
              if (defined ($o_help) ) { help(); exit $ERRORS{"UNKNOWN"}};
              if (defined($o_version)) { p_version(); exit $ERRORS{"UNKNOWN"}};
              if ( ! defined($o_host) ) # check host and filter 
              { print_usage(); exit $ERRORS{"UNKNOWN"}}
              if (!defined ($o_timeout)) {$o_timeout='1'}; #Si pas de timeout on le definit
        #Check snmp information
              if ( !defined($o_community) && (!defined($o_login) || !defined($o_passwd)) )
              { print "Put snmp login info!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
              if ((defined($o_login) || defined($o_passwd)) && (defined($o_community) || defined($o_version2)) )
              { print "He gamin melange pas snmp v1,2c,3 !!!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
              if (defined ($v3protocols)) {
        	  if (!defined($o_login)) { print "Put snmp V3 login info with protocols!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
        	  my @v3proto=split(/,/,$v3protocols);
        	  if ((defined ($v3proto[0])) && ($v3proto[0] ne "")) {$o_authproto=$v3proto[0];	} # Auth protocol
        	  if (defined ($v3proto[1])) {$o_privproto=$v3proto[1];	}	# Priv  protocol
        	  if ((defined ($v3proto[1])) && (!defined($o_privpass))) {
        	    print "Put snmp V3 priv login info with priv protocols!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
        	}
        }
        
        ##MAIN
        
        check_options();
        
        ###Connexion SNMP
        my ($session,$error);
        if ( defined($o_login) && defined($o_passwd)) {
        # SNMPv3 login
        #  verb("SNMPv3 login");
            if (!defined ($o_privpass)) {
        #  verb("SNMPv3 AuthNoPriv login : $o_login, $o_authproto");
            ($session, $error) = Net::SNMP->session(
              -hostname   	=> $o_host,
              -version		=> '3',
              -username		=> $o_login,
              -authpassword	=> $o_passwd,
              -authprotocol	=> $o_authproto,
              -timeout          => $o_timeout
            );  
          } else {
            verb("SNMPv3 AuthPriv login : $o_login, $o_authproto, $o_privproto");
            ($session, $error) = Net::SNMP->session(
              -hostname   	=> $o_host,
              -version		=> '3',
              -username		=> $o_login,
              -authpassword	=> $o_passwd,
              -authprotocol	=> $o_authproto,
              -privpassword	=> $o_privpass,
              -privprotocol     => $o_privproto,
              -timeout          => $o_timeout
            );
          }
        } else {
        	if (defined ($o_version2)) {
        		# SNMPv2 Login
        #		verb("SNMP v2c login");
        		  ($session, $error) = Net::SNMP->session(
        		 -hostname  => $o_host,
        		 -version   => 2,
        		 -community => $o_community,
        		 -port      => $o_port,
        		 -timeout   => $o_timeout
        		);
          	} else {
        	  # SNMPV1 login
        #	  verb("SNMP v1 login");
        	  ($session, $error) = Net::SNMP->session(
        		-hostname  => $o_host,
        		-community => $o_community,
        		-port      => $o_port,
        		-timeout   => $o_timeout
        	  );
        	}
        }
        
        
        ###########
        
        if (!defined($session)) {
            printf("ERROR: %s.\n", $error);
            exit 1;
        }
        #On recupere les valeur des OID
        my $resultLS = $session->get_request (-varbindlist => [$PS1statusLS,$PS2statusLS,$FANstatusLS]);
        my $result5 = $session->get_request (-varbindlist => [$PS1status5,$PS2status5,$FANstatus5]);
        my $result6 = $session->get_request (-varbindlist => [$PS1status6,$PS2status6,$FANstatus6]);
        
        
        #Si aucun OID valide on quitte en Warning
        if (!defined($result5)&&!defined($result6)&&!defined($resultLS)) {
             printf("ERROR: %s.\n", $session->error);
             $session->close;
             exit 1;
        }
        
        
        ##SELECTION LS1010
        if (!defined($result5)&&!defined($result6)) {
            $FAN = $resultLS->{$FANstatusLS};
            $PS1 = $resultLS->{$PS1statusLS};
            $PS2 = $resultLS->{$PS2statusLS};  
            print "RACK VENTILO: ",$LS_etat[$FAN],",  ALIM1: ",$LS_etat[$PS1],",  ALIM2: ",$LS_etat[$PS2],"\n";
        
            if ($FAN==3||$PS1==3||$PS2==3) {
        	exit 2;  #Si fault sur un des 3 on renvoie CRITICAL a Nagios
            }
            if (($FAN==4||$PS1==4||$PS2==4)||($FAN==5||$PS1==5||$PS2==5)) {
        	exit 1; #Si Fan alarm ou PartialFault sur un des 3 on renvoie Warning a Nagios
            }
            elsif ($FAN==2&&($PS1==2||$PS2==2)) {
        	exit 0; #Si FAN OK et 1 des 2 ALIM OK n renvoie OK a Nagios
            } else {
        	exit 3; #Cas non prevu
            }
        }
        
        ##SELECTION C5000
        elsif (!defined($resultLS)&&!defined($result6)) {
            $FAN = $result5->{$FANstatus5};
            $PS1 = $result5->{$PS1status5};
            $PS2 = $result5->{$PS2status5};  
            print "RACK VENTILO: ",$C5000_etat[$FAN],",  ALIM1: ",$C5000_etat[$PS1],",  ALIM2: ",$C5000_etat[$PS2],"\n";
         
            if ($FAN==4||$PS1==4||$PS2==4) {
        	exit 2;  #Si major-fault sur un des 3 on renvoie CRITICAL a Nagios
            }
            if ($FAN==3||$PS1==3||$PS2==3) {
        	exit 1; #Si min-fault sur un des 3 on renvoie Warning a Nagios
            }
            elsif ($FAN==2&&($PS1==2||$PS2==2)) {
        	exit 0; #Si FAN OK et 1 des 2 ALIM OK n renvoie OK a Nagios
            } else {
        	exit 3; #Cas non prevu
            }
        }
        
        ##SELECTION C6500
        else {
            $FAN = $result6->{$FANstatus6};
            $PS1 = $result6->{$PS1status6};
            $PS2 = $result6->{$PS2status6};  
            print "RACK VENTILO: ",$C6500_etat[$FAN],",  ALIM1: ",$C6500_etat[$PS1],",  ALIM2: ",$C6500_etat[$PS2],"\n";
        
        if ($FAN==3||$PS1==3||$PS2==3) {
        	exit 2;  #Si CRITICAL sur un des 3 on renvoie CRITICAL a Nagios
            }
            if (($FAN==2||$PS1==2||$PS2==2)||($FAN==6||$PS1==6||$PS2==6)) {
        	exit 1; #Si WARNING ou NOT-FUNCTIONING sur un des 3 on renvoie Warning a Nagios
            }
            elsif ($FAN==1&&($PS1==1||$PS2==1)) {
        	exit 0; #Si FAN OK et 1 des 2 ALIM OK n renvoie OK a Nagios
            } else {
        	exit 3; #Cas non prevu
            }
        }

        Comment


        • #5
          Voici un plugin vérifiant les ports des switchs et retournant une liste des ports bloqués par port sécurity:

          Code:
            #! /usr/bin/perl -w
          
          use strict;
          use Net::SNMP;
          use Getopt::Long;
          
          
          use utils qw(%ERRORS $TIMEOUT);
          
          #Definition des OID a surveiller
          
          #5000 (CISCO-STACK-MIB)
          my $modIndexoid = '1.3.6.1.4.1.9.5.1.3.1.1.1';
          my $modNumPortoid = '1.3.6.1.4.1.9.5.1.3.1.1.14';
          my $AdmStaoid = '1.3.6.1.4.1.9.5.1.10.1.1.3';
          my $OpeStaoid = '1.3.6.1.4.1.9.5.1.10.1.1.4';
          
          #2924 (CISCO-C2900-MIB)
          my $PortUsaoid = '1.3.6.1.4.1.9.9.87.1.4.1.1.3';
          my $PortAddrSecoid = '1.3.6.1.4.1.9.9.87.1.4.1.1.12';
          
          #2960 (CISCO-PORT-SECURITY-MIB)
          my $SecEnaoid = '1.3.6.1.4.1.9.9.315.1.2.1.1.1';
          my $SecStaoid = '1.3.6.1.4.1.9.9.315.1.2.1.1.2';
          
          
          #Definition des etat sur 5000, 6500 et LS ATTENTION les indices changent entre les equipements
          my @C5000_etat = ("","UNKNOWN","OK","WARNING","CRITICAL");
          my @C6500_etat = ("","NORMAL","WARNING","CRITICAL","SHUTDOWN","NOT-PRESENT","NOT-FUNCTIONING");
          my @LS_etat = ("","UNKNOWN","OK","FAULT","FAN-ALARM","PARTIAL-FAULT","EMPTY");
          
          # Globals
          my $Version='0';
          
          my $o_host = 	undef; 		# hostname
          my $o_community = undef; 	# community
          my $o_port = 	161; 		# port
          my $o_help=	undef; 		# wan't some help ?
          #my $o_verb=	undef;		# verbose mode
          my $o_version=	undef;		# print version
          my $o_timeout=  undef; 		# Timeout (Default 5)
          my $o_perf=     undef;          # Output performance data
          my $o_version2= undef;          # use snmp v2c
          
          # SNMPv3 specific
          my $o_login=	undef;		# Login for snmpv3
          my $o_passwd=	undef;		# Pass for snmpv3
          my $v3protocols=undef;	        # V3 protocol list.
          my $o_authproto='md5';		# Auth protocol
          my $o_privproto='des';		# Priv protocol
          my $o_privpass= undef;		# priv password
          
          
          #Fonctions
          sub p_version { print "check_snmp_env5000 version : $Version\n"; }
          
          sub print_usage {
              print "Usage: $0 [-v] -H <host> -C <snmp_community> [-2] | (-l login -x passwd [-X pass -L <authp>,<privp>]) \n";
          }
          
          sub check_options {
              Getopt::Long::Configure ("bundling");
              GetOptions(
                  'H:s'   => \$o_host,		'hostname:s'	=> \$o_host,
                  'C:s'   => \$o_community,	'community:s'	=> \$o_community,
          	'l:s'	=> \$o_login,		'login:s'	=> \$o_login,
          	'x:s'	=> \$o_passwd,		'passwd:s'	=> \$o_passwd,
          	'X:s'	=> \$o_privpass,	'privpass:s'	=> \$o_privpass,
          	'L:s'	=> \$v3protocols,	'protocols:s'	=> \$v3protocols,
                  't:i'   => \$o_timeout,       	'timeout:i'     => \$o_timeout,
          	'V'	=> \$o_version,		'version'	=> \$o_version,
          	'2'     => \$o_version2,        'v2c'           => \$o_version2,
          	);
          
          
              
             
          #Basic checks
                if (defined ($o_help) ) { help(); exit $ERRORS{"UNKNOWN"}};
                if (defined($o_version)) { p_version(); exit $ERRORS{"UNKNOWN"}};
                if ( ! defined($o_host) ) # check host and filter 
                { print_usage(); exit $ERRORS{"UNKNOWN"}}
                if (!defined ($o_timeout)) {$o_timeout='1'}; #Si pas de timeout on le definit
          #Check snmp information
                if ( !defined($o_community) && (!defined($o_login) || !defined($o_passwd)) )
                { print "Put snmp login info!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
                if ((defined($o_login) || defined($o_passwd)) && (defined($o_community) || defined($o_version2)) )
                { print "He gamin melange pas snmp v1,2c,3 !!!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
                if (defined ($v3protocols)) {
          	  if (!defined($o_login)) { print "Put snmp V3 login info with protocols!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
          	  my @v3proto=split(/,/,$v3protocols);
          	  if ((defined ($v3proto[0])) && ($v3proto[0] ne "")) {$o_authproto=$v3proto[0];	} # Auth protocol
          	  if (defined ($v3proto[1])) {$o_privproto=$v3proto[1];	}	# Priv  protocol
          	  if ((defined ($v3proto[1])) && (!defined($o_privpass))) {
          	    print "Put snmp V3 priv login info with priv protocols!\n"; print_usage(); exit $ERRORS{"UNKNOWN"}}
          	}
          }
          
          ##MAIN
          
          check_options();
          
          ###Connexion SNMP
          my ($session,$error);
          if ( defined($o_login) && defined($o_passwd)) {
          # SNMPv3 login
          #  verb("SNMPv3 login");
              if (!defined ($o_privpass)) {
          #  verb("SNMPv3 AuthNoPriv login : $o_login, $o_authproto");
              ($session, $error) = Net::SNMP->session(
                -hostname   	=> $o_host,
                -version		=> '3',
                -username		=> $o_login,
                -authpassword	=> $o_passwd,
                -authprotocol	=> $o_authproto,
                -timeout          => $o_timeout
              );  
            } else {
              verb("SNMPv3 AuthPriv login : $o_login, $o_authproto, $o_privproto");
              ($session, $error) = Net::SNMP->session(
                -hostname   	=> $o_host,
                -version		=> '3',
                -username		=> $o_login,
                -authpassword	=> $o_passwd,
                -authprotocol	=> $o_authproto,
                -privpassword	=> $o_privpass,
                -privprotocol     => $o_privproto,
                -timeout          => $o_timeout
              );
            }
          } else {
          	if (defined ($o_version2)) {
          		# SNMPv2 Login
          #		verb("SNMP v2c login");
          		  ($session, $error) = Net::SNMP->session(
          		 -hostname  => $o_host,
          		 -version   => 2,
          		 -community => $o_community,
          		 -port      => $o_port,
          		 -timeout   => $o_timeout
          		);
            	} else {
          	  # SNMPV1 login
          #	  verb("SNMP v1 login");
          	  ($session, $error) = Net::SNMP->session(
          		-hostname  => $o_host,
          		-community => $o_community,
          		-port      => $o_port,
          		-timeout   => $o_timeout
          	  );
          	}
          }
          
          
          ###########
          
          if (!defined($session)) {
              printf("ERROR: %s.\n", $error);
              exit 1;
          }
          
          my $ModIndex = $session->get_table(Baseoid => $modIndexoid);
          my $NombPortMod = $session->get_table(Baseoid => $modNumPortoid);
          my $AdmSta = $session->get_table(Baseoid => $AdmStaoid);
          my $OpeSta = $session->get_table(Baseoid => $OpeStaoid);
          
          my $PortSec2900 = $session->get_table(Baseoid => $PortUsaoid);
          my $NbViol2900 = $session->get_table(Baseoid => $PortAddrSecoid);
          
          my $PortSec2960 = $session->get_table(Baseoid => $SecEnaoid);
          my $NbViol2960 = $session->get_table(Baseoid => $SecStaoid);
          
          
          
          
          if ((!defined($ModIndex)&&!defined($NombPortMod))&&(!defined($PortSec2900)&&!defined($NbViol2900))&&(!defined($PortSec2960)&&!defined($NbViol2960))) {
              printf("ERROR: %s.\n", $session->error);
              $session->close;
              exit 0;
          } 
          
          
          
          ##POUR LES 5000
          if ((!defined($PortSec2960) && !defined($NbViol2960)) && (!defined($PortSec2900) && !defined($NbViol2900))) {
              my $a = 0;
          #    print "5000";
              foreach my $key (sort keys %$ModIndex) {
          	my $m = $$ModIndex{$key};
          	my $np = $$NombPortMod{$modNumPortoid.".".$m};
          
          	if ($np == 0 || $np == 1 || $np == 2){}
          	else{
          	    for (my $i = 1; $i<=$np; $i++ ){
          		my $Adm = $$AdmSta{$AdmStaoid.".".$m.".".$i};
          		my $Ope = $$OpeSta{$OpeStaoid.".".$m.".".$i};
          
          		if ($Adm == "1" && $Ope == "2"){
          		    print " $m/$i  ";
          		    $a = 1;
          		}
          	    }
          	}
              }
              if ($a == "0"){
          	print "Pas de ports bloqués";
          	exit $a;
              }
              else{
          	exit $a;
              }
          }
          
          ##POUR LES 2960
          if ((!defined($PortSec2900)&&!defined($NbViol2900)) && (!defined($OpeSta)&&!defined($AdmSta))) {
              my $a = 0;
           #   print "2960";
              for (my $i = 1; $i<=9; $i++ ){
          	my $Adm = $$PortSec2960{$SecEnaoid.".1010".$i};
          	my $Viol = $$NbViol2960{$SecStaoid.".1010".$i};
          
          	if ($Adm == "1" && $Viol == "3"){
          	    print " 0/$i  ";
          	    $a = 1;
          	}
              }
              for (my $i = 10; $i<=24; $i++ ){
          	my $Adm = $$PortSec2960{$SecEnaoid.".101".$i};
          	my $Viol = $$NbViol2960{$SecStaoid.".101".$i};
          
          	if ($Adm == "1" && $Viol == "3"){
          	    print " 0/$i  ";
          	    $a = 1;
          	}
              }	
          
              if ($a == "0"){
          	print "Pas de ports bloqués";
          	exit $a;
              }
              else{
          	exit $a;
          	}    
          }
          
          ##POUR LES 6500
          if ((!defined($PortSec2900) && !defined($NbViol2900)) && (defined($PortSec2960) && defined($NbViol2960))  && (defined($ModIndex) && defined($NombPortMod)) && (defined($AdmSta) && defined($OpeSta))) {
              my $a = 0;
          #    print "6500";
              foreach my $key (sort keys %$ModIndex) {
          	my $m = $$ModIndex{$key};
          	my $np = $$NombPortMod{$modNumPortoid.".".$m};
          
          	if ($np == 0 || $np == 1 || $np == 2){}
          	else{
          	    for (my $i = 1; $i<=$np; $i++ ){
          		my $Adm = $$AdmSta{$AdmStaoid.".".$m.".".$i};
          		my $Ope = $$OpeSta{$OpeStaoid.".".$m.".".$i};
          
          		if ($Adm == "1" && $Ope == "2"){
          		    print " $m/$i  ";
          		    $a = 1;
          		}
          	    }
          	}
              }
              if ($a == "0"){
          	print "Pas de ports bloqués";
          	exit $a;
              }
              else{
          	exit $a;
              }
          }
          
          
          
          ##POUR LES 2924   encore quelques problemes du au compteur NbViol ne se ##réinitialisant pas
          if ((!defined($ModIndex)&& !defined($NombPortMod))&&(!defined($PortSec2960)&&!defined($NbViol2960))) {
              my $a = 0;
              print "2924";
              for (my $i = 1; $i<=24; $i++ ){
          	my $Adm = $$PortSec2900{$PortUsaoid.".0.".$i};
          	my $Viol = $$NbViol2900{$PortAddrSecoid.".0.".$i};
          
          	if ($Adm == "2" && $Viol > "0"){
          	    print " 0/$i  ";
          	    $a = 1;
          	}	
              }
              if ($a == "0"){
                print "Pas de ports bloqués";
                exit $a;
              }
              else{
          	exit $a;
              }
          }
          
          print "Switch non supporté";
          exit 3;

          Voici pour mes productions elles sont orientées vers du matériel cisco.

          Comment

          Working...
          X