Build precise queries to find exactly what you need
Press ESC to close
Your review has been submitted and is pending approval.
Nagios Plugin to check Yum security updates on RHEL5/6/7 based servers
Current Version
Last Release Date
January 4, 2016
Owner
Hari Sekhon
Website
https://github.com/harisekhon/nagios-plugins
Download URL
Compatible With
Part of the Advanced Nagios Plugins Collection
Download it here:
check_yum.pl
This is a rewrite of my original Python version for RHEL5 from early 2008
Code is much shorter, a third the number of lines, and leverages my personal library for better validation, option/usage and self timeout handling
See also: check_yum.py (the original, also part of the Advanced Nagios Plugins Collection)
Tested on CentOS 5 / 6 / 7
usage: check_yum.pl [ options ]
-A --all-updates Does not distinguish between security and non-security updates, but returns critical for any available update. This may be used if the yum security plugin is absent or you want to maintain every single package at the latest version. You may want to use --warn-on-any-update instead of this option -W --warn-on-any-update Warns if there are any (non-security) package updates available. By default only warns when security related updates are available. If --all-updates is used, then this option is redundant as --all-updates will return a critical result on any available update, whereas using this switch still allows you to differentiate between the severity of updates -C --cache-only Run entirely from cache and do not update the cache when running yum. Useful if you have 'yum makecache' cronned so that the nagios check itself doesn't have to do it, possibly speeding up execution (by 1-2 seconds in tests) -N --no-warn-on-lock Return OK instead of WARNING when yum is locked and fails to check for updates due to another instance running. This is not recommended from the security standpoint, but may be wanted to reduce the number of alerts that may intermittently pop up when someone is running yum for package management -e --enablerepo Explicitly enables a repository when calling yum. Can take a comma separated list of repositories -d --disablerepo Explicitly disables a repository when calling yum. Can take a comma separated list of repositories -t --timeout Timeout in secs (default: 10) -v --verbose Verbose mode (-v, -vv, -vvv ...) -h --help Print description and usage options -V --version Print version and exit
wish I could have warning critical threshold, rewrote a simple version in bash :) #!/bin/bash # #Felipe Ferreira Jan 2017 # # First lets chceck if yum --security exists and works #MAKE SURE yum-security is installed yum --security version >/dev/null 2>&1 || { echo "I require yum-security but it's not installed. Aborting." >&2; exit 1; } #CHECK FOR ARGS if [[ $2 ]]; then WARN=$1 CRIT=$2 else echo "UNKONW - Please pass arguments, number of security patches missing it should warn or crit $0 " exit 3 fi A=$(yum -C --security check-update |grep " needed for security") C=$(echo $A|awk '{ print $1 }') if [ "$C" -gt "$CRIT" ]; then echo "CRITICAL - $A | sec=$C" exit 2 elif [ "$C" -gt "$WARN" ]; then echo "WANING - $A | sec=$C" exit 1 fi echo "OK - $A | sec=$C" exit 0
You must be logged in to submit a review.
To:
From:
We’ve completely redesigned the world’s largest repository of Nagios plugins and monitoring tools. Join thousands of users sharing monitoring solutions for servers, applications, and everything in between.
Due to our redesign, all existing accounts require a password reset to access your account again.
Ready to explore 6,100+ projects and contribute to the community?
Reset Password Create Account
Happy Monitoring!