Build precise queries to find exactly what you need
Press ESC to close
Your review has been submitted and is pending approval.
Bash shell Script for Nagios & NagiosXI, checks if the KLMS application is running OK, has a connection to the LDAP server and has it's Databases up to date. It's written as simple as posible to maintain compatibilty between different Linux OS. Verified compatible with the following OS: Ubuntu v16.04.1-5 LTS CentOS v6.10 (Final) BusyBox v1.22.1 Released under GPLv3. Author: Carlos Ijalba - 2018.
Current Version
1.04
Last Release Date
2018-08-10
Owner
Carlos Ijalba
Website
https://ijalba.wordpress.com
License
GPL
Compatible With
Bash shell Script for Nagios & NagiosXI, reports on the general KLMS health:
OK: All KLMS Databases are Up to Date, KLMS running, LDAP connected. WARNING: Database Outdated: [ AntiVirus | AntiSPAM | AntiPhishing ]. CRITICAL: Database Obsolete: [ AntiVirus | AntiSPAM | AntiPhishing ], KLMS not running, LDAP not connected. Error: KLMS couldn't be contacted, or not installed (check your PATH or install KLMS software).
If invoked without parameters, presents a usage screen.
This script is designed to consume as little CPU time as possible and to be used in different OS types.
Verified compatible with the following OS: Ubuntu v16.04.1-5 LTS CentOS v6.10 (Final) BusyBox v1.22.1
Released under GPLv3, feel free to use and modify, please give credits and references when appropriate. Author: Carlos Ijalba - 2018.
Alerts given to Nagios:
Output: 3 - Error: KLMS couldn't be contacted, or not installed. 2 - CRITICAL: Database Obsolete: [ AntiVirus | AntiSPAM | AntiPhishing ]. 1 - WARNING: Database Outdated: [ AntiVirus | AntiSPAM | AntiPhishing ], KLMS not running, LDAP not connected. 0 - OK: All KLMS Databases are Up to Date, KLMS running, LDAP connected.
It also reports the original script's name and version to nagios, so check version control can be used within nagios.
------------- SETUP:
1.- Change your command definition in the nrpe.cfg
nagios@pmimta:/usr/local/nagios/etc$ sudo cp -p nrpe.cfg nrpe.cfg.20180808 <-- always make a backup first! nagios@pmimta:/usr/local/nagios/etc$ sudo vi nrpe.cfg <-- edit your nrpe.cfg Add: command[check_klms]=/usr/local/nagios/libexec/check_klms.sh status
2.- Edit sudoers file:
sudo visudo
3.- Add permissions for the klms-control binary to nagios:
Defaults:nagios !requiretty nagios ALL=NOPASSWD: /opt/kaspersky/klms/bin/klms-control
4.- Restart the nrpe daemon:
nagios@pmimta:/usr/local/nagios/etc$ ps -ef |grep nrpe nagios 1476 1 0 Aug05 ? 00:00:02 /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d nagios@pmimta:/usr/local/nagios/etc$ sudo kill -9 1476 nagios@pmimta:/usr/local/nagios/etc$ sudo /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d nagios@pmimta:/usr/local/nagios/etc$ ps -ef |grep nrpe nagios 31928 1 0 12:11 ? 00:00:00 /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
or, if nrpe is under xinetd: service xinetd restart
5.- Verify nrpe log:
nagios@pmimta:/usr/local/nagios/etc$ journalctl --since=today | grep nrpe Aug 08 12:11:41 pmimta sudo[31926]: sistemas : TTY=pts/0 ; PWD=/usr/local/nagios/etc ; USER=nagios ; COMMAND=/usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d Aug 08 12:11:41 pmimta nrpe[31928]: Starting up daemon Aug 08 12:11:41 pmimta nrpe[31928]: Server listening on 0.0.0.0 port 5666. Aug 08 12:11:41 pmimta nrpe[31928]: Server listening on :: port 5666. Aug 08 12:11:41 pmimta nrpe[31928]: Warning: Daemon is configured to accept command arguments from clients! Aug 08 12:11:41 pmimta nrpe[31928]: Listening for connections on port 0 Aug 08 12:11:41 pmimta nrpe[31928]: Allowing connections from: 127.0.0.1, nagiosxiserver
------------- USE: check_klms.sh [ status ]
------------- Reports:
All OK: OK - KLMS Running. OK - KLMS AV-DB up to date. OK - KLMS SPAM-DB up to date. OK - KLMS Anti-Phishing-DB up to date. OK - KLMS LDAP Connection is OK. check_klms.sh v1.04
WARNINGS: OK - KLMS Running. WARNING - KLMS AV-DB Outdated. WARNING - KLMS SPAM-DB Outdated. WARNING - KLMS Anti-Phishing-DB Outdated. OK - KLMS LDAP Connection is OK. check_klms.sh v1.04
CRITICALS: CRITICAL - KLMS NOT Running. CRITICAL - KLMS AV-DB Obsolete. CRITICAL - KLMS SPAM-DB Obsolete. CRITICAL - KLMS Anti-Phishing-DB Obsolete. CRITICAL - KLMS LDAP Connection Failed. check_klms.sh v1.04
------------- Examples:
In a machine with KLMS OK:
nagios@pmimta05:/usr/local/nagios/libexec# ./check_klms.sh status OK - KLMS Running. OK - KLMS AV-DB up to date. OK - KLMS SPAM-DB up to date. OK - KLMS Anti-Phishing-DB up to date. OK - KLMS LDAP Connection is OK. check_klms.sh v1.04
In a machine with the Anti-SPAM DB not actualized:
nagios@pmimta05:~# /usr/local/nagios/libexec/check_klms.sh status OK - KLMS Running. OK - KLMS AV-DB up to date. WARNING - KLMS SPAM-DB Outdated. OK - KLMS Anti-Phishing-DB up to date. OK - KLMS LDAP Connection is OK. check_klms.sh v1.04
In a machine without KLMS installed (or not in the PATH by default):
[nagios@nagiosxiserver libexec]# check_klms.sh status CRITICAL - KLMS NOT Running. ERROR - KLMS binaries not found in this machine (review PATH). check_klms.sh v1.04
-------------
NAGIOS Plugin Version Control:
After the Nagios Status reported, the script shows the script's name and version, very useful to track nagios services versions and scripts invoked by a service/command.
You must be logged in to submit a review.
To:
From: