Search Exchange

Search All Sites

Nagios Live Webinars

Let our experts show you how Nagios can help your organization.

Contact Us

Phone: 1-888-NAGIOS-1
Email: sales@nagios.com

Login

Remember Me

check_KAV.pl

Rating
0 votes
Favoured:
0
Current Version
1.1
Last Release Date
2010-05-01
Compatible With
  • Nagios 3.x
Hits
96933
Files:
FileDescription
check_KAV.plthe plugin
Network Monitoring Software - Download Nagios XI
Log Management Software - Nagios Log Server - Download
Netflow Analysis Software - Nagios Network Analyzer - Download
check_KAV.pl
check_KAV.pl is a perl plugin for Kaspersky servers (with MSDE 2000 and 2005) which allow you to get some informations (virus, last full scan, license expiration time, last update...) in function of the name of the computer. It works on local or via NRPE and with the NSCLIENT++ and ActivePerl installed on the windows server.
check_KAV.pl is a perl plugin for Kaspersky servers (with MSDE 2000 or 2005) which allow you to get some informations (number of virus found, last full scan, license expiration time, last update...) in function of the name of the computer. It works via NRPE and with NSCLIENT++ and ActivePerl software installed on the windows server.
Usage: check_KAV.pl [winhostname] [request number] [warning in days or in nb of virus] [Critical in days or in nb of virus]
Ex : check_KAV.pl mycomputer 1 7 14
1 - Last Info Update
2 - Last Update
3 - Last Full Scan
4 - Last Visible
5 - Licence Expiration Time
6 - Virus Count

HOW TO :

On the kasperky server :
install the last NSCLIENT++ version : http://nsclient.org/ or http://nsclient.org/nscp/downloads

do the same for ActivePerl : http://www.activestate.com/activeperl

------------------------------------

create the folder : c:\Progra~1\NSClient++\plugins\ which will contain the check_KAV.pl plugin and the check_KAV.bat launcher

------------------------------------

update your c:\Progra~1\NSClient++\NSC.ini :
[....]
[modules]
NRPEListener.dll
[...]
[NRPE]
allow_arguments=1
[...]
[NRPE Client Handlers]
command[check_kav]=c:\Progra~1\NSClient++\plugins\check_KAV.bat $ARG1$ $ARG2$ $ARG3$ $ARG4$
[...]

------------------------------------
create the check_KAV.bat file (cause NSCLIENT++ can't launch a .pl file) into c:\Progra~1\NSClient++\plugins\ :

@echo off
C:\Perl\bin\perl.exe "C:\Program Files\NSClient++\plugins\check_KAV.pl" %1 %2 %3 %4

-----------------------------------

create your check_KAV.pl file into c:\Progra~1\NSClient++\plugins\

------------------------------------

Test on your server if the plugin works :
open a console and type : c:\perl\bin\perl.exe c:\Progra~1\NSClient++\plugins\check_KAV.pl your_server_name 1 10 20

If it doesn't work :
If you use SQL server 2005 :
configure the "SQL Server Surface Area Configuration" to allow the access to the database
modify my plugin :
~ line 119, 143, 165, 198, 205, 233, 240, 268 : "OSQL -E -Q" by "sqlcmd -S YOUR_SERVER_NAME\\KAV_CS_ADMIN_KIT -E -Q"

------------------------------------

From your Nagios server :
you can try :
/usr/lib/nagios/plugins/check_nrpe -H ip_of_your_kaspersky_server -p 5666 -t 30 -c check_kav -a name_of_your_kaspersky_server 1 10 20
to see if it works.
You should have something like this :

KAV - 2 hours and 13 minutes since Last Info Update
Last Info Update : 31/05/2010 at 13:42:54

Then you can edit /etc/nagios-plugins/config/check_nrpe.cfg and add :

define command {
command_name check_kav
command_line /usr/lib/nagios/plugins/check_nrpe -H $HOSTADDRESS$ -c check_kav -p 5666 -t 30 -a $ARG1$ $ARG2$ $ARG3$ $ARG4$
}


------------------------------------

How it works :


Your NAGIOS server will do a NRPE request --> NSCLIENT++ receive the request and will lauch--> the c:\Progra~1\NSClient++\plugins\check_KAV.bat file --> which will launch the C:\Program Files\NSClient++\plugins\check_KAV.pl plugin


be free to modify this plugin :)

Updates : may 2010 : the plugin is now able to take into consideration the reset virus count command (that you launch under the Kaspersky Administration Kit)