Home Directory Plugins Anti-Virus Others check_fsecure [F-Secure fsav check]

Search Exchange

Search All Sites

Nagios Live Webinars

Let our experts show you how Nagios can help your organization.

Contact Us

Phone: 1-888-NAGIOS-1
Email: sales@nagios.com

Login

Remember Me

check_fsecure [F-Secure fsav check]

Rating
1 vote
Favoured:
0
Current Version
1.0.1
Last Release Date
2012-09-05
Compatible With
  • Nagios 3.x
License
GPL
Hits
60669
Files:
FileDescription
check_fsecurePerl-Script check_fsecure
Network Monitoring Software - Download Nagios XI
Log Management Software - Nagios Log Server - Download
Netflow Analysis Software - Nagios Network Analyzer - Download
check_fsecure is a Perl script that checks the antivirus database of F-Secure fsav command-line scanner is up-to-date.
check_fsecure compares the database version of F-Secure fsav with the current date.

We use it on our mailserver via check_by_ssh to make sure fsav (called by amavisd-new) is up-to-date.

Help with "check_fsecure -h"


Reviews (1)
The plugin needs some modification for FSIGK F-Secure Internet Gatekeeper (thats not the same as FSLS, F-Secure Server Linux Security), but then its still useable, thanks for that.

With FSIGK 5.50 you have to change:
1. Link the following binaries to make ./fsav executable within FSIGK:

/usr/lib/libfsavd.so.7 -> /opt/f-secure/fsigk/fssp/lib/libfsavd.so.7
/usr/lib/libsubstatus.so -> /opt/f-secure/fsigk/fssp/lib/libsubstatus.so
/usr/lib/libkeycheck.so -> /opt/f-secure/fsigk/fssp/lib/libkeycheck.so
/usr/lib/libfsclm.so.2 -> /opt/f-secure/fsigk/fssp/lib/libfsclm.so.2
/usr/lib/libmgmtfile.2.0.0.so -> /opt/f-secure/fsigk/fssp/lib/libmgmtfile.2.0.0.so

2. Change line #101 to a hardcoded path conf path (or ad another prefix, FSAV in FSIGK works just different to FSLS):
chomp(my $fsav_version = `$fsav --config=file:/opt/f-secure/fsigk/fssp/etc/fssp.conf --version`);

Now it depends on your FSIGK installation, usually user "nagios" is not able to run "$fsav --config=file:/opt/f-secure/fsigk/fssp/etc/fssp.conf --version" without sudo/root.

2. Add sudo for the FSAV binary like this in check_fsecure:

my $fsav = "/usr/bin/sudo /opt/f-secure/fsigk/fssp/bin/fsav";

3. Comment-out the following lines in check_fsecure:

#if (!-x $fsav) {
# die("ERROR: Unable to execute $fsav");
#}

4. Add a sudo rule /etc/sudoers on monitored machine:
nagios ALL=(root) NOPASSWD: /opt/f-secure/fsigk/fssp/bin/fsav

Thats it.