Search Exchange
Search All Sites
Nagios Live Webinars
Let our experts show you how Nagios can help your organization.Login
New ListingsDirectory Tree
check_yum.pl (Advanced Nagios Plugins Collection)
Compatible With
- Nagios 1.x
- Nagios 2.x
- Nagios 3.x
- Nagios 4.x
- Nagios XI
Owner
Download URL
Hits
9870
Part of the Advanced Nagios Plugins Collection
Download it here:
https://github.com/harisekhon/nagios-plugins
check_yum.pl
Nagios Plugin to check Yum security updates on RHEL5/6/7 based servers
This is a rewrite of my original Python version for RHEL5 from early 2008
Code is much shorter, a third the number of lines, and leverages my personal library for better validation, option/usage and self timeout handling
See also: check_yum.py (the original, also part of the Advanced Nagios Plugins Collection)
Tested on CentOS 5 / 6 / 7
usage: check_yum.pl [ options ]
-A --all-updates Does not distinguish between security and non-security updates, but returns critical for any available update. This may be used if the yum security plugin is absent or you want
to maintain every single package at the latest version. You may want to use --warn-on-any-update instead of this option
-W --warn-on-any-update Warns if there are any (non-security) package updates available. By default only warns when security related updates are available. If --all-updates is used, then this option
is redundant as --all-updates will return a critical result on any available update, whereas using this switch still allows you to differentiate between the severity of
updates
-C --cache-only Run entirely from cache and do not update the cache when running yum. Useful if you have 'yum makecache' cronned so that the nagios check itself doesn't have to do it, possibly
speeding up execution (by 1-2 seconds in tests)
-N --no-warn-on-lock Return OK instead of WARNING when yum is locked and fails to check for updates due to another instance running. This is not recommended from the security standpoint, but may be
wanted to reduce the number of alerts that may intermittently pop up when someone is running yum for package management
-e --enablerepo Explicitly enables a repository when calling yum. Can take a comma separated list of repositories
-d --disablerepo Explicitly disables a repository when calling yum. Can take a comma separated list of repositories
-t --timeout Timeout in secs (default: 10)
-v --verbose Verbose mode (-v, -vv, -vvv ...)
-h --help Print description and usage options
-V --version Print version and exit
Download it here:
https://github.com/harisekhon/nagios-plugins
check_yum.pl
Nagios Plugin to check Yum security updates on RHEL5/6/7 based servers
This is a rewrite of my original Python version for RHEL5 from early 2008
Code is much shorter, a third the number of lines, and leverages my personal library for better validation, option/usage and self timeout handling
See also: check_yum.py (the original, also part of the Advanced Nagios Plugins Collection)
Tested on CentOS 5 / 6 / 7
usage: check_yum.pl [ options ]
-A --all-updates Does not distinguish between security and non-security updates, but returns critical for any available update. This may be used if the yum security plugin is absent or you want
to maintain every single package at the latest version. You may want to use --warn-on-any-update instead of this option
-W --warn-on-any-update Warns if there are any (non-security) package updates available. By default only warns when security related updates are available. If --all-updates is used, then this option
is redundant as --all-updates will return a critical result on any available update, whereas using this switch still allows you to differentiate between the severity of
updates
-C --cache-only Run entirely from cache and do not update the cache when running yum. Useful if you have 'yum makecache' cronned so that the nagios check itself doesn't have to do it, possibly
speeding up execution (by 1-2 seconds in tests)
-N --no-warn-on-lock Return OK instead of WARNING when yum is locked and fails to check for updates due to another instance running. This is not recommended from the security standpoint, but may be
wanted to reduce the number of alerts that may intermittently pop up when someone is running yum for package management
-e --enablerepo Explicitly enables a repository when calling yum. Can take a comma separated list of repositories
-d --disablerepo Explicitly disables a repository when calling yum. Can take a comma separated list of repositories
-t --timeout Timeout in secs (default: 10)
-v --verbose Verbose mode (-v, -vv, -vvv ...)
-h --help Print description and usage options
-V --version Print version and exit
Reviews (1)
byxoroz, January 12, 2017
wish I could have warning critical threshold, rewrote a simple version in bash :)
#!/bin/bash
#
#Felipe Ferreira Jan 2017
#
# First lets chceck if yum --security exists and works
#MAKE SURE yum-security is installed
yum --security version >/dev/null 2>&1 || { echo "I require yum-security but it's not installed. Aborting." >&2; exit 1; }
#CHECK FOR ARGS
if [[ $2 ]]; then
WARN=$1
CRIT=$2
else
echo "UNKONW - Please pass arguments, number of security patches missing it should warn or crit $0 "
exit 3
fi
A=$(yum -C --security check-update |grep " needed for security")
C=$(echo $A|awk '{ print $1 }')
if [ "$C" -gt "$CRIT" ]; then
echo "CRITICAL - $A | sec=$C"
exit 2
elif [ "$C" -gt "$WARN" ]; then
echo "WANING - $A | sec=$C"
exit 1
fi
echo "OK - $A | sec=$C"
exit 0
#!/bin/bash
#
#Felipe Ferreira Jan 2017
#
# First lets chceck if yum --security exists and works
#MAKE SURE yum-security is installed
yum --security version >/dev/null 2>&1 || { echo "I require yum-security but it's not installed. Aborting." >&2; exit 1; }
#CHECK FOR ARGS
if [[ $2 ]]; then
WARN=$1
CRIT=$2
else
echo "UNKONW - Please pass arguments, number of security patches missing it should warn or crit $0 "
exit 3
fi
A=$(yum -C --security check-update |grep " needed for security")
C=$(echo $A|awk '{ print $1 }')
if [ "$C" -gt "$CRIT" ]; then
echo "CRITICAL - $A | sec=$C"
exit 2
elif [ "$C" -gt "$WARN" ]; then
echo "WANING - $A | sec=$C"
exit 1
fi
echo "OK - $A | sec=$C"
exit 0
