Search Exchange

Search All Sites

Nagios Live Webinars

Let our experts show you how Nagios can help your organization.

Contact Us

Phone: 1-888-NAGIOS-1
Email: sales@nagios.com

Login

Remember Me

Directory Tree

Openldap Syncrepl

Rating
4 votes
Favoured:
0
Hits
109742
Files:
FileDescription
check_syncrepl.pycheck_syncrepl.py with support for OpenLDAP 2.4
Nagios CSP

Meet The New Nagios Core Services Platform

Built on over 25 years of monitoring experience, the Nagios Core Services Platform provides insightful monitoring dashboards, time-saving monitoring wizards, and unmatched ease of use. Use it for free indefinitely.

Monitoring Made Magically Better

  • Nagios Core on Overdrive
  • Powerful Monitoring Dashboards
  • Time-Saving Configuration Wizards
  • Open Source Powered Monitoring On Steroids
  • And So Much More!
Check for open ldap syncrepl
Check the open ldap replication via SYNCREPL and python.

It's based on a version found in the openldap mailinglist by Samuel Tran.
I added the possiblity to specify the two passwords on the commandline and the -n option for "nagios-mode".

http://www.mail-archive.com/openldap-software@openldap.org/msg03877.html


To view a description of the script:
$ pydoc ldapSynchCheck

To view the help:
$ ./ldapSynchCheck.py -h


2009-02-16 Updated to version 1.1 to include timstamp format of openldap 2.4

André
Reviews (3)
bywolvverine, August 30, 2011
Error:
2011-08-30 14:36:31,013 - check_syncrepl.py - DEBUG - Retrieving Provider contextCSN
2011-08-30 14:36:31,014 - check_syncrepl.py - DEBUG - contextCSN = 20110830123045.-981247Z#000000#000#000000
2011-08-30 14:36:31,015 - check_syncrepl.py - DEBUG - Retrieving Consumer contextCSN
2011-08-30 14:36:31,015 - check_syncrepl.py - DEBUG - contextCSN = 20110830123044.-999530Z#000000#000#000000
Traceback (most recent call last):
File "/usr/lib64/nagios/plugins/check_syncrepl.py", line 286, in ?
main()
File "/usr/lib64/nagios/plugins/check_syncrepl.py", line 272, in main
IsInSync = IsInSync and is_insynch(ldapprov, ldapcons, options.basedn, options.threshold, logger)
File "/usr/lib64/nagios/plugins/check_syncrepl.py", line 193, in is_insynch
delta = contextCSN_to_datetime(provcontextCSN) - contextCSN_to_datetime(conscontextCSN)
File "/usr/lib64/nagios/plugins/check_syncrepl.py", line 159, in contextCSN_to_datetime
return datetime.datetime.fromtimestamp(time.mktime(time.strptime(gentime,"%Y%m%d%H%M%S")))
File "/usr/lib64/python2.4/_strptime.py", line 296, in strptime
raise ValueError("unconverted data remains: %s" %
ValueError: unconverted data remains: .-981247


Patch:

--- /usr/lib64/nagios/plugins/check_syncrepl.py.orig 2011-08-04 11:59:15.000000000 +0200
+++ /usr/lib64/nagios/plugins/check_syncrepl.py 2011-08-30 14:42:04.000000000 +0200
@@ -155,7 +155,7 @@

This function returns a datetime object instance
"""
- gentime = re.sub('(\.\d{6})?Z.*$','',contextCSN)
+ gentime = re.sub('(\.-?\d{6})?Z.*$','',contextCSN)
return datetime.datetime.fromtimestamp(time.mktime(time.strptime(gentime,"%Y%m%d%H%M%S")))

def threshold_to_datetime(threshold):
bylorimar, June 17, 2011
This worked quite well, though I did have one stumbling block. As the previous reviewer pointed out, you need to use the --nagios (or -n) argument to get the script to output a nagios formatted result. However, by default this will also return non-nagios formatted results first. In order to get a clean output that nagios can read, you have to also use the --quiet argument in addition to the --nagios.
bygcc2, January 14, 2011
The script is simple and well written.

However it's ESSENTIAL, and not at all obvious, that you put the --nagios option on the command line. Otherwise, when the server is out of sync with the client, the output will tell you, but Nagios will think that the server is OK and not send you any notification.

Also, if the SSL certificate chain is not properly installed, the default logging does not help much:

FAILED : LDAP bind failed. {'desc': "Can't contact LDAP server"}

It's necessary to edit the source and increase the ldap.OPT_DEBUG_LEVEL to get this output:

TLS: warning: cacertdir not implemented for gnutls
TLS: peer cert untrusted or revoked (0x42)
FAILED : LDAP bind failed. {'desc': "Can't contact LDAP server"}

which tells you what you need to know to understand and fix the problem.