+

Last commit for check_klms: 1f98c32e35a4bfaad60a33f6306d21490bda981b

Initial commit

Benjamin Renard [2016-05-18 11:53:57]
Initial commit
#!/usr/bin/python
#
# Nagios plugin to check Kaspersky KLMS status using klms-control tool
#
#    Usage: check_klms [options]
#
#    Options:
#      -h, --help            show this help message and exit
#      -d, --debug           Enable debug mode
#      -w WARN_EXPIRATION_DAYS
#                            WARNING expiration days threshold (Default : 30)
#      -c CRIT_EXPIRATION_DAYS
#                            CRITICAL expiration days threshold (Default : 10)
#      -b KLMS_CONTROL_BIN_PATH
#                            Path to klms-control binary (Default :
#                            /opt/kaspersky/klms/bin/klms-control)
#
# Copyright (c) 2016 Benjamin Renard <brenard@zionetrix.net>
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License version 2
# as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
#

import sys
import subprocess
import logging
from lxml import etree
from optparse import OptionParser

parser = OptionParser()

default_warn_expiration_days=30
default_crit_expiration_days=10
default_klms_control_bin_path='/opt/kaspersky/klms/bin/klms-control'

parser.add_option('-d',
                  '--debug',
                  action="store_true",
                  dest="debug",
                  help="Enable debug mode")

parser.add_option('-w',
                  action="store",
                  type="int",
                  dest="warn_expiration_days",
                  help="WARNING expiration days threshold (Default : %s)" % default_warn_expiration_days,
                  default=default_warn_expiration_days)

parser.add_option('-c',
                  action="store",
                  type="int",
                  dest="crit_expiration_days",
                  help="CRITICAL expiration days threshold (Default : %s)" % default_crit_expiration_days,
                  default=default_crit_expiration_days)

parser.add_option('-b',
                  action="store",
                  type="string",
                  dest="klms_control_bin_path",
                  help="Path to klms-control binary (Default : %s)" % default_klms_control_bin_path,
                  default=default_klms_control_bin_path)

(options, args) = parser.parse_args()

logformat = '%(levelname)s - %(message)s'
if options.debug:
        loglevel = logging.DEBUG
else:
        loglevel = logging.INFO

logging.basicConfig(level=loglevel,format='%(asctime)s - %(levelname)s - %(message)s')


logging.debug('Get Anti-SPAM bases status')

# Output example :
#   <root>
#       <status>UpToDate</status>
#       <publishingTime>2016-05-18T11:52:10</publishingTime>
#       <installTime>2016-05-18T12:06:23</installTime>
#   </root>
try:
    p = subprocess.Popen([options.klms_control_bin_path, '--get-asp-bases-info'], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
    out, err = p.communicate()

    tree = etree.fromstring(out)

    asp_status=tree.findall('status')[0].text

    logging.debug('Anti-SPAM bases status : %s' % asp_status)
except Exception, e:
    print "UNKNOWN - Failed to retreive or parse Anti-SPAM bases status : %s / %s" % (err,e)
    sys.exit(3)


logging.debug('Get Anti-Virus bases status')

# Output example :
#   <root>
#       <status>UpToDate</status>
#       <recordCount>7711241</recordCount>
#       <publishingTime>2016-05-18T04:06:00</publishingTime>
#       <installTime>2016-05-18T07:56:50</installTime>
#   </root>

try:
    p = subprocess.Popen([options.klms_control_bin_path, '--get-avs-bases-info'], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
    out, err = p.communicate()

    logging.debug('klms-control output : %s' % out)

    tree = etree.fromstring(out)

    avs_status=tree.findall('status')[0].text

    logging.debug('Anti-Virus bases status : %s' % avs_status)
except Exception, e:
    print "UNKNOWN - Failed to retreive or parse Anti-SPAM bases status : %s / %s" % (err,e)
    sys.exit(3)

logging.debug('Get Anti-Phishing bases status')

# Output example :
#   <root>
#       <status>UpToDate</status>
#       <publishingTime>2016-05-17T13:55:41</publishingTime>
#       <installTime>2016-05-18T11:26:18</installTime>
#   </root>
try:
    p = subprocess.Popen([options.klms_control_bin_path, '--get-aph-bases-info'], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
    out, err = p.communicate()

    logging.debug('klms-control output : %s' % out)

    tree = etree.fromstring(out)

    aph_status=tree.findall('status')[0].text

    logging.debug('Anti-Phishing bases status : %s' % aph_status)
except Exception, e:
    print "UNKNOWN - Failed to retreive or parse Anti-Phishing bases status : %s / %s" % (err,e)
    sys.exit(3)

logging.debug('Get License status')

# Output example :
#   <root status="Active" expirationDays="372" functionalityLevel="full functionality" invalidReason="valid" activeLicenseSerial="1414-000400-2DF4ACA1" keyType="commercial">
#       <expirationDate day="25" month="5" year="2017" />
#   </root>
try:
    p = subprocess.Popen([options.klms_control_bin_path, '-l', '--query-status'], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
    out, err = p.communicate()

    logging.debug('klms-control output : %s' % out)

    tree = etree.fromstring(out)

    expiration_days=int(tree.findall('.')[0].get('expirationDays'))

    logging.debug('License expiration day(s) : %s' % expiration_days)
except Exception, e:
    print "UNKNOWN - Failed to retreive or parse License status : %s / %s" % (err,e)
    sys.exit(3)

STATUS_TXT={
    0: 'OK',
    1: 'WARNING',
    2: 'CRITICAL',
    3: 'UNKNOWN',
}
STATUS=0
errors=[]
infos=[]

bases_status_ok=[]
if asp_status!='UpToDate':
    STATUS=2
    errors.append('Anti-SPAM base is %s' % asp_status)
else:
    bases_status_ok.append('Anti-SPAM')

if avs_status!='UpToDate':
    STATUS=2
    errors.append('Anti-Virus base is %s' % avs_status)
else:
    bases_status_ok.append('Anti-Virus')

if aph_status!='UpToDate':
    STATUS=2
    errors.append('Anti-Phishing base is %s' % aph_status)
else:
    bases_status_ok.append('Anti-Phishing')

if len(bases_status_ok)>0:
    infos.append('%s bases uptodate' % '/'.join(bases_status_ok))

LICENSE_STATUS=0
if expiration_days < options.crit_expiration_days:
    LICENSE_STATUS=2
    errors.append('License expire in %s days' % expiration_days)
elif expiration_days < options.crit_expiration_days:
    LICENSE_STATUS=1

if LICENSE_STATUS!=0:
    errors.append('License expire in %s days' % expiration_days)
else:
    infos.append('License expire in %s days' % expiration_days)

MSG=""
if len(errors)>0:
    MSG+=', '.join(errors)
if len(infos)>0:
    MSG+=', '.join(infos)

print "%s - %s" % (STATUS_TXT[STATUS],MSG)

sys.exit(STATUS)
ViewGit