check_klms

@@ -0,0 +1,39 @@

+Nagios plugin to check Kaspersky KLMS status using klms-control tool

+====================================================================

+

+Usage

+-----

+

+    Usage: check_klms [options]

+    

+    Options:

+      -h, --help            show this help message and exit

+      -d, --debug           Enable debug mode

+      -w WARN_EXPIRATION_DAYS

+                            WARNING expiration days threshold (Default : 30)

+      -c CRIT_EXPIRATION_DAYS

+                            CRITICAL expiration days threshold (Default : 10)

+      -b KLMS_CONTROL_BIN_PATH

+                            Path to klms-control binary (Default :

+                            /opt/kaspersky/klms/bin/klms-control)

+

+Copyright

+---------

+

+Copyright (c) 2016 Benjamin Renard 

+

+License

+-------

+

+This program is free software; you can redistribute it and/or

+modify it under the terms of the GNU General Public License version 2

+as published by the Free Software Foundation.

+

+This program is distributed in the hope that it will be useful,

+but WITHOUT ANY WARRANTY; without even the implied warranty of

+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

+GNU General Public License for more details.

+

+You should have received a copy of the GNU General Public License

+along with this program; if not, write to the Free Software

+Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.

@@ -0,0 +1,227 @@

+#!/usr/bin/python

+#

+# Nagios plugin to check Kaspersky KLMS status using klms-control tool

+#

+#    Usage: check_klms [options]

+#    

+#    Options:

+#      -h, --help            show this help message and exit

+#      -d, --debug           Enable debug mode

+#      -w WARN_EXPIRATION_DAYS

+#                            WARNING expiration days threshold (Default : 30)

+#      -c CRIT_EXPIRATION_DAYS

+#                            CRITICAL expiration days threshold (Default : 10)

+#      -b KLMS_CONTROL_BIN_PATH

+#                            Path to klms-control binary (Default :

+#                            /opt/kaspersky/klms/bin/klms-control)

+#

+# Copyright (c) 2016 Benjamin Renard <brenard@zionetrix.net>

+#

+# This program is free software; you can redistribute it and/or

+# modify it under the terms of the GNU General Public License version 2

+# as published by the Free Software Foundation.

+#

+# This program is distributed in the hope that it will be useful,

+# but WITHOUT ANY WARRANTY; without even the implied warranty of

+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the

+# GNU General Public License for more details.

+#

+# You should have received a copy of the GNU General Public License

+# along with this program; if not, write to the Free Software

+# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.

+#

+

+import sys

+import subprocess

+import logging

+from lxml import etree

+from optparse import OptionParser

+

+parser = OptionParser()

+

+default_warn_expiration_days=30

+default_crit_expiration_days=10

+default_klms_control_bin_path='/opt/kaspersky/klms/bin/klms-control'

+

+parser.add_option('-d',

+                  '--debug',

+                  action="store_true",

+                  dest="debug",

+                  help="Enable debug mode")

+

+parser.add_option('-w',

+                  action="store",

+                  type="int",

+                  dest="warn_expiration_days",

+                  help="WARNING expiration days threshold (Default : %s)" % default_warn_expiration_days,

+                  default=default_warn_expiration_days)

+

+parser.add_option('-c',

+                  action="store",

+                  type="int",

+                  dest="crit_expiration_days",

+                  help="CRITICAL expiration days threshold (Default : %s)" % default_crit_expiration_days,

+                  default=default_crit_expiration_days)

+

+parser.add_option('-b',

+                  action="store",

+                  type="string",

+                  dest="klms_control_bin_path",

+                  help="Path to klms-control binary (Default : %s)" % default_klms_control_bin_path,

+                  default=default_klms_control_bin_path)

+

+(options, args) = parser.parse_args()

+

+logformat = '%(levelname)s - %(message)s'

+if options.debug:

+        loglevel = logging.DEBUG

+else:

+        loglevel = logging.INFO

+

+logging.basicConfig(level=loglevel,format='%(asctime)s - %(levelname)s - %(message)s')

+

+

+logging.debug('Get Anti-SPAM bases status')

+

+# Output example :

+#   <root>

+#       <status>UpToDate</status>

+#       <publishingTime>2016-05-18T11:52:10</publishingTime>

+#       <installTime>2016-05-18T12:06:23</installTime>

+#   </root>

+try:

+    p = subprocess.Popen([options.klms_control_bin_path, '--get-asp-bases-info'], stdout=subprocess.PIPE, stderr=subprocess.PIPE)

+    out, err = p.communicate()

+

+    tree = etree.fromstring(out)

+

+    asp_status=tree.findall('status')[0].text

+

+    logging.debug('Anti-SPAM bases status : %s' % asp_status)

+except Exception, e:

+    print "UNKNOWN - Failed to retreive or parse Anti-SPAM bases status : %s / %s" % (err,e)

+    sys.exit(3)

+

+

+logging.debug('Get Anti-Virus bases status')

+

+# Output example :

+#   <root>

+#       <status>UpToDate</status>

+#       <recordCount>7711241</recordCount>

+#       <publishingTime>2016-05-18T04:06:00</publishingTime>

+#       <installTime>2016-05-18T07:56:50</installTime>

+#   </root>

+

+try:

+    p = subprocess.Popen([options.klms_control_bin_path, '--get-avs-bases-info'], stdout=subprocess.PIPE, stderr=subprocess.PIPE)

+    out, err = p.communicate()

+

+    logging.debug('klms-control output : %s' % out)

+

+    tree = etree.fromstring(out)

+

+    avs_status=tree.findall('status')[0].text

+

+    logging.debug('Anti-Virus bases status : %s' % avs_status)

+except Exception, e:

+    print "UNKNOWN - Failed to retreive or parse Anti-SPAM bases status : %s / %s" % (err,e)

+    sys.exit(3)

+

+logging.debug('Get Anti-Phishing bases status')

+

+# Output example :

+#   <root>

+#       <status>UpToDate</status>

+#       <publishingTime>2016-05-17T13:55:41</publishingTime>

+#       <installTime>2016-05-18T11:26:18</installTime>

+#   </root>

+try:

+    p = subprocess.Popen([options.klms_control_bin_path, '--get-aph-bases-info'], stdout=subprocess.PIPE, stderr=subprocess.PIPE)

+    out, err = p.communicate()

+

+    logging.debug('klms-control output : %s' % out)

+

+    tree = etree.fromstring(out)

+

+    aph_status=tree.findall('status')[0].text

+

+    logging.debug('Anti-Phishing bases status : %s' % aph_status)

+except Exception, e:

+    print "UNKNOWN - Failed to retreive or parse Anti-Phishing bases status : %s / %s" % (err,e)

+    sys.exit(3)

+

+logging.debug('Get License status')

+

+# Output example :

+#   <root status="Active" expirationDays="372" functionalityLevel="full functionality" invalidReason="valid" activeLicenseSerial="1414-000400-2DF4ACA1" keyType="commercial">

+#       <expirationDate day="25" month="5" year="2017" />

+#   </root>

+try:

+    p = subprocess.Popen([options.klms_control_bin_path, '-l', '--query-status'], stdout=subprocess.PIPE, stderr=subprocess.PIPE)

+    out, err = p.communicate()

+

+    logging.debug('klms-control output : %s' % out)

+

+    tree = etree.fromstring(out)

+

+    expiration_days=int(tree.findall('.')[0].get('expirationDays'))

+

+    logging.debug('License expiration day(s) : %s' % expiration_days)

+except Exception, e:

+    print "UNKNOWN - Failed to retreive or parse License status : %s / %s" % (err,e)

+    sys.exit(3)

+

+STATUS_TXT={

+    0: 'OK',

+    1: 'WARNING',

+    2: 'CRITICAL',

+    3: 'UNKNOWN',

+}

+STATUS=0

+errors=[]

+infos=[]

+

+bases_status_ok=[]

+if asp_status!='UpToDate':

+    STATUS=2

+    errors.append('Anti-SPAM base is %s' % asp_status)

+else:

+    bases_status_ok.append('Anti-SPAM')

+

+if avs_status!='UpToDate':

+    STATUS=2

+    errors.append('Anti-Virus base is %s' % avs_status)

+else:

+    bases_status_ok.append('Anti-Virus')

+

+if aph_status!='UpToDate':

+    STATUS=2

+    errors.append('Anti-Phishing base is %s' % aph_status)

+else:

+    bases_status_ok.append('Anti-Phishing')

+

+if len(bases_status_ok)>0:

+    infos.append('%s bases uptodate' % '/'.join(bases_status_ok))

+

+LICENSE_STATUS=0

+if expiration_days < options.crit_expiration_days:

+    LICENSE_STATUS=2

+    errors.append('License expire in %s days' % expiration_days)

+elif expiration_days < options.crit_expiration_days:

+    LICENSE_STATUS=1

+

+if LICENSE_STATUS!=0:

+    errors.append('License expire in %s days' % expiration_days)

+else:

+    infos.append('License expire in %s days' % expiration_days)

+

+MSG=""

+if len(errors)>0:

+    MSG+=', '.join(errors)

+if len(infos)>0:

+    MSG+=', '.join(infos)

+

+print "%s - %s" % (STATUS_TXT[STATUS],MSG)

+

+sys.exit(STATUS)