Initial commit
Benjamin Renard

Benjamin Renard commited on 2016-05-18 11:53:57
Showing 2 changed files, with 266 additions and 0 deletions.

... ...
@@ -0,0 +1,39 @@
1
+Nagios plugin to check Kaspersky KLMS status using klms-control tool
2
+====================================================================
3
+
4
+Usage
5
+-----
6
+
7
+    Usage: check_klms [options]
8
+    
9
+    Options:
10
+      -h, --help            show this help message and exit
11
+      -d, --debug           Enable debug mode
12
+      -w WARN_EXPIRATION_DAYS
13
+                            WARNING expiration days threshold (Default : 30)
14
+      -c CRIT_EXPIRATION_DAYS
15
+                            CRITICAL expiration days threshold (Default : 10)
16
+      -b KLMS_CONTROL_BIN_PATH
17
+                            Path to klms-control binary (Default :
18
+                            /opt/kaspersky/klms/bin/klms-control)
19
+
20
+Copyright
21
+---------
22
+
23
+Copyright (c) 2016 Benjamin Renard 
24
+
25
+License
26
+-------
27
+
28
+This program is free software; you can redistribute it and/or
29
+modify it under the terms of the GNU General Public License version 2
30
+as published by the Free Software Foundation.
31
+
32
+This program is distributed in the hope that it will be useful,
33
+but WITHOUT ANY WARRANTY; without even the implied warranty of
34
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
35
+GNU General Public License for more details.
36
+
37
+You should have received a copy of the GNU General Public License
38
+along with this program; if not, write to the Free Software
39
+Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
... ...
@@ -0,0 +1,227 @@
1
+#!/usr/bin/python
2
+#
3
+# Nagios plugin to check Kaspersky KLMS status using klms-control tool
4
+#
5
+#    Usage: check_klms [options]
6
+#    
7
+#    Options:
8
+#      -h, --help            show this help message and exit
9
+#      -d, --debug           Enable debug mode
10
+#      -w WARN_EXPIRATION_DAYS
11
+#                            WARNING expiration days threshold (Default : 30)
12
+#      -c CRIT_EXPIRATION_DAYS
13
+#                            CRITICAL expiration days threshold (Default : 10)
14
+#      -b KLMS_CONTROL_BIN_PATH
15
+#                            Path to klms-control binary (Default :
16
+#                            /opt/kaspersky/klms/bin/klms-control)
17
+#
18
+# Copyright (c) 2016 Benjamin Renard <brenard@zionetrix.net>
19
+#
20
+# This program is free software; you can redistribute it and/or
21
+# modify it under the terms of the GNU General Public License version 2
22
+# as published by the Free Software Foundation.
23
+#
24
+# This program is distributed in the hope that it will be useful,
25
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
26
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
27
+# GNU General Public License for more details.
28
+#
29
+# You should have received a copy of the GNU General Public License
30
+# along with this program; if not, write to the Free Software
31
+# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
32
+#
33
+
34
+import sys
35
+import subprocess
36
+import logging
37
+from lxml import etree
38
+from optparse import OptionParser
39
+
40
+parser = OptionParser()
41
+
42
+default_warn_expiration_days=30
43
+default_crit_expiration_days=10
44
+default_klms_control_bin_path='/opt/kaspersky/klms/bin/klms-control'
45
+
46
+parser.add_option('-d',
47
+                  '--debug',
48
+                  action="store_true",
49
+                  dest="debug",
50
+                  help="Enable debug mode")
51
+
52
+parser.add_option('-w',
53
+                  action="store",
54
+                  type="int",
55
+                  dest="warn_expiration_days",
56
+                  help="WARNING expiration days threshold (Default : %s)" % default_warn_expiration_days,
57
+                  default=default_warn_expiration_days)
58
+
59
+parser.add_option('-c',
60
+                  action="store",
61
+                  type="int",
62
+                  dest="crit_expiration_days",
63
+                  help="CRITICAL expiration days threshold (Default : %s)" % default_crit_expiration_days,
64
+                  default=default_crit_expiration_days)
65
+
66
+parser.add_option('-b',
67
+                  action="store",
68
+                  type="string",
69
+                  dest="klms_control_bin_path",
70
+                  help="Path to klms-control binary (Default : %s)" % default_klms_control_bin_path,
71
+                  default=default_klms_control_bin_path)
72
+
73
+(options, args) = parser.parse_args()
74
+
75
+logformat = '%(levelname)s - %(message)s'
76
+if options.debug:
77
+        loglevel = logging.DEBUG
78
+else:
79
+        loglevel = logging.INFO
80
+
81
+logging.basicConfig(level=loglevel,format='%(asctime)s - %(levelname)s - %(message)s')
82
+
83
+
84
+logging.debug('Get Anti-SPAM bases status')
85
+
86
+# Output example :
87
+#   <root>
88
+#       <status>UpToDate</status>
89
+#       <publishingTime>2016-05-18T11:52:10</publishingTime>
90
+#       <installTime>2016-05-18T12:06:23</installTime>
91
+#   </root>
92
+try:
93
+    p = subprocess.Popen([options.klms_control_bin_path, '--get-asp-bases-info'], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
94
+    out, err = p.communicate()
95
+
96
+    tree = etree.fromstring(out)
97
+
98
+    asp_status=tree.findall('status')[0].text
99
+
100
+    logging.debug('Anti-SPAM bases status : %s' % asp_status)
101
+except Exception, e:
102
+    print "UNKNOWN - Failed to retreive or parse Anti-SPAM bases status : %s / %s" % (err,e)
103
+    sys.exit(3)
104
+
105
+
106
+logging.debug('Get Anti-Virus bases status')
107
+
108
+# Output example :
109
+#   <root>
110
+#       <status>UpToDate</status>
111
+#       <recordCount>7711241</recordCount>
112
+#       <publishingTime>2016-05-18T04:06:00</publishingTime>
113
+#       <installTime>2016-05-18T07:56:50</installTime>
114
+#   </root>
115
+
116
+try:
117
+    p = subprocess.Popen([options.klms_control_bin_path, '--get-avs-bases-info'], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
118
+    out, err = p.communicate()
119
+
120
+    logging.debug('klms-control output : %s' % out)
121
+
122
+    tree = etree.fromstring(out)
123
+
124
+    avs_status=tree.findall('status')[0].text
125
+
126
+    logging.debug('Anti-Virus bases status : %s' % avs_status)
127
+except Exception, e:
128
+    print "UNKNOWN - Failed to retreive or parse Anti-SPAM bases status : %s / %s" % (err,e)
129
+    sys.exit(3)
130
+
131
+logging.debug('Get Anti-Phishing bases status')
132
+
133
+# Output example :
134
+#   <root>
135
+#       <status>UpToDate</status>
136
+#       <publishingTime>2016-05-17T13:55:41</publishingTime>
137
+#       <installTime>2016-05-18T11:26:18</installTime>
138
+#   </root>
139
+try:
140
+    p = subprocess.Popen([options.klms_control_bin_path, '--get-aph-bases-info'], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
141
+    out, err = p.communicate()
142
+
143
+    logging.debug('klms-control output : %s' % out)
144
+
145
+    tree = etree.fromstring(out)
146
+
147
+    aph_status=tree.findall('status')[0].text
148
+
149
+    logging.debug('Anti-Phishing bases status : %s' % aph_status)
150
+except Exception, e:
151
+    print "UNKNOWN - Failed to retreive or parse Anti-Phishing bases status : %s / %s" % (err,e)
152
+    sys.exit(3)
153
+
154
+logging.debug('Get License status')
155
+
156
+# Output example :
157
+#   <root status="Active" expirationDays="372" functionalityLevel="full functionality" invalidReason="valid" activeLicenseSerial="1414-000400-2DF4ACA1" keyType="commercial">
158
+#       <expirationDate day="25" month="5" year="2017" />
159
+#   </root>
160
+try:
161
+    p = subprocess.Popen([options.klms_control_bin_path, '-l', '--query-status'], stdout=subprocess.PIPE, stderr=subprocess.PIPE)
162
+    out, err = p.communicate()
163
+
164
+    logging.debug('klms-control output : %s' % out)
165
+
166
+    tree = etree.fromstring(out)
167
+
168
+    expiration_days=int(tree.findall('.')[0].get('expirationDays'))
169
+
170
+    logging.debug('License expiration day(s) : %s' % expiration_days)
171
+except Exception, e:
172
+    print "UNKNOWN - Failed to retreive or parse License status : %s / %s" % (err,e)
173
+    sys.exit(3)
174
+
175
+STATUS_TXT={
176
+    0: 'OK',
177
+    1: 'WARNING',
178
+    2: 'CRITICAL',
179
+    3: 'UNKNOWN',
180
+}
181
+STATUS=0
182
+errors=[]
183
+infos=[]
184
+
185
+bases_status_ok=[]
186
+if asp_status!='UpToDate':
187
+    STATUS=2
188
+    errors.append('Anti-SPAM base is %s' % asp_status)
189
+else:
190
+    bases_status_ok.append('Anti-SPAM')
191
+
192
+if avs_status!='UpToDate':
193
+    STATUS=2
194
+    errors.append('Anti-Virus base is %s' % avs_status)
195
+else:
196
+    bases_status_ok.append('Anti-Virus')
197
+
198
+if aph_status!='UpToDate':
199
+    STATUS=2
200
+    errors.append('Anti-Phishing base is %s' % aph_status)
201
+else:
202
+    bases_status_ok.append('Anti-Phishing')
203
+
204
+if len(bases_status_ok)>0:
205
+    infos.append('%s bases uptodate' % '/'.join(bases_status_ok))
206
+
207
+LICENSE_STATUS=0
208
+if expiration_days < options.crit_expiration_days:
209
+    LICENSE_STATUS=2
210
+    errors.append('License expire in %s days' % expiration_days)
211
+elif expiration_days < options.crit_expiration_days:
212
+    LICENSE_STATUS=1
213
+
214
+if LICENSE_STATUS!=0:
215
+    errors.append('License expire in %s days' % expiration_days)
216
+else:
217
+    infos.append('License expire in %s days' % expiration_days)
218
+
219
+MSG=""
220
+if len(errors)>0:
221
+    MSG+=', '.join(errors)
222
+if len(infos)>0:
223
+    MSG+=', '.join(infos)
224
+
225
+print "%s - %s" % (STATUS_TXT[STATUS],MSG)
226
+
227
+sys.exit(STATUS)
0 228