Benjamin Renard commited on 2016-05-18 11:53:57
Showing 2 changed files, with 266 additions and 0 deletions.
... | ... |
@@ -0,0 +1,39 @@ |
1 |
+Nagios plugin to check Kaspersky KLMS status using klms-control tool |
|
2 |
+==================================================================== |
|
3 |
+ |
|
4 |
+Usage |
|
5 |
+----- |
|
6 |
+ |
|
7 |
+ Usage: check_klms [options] |
|
8 |
+ |
|
9 |
+ Options: |
|
10 |
+ -h, --help show this help message and exit |
|
11 |
+ -d, --debug Enable debug mode |
|
12 |
+ -w WARN_EXPIRATION_DAYS |
|
13 |
+ WARNING expiration days threshold (Default : 30) |
|
14 |
+ -c CRIT_EXPIRATION_DAYS |
|
15 |
+ CRITICAL expiration days threshold (Default : 10) |
|
16 |
+ -b KLMS_CONTROL_BIN_PATH |
|
17 |
+ Path to klms-control binary (Default : |
|
18 |
+ /opt/kaspersky/klms/bin/klms-control) |
|
19 |
+ |
|
20 |
+Copyright |
|
21 |
+--------- |
|
22 |
+ |
|
23 |
+Copyright (c) 2016 Benjamin Renard |
|
24 |
+ |
|
25 |
+License |
|
26 |
+------- |
|
27 |
+ |
|
28 |
+This program is free software; you can redistribute it and/or |
|
29 |
+modify it under the terms of the GNU General Public License version 2 |
|
30 |
+as published by the Free Software Foundation. |
|
31 |
+ |
|
32 |
+This program is distributed in the hope that it will be useful, |
|
33 |
+but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
34 |
+MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
35 |
+GNU General Public License for more details. |
|
36 |
+ |
|
37 |
+You should have received a copy of the GNU General Public License |
|
38 |
+along with this program; if not, write to the Free Software |
|
39 |
+Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
... | ... |
@@ -0,0 +1,227 @@ |
1 |
+#!/usr/bin/python |
|
2 |
+# |
|
3 |
+# Nagios plugin to check Kaspersky KLMS status using klms-control tool |
|
4 |
+# |
|
5 |
+# Usage: check_klms [options] |
|
6 |
+# |
|
7 |
+# Options: |
|
8 |
+# -h, --help show this help message and exit |
|
9 |
+# -d, --debug Enable debug mode |
|
10 |
+# -w WARN_EXPIRATION_DAYS |
|
11 |
+# WARNING expiration days threshold (Default : 30) |
|
12 |
+# -c CRIT_EXPIRATION_DAYS |
|
13 |
+# CRITICAL expiration days threshold (Default : 10) |
|
14 |
+# -b KLMS_CONTROL_BIN_PATH |
|
15 |
+# Path to klms-control binary (Default : |
|
16 |
+# /opt/kaspersky/klms/bin/klms-control) |
|
17 |
+# |
|
18 |
+# Copyright (c) 2016 Benjamin Renard <brenard@zionetrix.net> |
|
19 |
+# |
|
20 |
+# This program is free software; you can redistribute it and/or |
|
21 |
+# modify it under the terms of the GNU General Public License version 2 |
|
22 |
+# as published by the Free Software Foundation. |
|
23 |
+# |
|
24 |
+# This program is distributed in the hope that it will be useful, |
|
25 |
+# but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
26 |
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
27 |
+# GNU General Public License for more details. |
|
28 |
+# |
|
29 |
+# You should have received a copy of the GNU General Public License |
|
30 |
+# along with this program; if not, write to the Free Software |
|
31 |
+# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. |
|
32 |
+# |
|
33 |
+ |
|
34 |
+import sys |
|
35 |
+import subprocess |
|
36 |
+import logging |
|
37 |
+from lxml import etree |
|
38 |
+from optparse import OptionParser |
|
39 |
+ |
|
40 |
+parser = OptionParser() |
|
41 |
+ |
|
42 |
+default_warn_expiration_days=30 |
|
43 |
+default_crit_expiration_days=10 |
|
44 |
+default_klms_control_bin_path='/opt/kaspersky/klms/bin/klms-control' |
|
45 |
+ |
|
46 |
+parser.add_option('-d', |
|
47 |
+ '--debug', |
|
48 |
+ action="store_true", |
|
49 |
+ dest="debug", |
|
50 |
+ help="Enable debug mode") |
|
51 |
+ |
|
52 |
+parser.add_option('-w', |
|
53 |
+ action="store", |
|
54 |
+ type="int", |
|
55 |
+ dest="warn_expiration_days", |
|
56 |
+ help="WARNING expiration days threshold (Default : %s)" % default_warn_expiration_days, |
|
57 |
+ default=default_warn_expiration_days) |
|
58 |
+ |
|
59 |
+parser.add_option('-c', |
|
60 |
+ action="store", |
|
61 |
+ type="int", |
|
62 |
+ dest="crit_expiration_days", |
|
63 |
+ help="CRITICAL expiration days threshold (Default : %s)" % default_crit_expiration_days, |
|
64 |
+ default=default_crit_expiration_days) |
|
65 |
+ |
|
66 |
+parser.add_option('-b', |
|
67 |
+ action="store", |
|
68 |
+ type="string", |
|
69 |
+ dest="klms_control_bin_path", |
|
70 |
+ help="Path to klms-control binary (Default : %s)" % default_klms_control_bin_path, |
|
71 |
+ default=default_klms_control_bin_path) |
|
72 |
+ |
|
73 |
+(options, args) = parser.parse_args() |
|
74 |
+ |
|
75 |
+logformat = '%(levelname)s - %(message)s' |
|
76 |
+if options.debug: |
|
77 |
+ loglevel = logging.DEBUG |
|
78 |
+else: |
|
79 |
+ loglevel = logging.INFO |
|
80 |
+ |
|
81 |
+logging.basicConfig(level=loglevel,format='%(asctime)s - %(levelname)s - %(message)s') |
|
82 |
+ |
|
83 |
+ |
|
84 |
+logging.debug('Get Anti-SPAM bases status') |
|
85 |
+ |
|
86 |
+# Output example : |
|
87 |
+# <root> |
|
88 |
+# <status>UpToDate</status> |
|
89 |
+# <publishingTime>2016-05-18T11:52:10</publishingTime> |
|
90 |
+# <installTime>2016-05-18T12:06:23</installTime> |
|
91 |
+# </root> |
|
92 |
+try: |
|
93 |
+ p = subprocess.Popen([options.klms_control_bin_path, '--get-asp-bases-info'], stdout=subprocess.PIPE, stderr=subprocess.PIPE) |
|
94 |
+ out, err = p.communicate() |
|
95 |
+ |
|
96 |
+ tree = etree.fromstring(out) |
|
97 |
+ |
|
98 |
+ asp_status=tree.findall('status')[0].text |
|
99 |
+ |
|
100 |
+ logging.debug('Anti-SPAM bases status : %s' % asp_status) |
|
101 |
+except Exception, e: |
|
102 |
+ print "UNKNOWN - Failed to retreive or parse Anti-SPAM bases status : %s / %s" % (err,e) |
|
103 |
+ sys.exit(3) |
|
104 |
+ |
|
105 |
+ |
|
106 |
+logging.debug('Get Anti-Virus bases status') |
|
107 |
+ |
|
108 |
+# Output example : |
|
109 |
+# <root> |
|
110 |
+# <status>UpToDate</status> |
|
111 |
+# <recordCount>7711241</recordCount> |
|
112 |
+# <publishingTime>2016-05-18T04:06:00</publishingTime> |
|
113 |
+# <installTime>2016-05-18T07:56:50</installTime> |
|
114 |
+# </root> |
|
115 |
+ |
|
116 |
+try: |
|
117 |
+ p = subprocess.Popen([options.klms_control_bin_path, '--get-avs-bases-info'], stdout=subprocess.PIPE, stderr=subprocess.PIPE) |
|
118 |
+ out, err = p.communicate() |
|
119 |
+ |
|
120 |
+ logging.debug('klms-control output : %s' % out) |
|
121 |
+ |
|
122 |
+ tree = etree.fromstring(out) |
|
123 |
+ |
|
124 |
+ avs_status=tree.findall('status')[0].text |
|
125 |
+ |
|
126 |
+ logging.debug('Anti-Virus bases status : %s' % avs_status) |
|
127 |
+except Exception, e: |
|
128 |
+ print "UNKNOWN - Failed to retreive or parse Anti-SPAM bases status : %s / %s" % (err,e) |
|
129 |
+ sys.exit(3) |
|
130 |
+ |
|
131 |
+logging.debug('Get Anti-Phishing bases status') |
|
132 |
+ |
|
133 |
+# Output example : |
|
134 |
+# <root> |
|
135 |
+# <status>UpToDate</status> |
|
136 |
+# <publishingTime>2016-05-17T13:55:41</publishingTime> |
|
137 |
+# <installTime>2016-05-18T11:26:18</installTime> |
|
138 |
+# </root> |
|
139 |
+try: |
|
140 |
+ p = subprocess.Popen([options.klms_control_bin_path, '--get-aph-bases-info'], stdout=subprocess.PIPE, stderr=subprocess.PIPE) |
|
141 |
+ out, err = p.communicate() |
|
142 |
+ |
|
143 |
+ logging.debug('klms-control output : %s' % out) |
|
144 |
+ |
|
145 |
+ tree = etree.fromstring(out) |
|
146 |
+ |
|
147 |
+ aph_status=tree.findall('status')[0].text |
|
148 |
+ |
|
149 |
+ logging.debug('Anti-Phishing bases status : %s' % aph_status) |
|
150 |
+except Exception, e: |
|
151 |
+ print "UNKNOWN - Failed to retreive or parse Anti-Phishing bases status : %s / %s" % (err,e) |
|
152 |
+ sys.exit(3) |
|
153 |
+ |
|
154 |
+logging.debug('Get License status') |
|
155 |
+ |
|
156 |
+# Output example : |
|
157 |
+# <root status="Active" expirationDays="372" functionalityLevel="full functionality" invalidReason="valid" activeLicenseSerial="1414-000400-2DF4ACA1" keyType="commercial"> |
|
158 |
+# <expirationDate day="25" month="5" year="2017" /> |
|
159 |
+# </root> |
|
160 |
+try: |
|
161 |
+ p = subprocess.Popen([options.klms_control_bin_path, '-l', '--query-status'], stdout=subprocess.PIPE, stderr=subprocess.PIPE) |
|
162 |
+ out, err = p.communicate() |
|
163 |
+ |
|
164 |
+ logging.debug('klms-control output : %s' % out) |
|
165 |
+ |
|
166 |
+ tree = etree.fromstring(out) |
|
167 |
+ |
|
168 |
+ expiration_days=int(tree.findall('.')[0].get('expirationDays')) |
|
169 |
+ |
|
170 |
+ logging.debug('License expiration day(s) : %s' % expiration_days) |
|
171 |
+except Exception, e: |
|
172 |
+ print "UNKNOWN - Failed to retreive or parse License status : %s / %s" % (err,e) |
|
173 |
+ sys.exit(3) |
|
174 |
+ |
|
175 |
+STATUS_TXT={ |
|
176 |
+ 0: 'OK', |
|
177 |
+ 1: 'WARNING', |
|
178 |
+ 2: 'CRITICAL', |
|
179 |
+ 3: 'UNKNOWN', |
|
180 |
+} |
|
181 |
+STATUS=0 |
|
182 |
+errors=[] |
|
183 |
+infos=[] |
|
184 |
+ |
|
185 |
+bases_status_ok=[] |
|
186 |
+if asp_status!='UpToDate': |
|
187 |
+ STATUS=2 |
|
188 |
+ errors.append('Anti-SPAM base is %s' % asp_status) |
|
189 |
+else: |
|
190 |
+ bases_status_ok.append('Anti-SPAM') |
|
191 |
+ |
|
192 |
+if avs_status!='UpToDate': |
|
193 |
+ STATUS=2 |
|
194 |
+ errors.append('Anti-Virus base is %s' % avs_status) |
|
195 |
+else: |
|
196 |
+ bases_status_ok.append('Anti-Virus') |
|
197 |
+ |
|
198 |
+if aph_status!='UpToDate': |
|
199 |
+ STATUS=2 |
|
200 |
+ errors.append('Anti-Phishing base is %s' % aph_status) |
|
201 |
+else: |
|
202 |
+ bases_status_ok.append('Anti-Phishing') |
|
203 |
+ |
|
204 |
+if len(bases_status_ok)>0: |
|
205 |
+ infos.append('%s bases uptodate' % '/'.join(bases_status_ok)) |
|
206 |
+ |
|
207 |
+LICENSE_STATUS=0 |
|
208 |
+if expiration_days < options.crit_expiration_days: |
|
209 |
+ LICENSE_STATUS=2 |
|
210 |
+ errors.append('License expire in %s days' % expiration_days) |
|
211 |
+elif expiration_days < options.crit_expiration_days: |
|
212 |
+ LICENSE_STATUS=1 |
|
213 |
+ |
|
214 |
+if LICENSE_STATUS!=0: |
|
215 |
+ errors.append('License expire in %s days' % expiration_days) |
|
216 |
+else: |
|
217 |
+ infos.append('License expire in %s days' % expiration_days) |
|
218 |
+ |
|
219 |
+MSG="" |
|
220 |
+if len(errors)>0: |
|
221 |
+ MSG+=', '.join(errors) |
|
222 |
+if len(infos)>0: |
|
223 |
+ MSG+=', '.join(infos) |
|
224 |
+ |
|
225 |
+print "%s - %s" % (STATUS_TXT[STATUS],MSG) |
|
226 |
+ |
|
227 |
+sys.exit(STATUS) |
|
0 | 228 |