Hébergeur de fichiers indépendant

check net

À propos

Type de fichier
Fichier de 126 Ko (text/x-perl)
Fichier public, envoyé le 2 juillet 2015 à 09:57, depuis l'adresse IP 88.120.x.x (France)
Ne contient aucun Virus ou Malware connus - Dernière vérification: 3 jours
La présente page de téléchargement a été vue 607 fois depuis l'envoi du fichier
Page de téléchargement

Aperçu du fichier

#!/usr/bin/perl -w
# =============================== SUMMARY =====================================
# Program : check_netint.pl or check_snmp_netint.pl
# Version : 2.4 alpha 9
# Date    : Nov 30, 2012
# Maintainer: William Leibzon - william@leibzon.org,
# Authors : See "CONTRIBUTORS" documentation section
# Licence : GPL - summary below, full text at http://www.fsf.org/licenses/gpl.txt
#  ********************* IMPORTANT NOTE ABOUT THIS VERSION ********************
#  *** AT HTTP://william.leibzon.org/nagios/ or http://exchange.nagios.org/ ***
#  ****************************************************************************
# =========================== PROGRAM LICENSE =================================
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# GNU General Public License for more details.
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
# ===================== INFORMATION ABOUT THIS PLUGIN =========================
#  This is a plugin for nagios to check network interfaces (network ports)
#  on servers switches & routers. It is based on check_snmp_int.pl plugin
#  by Patrick Ploy with extensive rewrites for performance improvements
#  and additions to support Cisco and other switches (plugin can query and
#  cache cisco port names, port link data and switch STP status and more)
#  The plugin can use nagios-stored previous performance data to give port
#  traffic & utilization without creation of temporary files. This new 2.4
#  version supports checking interface on a local linux server without SNMP. 
# ======================  SETUP AND PLUGIN USE NOTES  =========================
# Help : ./check_snmp_netint.pl -h
#   above will tell you most you probalby need for this to make this plugin work
# Patrick's Site: http://nagios.manubulon.com/snmp_int.html
#   documentation reproduced below for options shared with check_snmp_int
# If you're using -P option to pass performance data back to plugin then
# you may (depending on version of nagios) also need to modify nagios.cfg
# and remove ' from illegal_macro_output_chars=`~$&|'"<> line, i.e. change to
#   illegal_macro_output_chars=`~$&|"<>
# ------------------------------------------------------------------------------
# Checks by snmp (v1, v2c or v3) host interface state and usage.
# Interfaces can be selected by regexp ('eth' will check eth0,eth1,eth2, ...).
# If multiple interfaces are selected, all must be up to get an OK result
# Standard checks:
#   The script will check interface operational status using the MIB-II table.
#   To see how interface looks like in snmp, you can list all with the '-v'.
#   The interfaces are selected by their description in the MIB-II table.
#   The interface is/are selected by the -n option. This option will be treated
#   as a regular expression (eth will match eth0,eth1,eth2...). You can disable
#   this with the -r option : the interface will be selected if it's description
#   exactly matches the name given by -n
#   The script will return OK if ALL interfaces selected are UP, or CRITICAL
#   if at least one interface is down. You can make the script return a OK
#   value when all interfaces are down (and CRITICAL when at least one is up)
#   with the -i option. You can make the same tests on administrative status
#   instead with the -a option. If you have ISDN interface, and want that
#   DORMANT state returns ok, put -D.
#   To make output shorter, specially when you have many interfaces, you can put
#   the -s option. It will get only the first <n> characters of the interface
#   description. If the number is negative then get the last <n> characters. 
#   Ex : EL20005 3Com Gigabit NIC (3C2000 Family)
#      -s 4 will output : "EL20".
#      -s -4 will output : "ily)".
# Performance output
#   -f option : performance output (default the In/out octet as a counter).
#   -e option : in/out errors and discarded packets. -f must also be set.
#   -S option : Include speed in performance output in bits/s as '<interface_name>_speed_bps'
#   -y option : output performance data in % of interface speed
#   -Y option : output performance data in bits/s or Bytes/s (depending on -B)
#   Note : -y and -Y options need the usage check to ba active (-k)
#   Warning : the counters needed by -e are not available on all devices
# Usage check
#   -k : activates the standard usage feature
#   -q : activates the extended usage
#   -d : delta in seconds (default is 300s)
#   -w : warning levels
#   -c : critical levels
#   If you specify '-k' a temporary file will be created in "/tmp" by default
#   (unless -P option is also used, see below). Directory and start of filename 
#   can be set with '-F' option with result file being like
#     tmp_Nagios_int.<host IP>.<Interface name>, one file per interface
#   If you do "-k -P \$SERVICEPERFDATA\$ -T \$LASTSERVICECHECK\$" then no file
#   is created and instead data from previous check is feed back into plugin.
#   The status UNKNOWN is returned when the script doesn't have enough
#   information (see -d option). You will have to specify the warning and
#   critical levels, separated with "," and you can use decimal (ex : 10.3).
#   For standard checks (no "-q") :
#     -w <In warn>,<Out warn> -c <In warn>,<Out warn>
#        In warn : warning level for incomming traffic
#        Out warn : warning level for outgoing traffic
#        In crit : critical level for incomming traffic
#        Out crit : critical level for outgoing traffic
#   Use 0 if you do not want to specify any warning or critical threshold
#   You can also use '-z' option which makes specifying -w and -c optional
#   but still allows to see all the values in status or use them for graphing
#   The unit for the check depends on the -B, -M and -G option :
#   	                B set    -B not set
#     ----------------+--------+-------------
#    -M & -G not set  |  Kbps  |   KBps
#    -M set           |  Mbps  |   MBps
#    -G set 	      |  Gbps  |   GBps
#   It is possible to put warning and critical levels with -b option.
#   0 means no warning or critical level checks
#   When the extended checks are activated (-q option), the warning levels are
#     -w <In bytes>,<Out bytes>,<In error>,<Out error>,<In disc>,<Out disc>
#     -c <In warn>,<Out warn>, .....
#        In error : warn/crit level in inboud error/minute
#        Out error : warn/crit level in outbound error/minute
#        In disc : warn/crit level in inboud discarded packets/minute
#        Out disc : warn/crit level in outbound discarded packets/minute
#  -d: delta time
#     You can put the delta time as an option : the "delta" is the prefered time
#     between two values that the script will use to calculate the average
#     Kbytes/s or error/min. The delta time should (not must) be bigger than
#     the check interval.
#     Here is an example : Check interval of 2 minutes and delta of 4min
#        T0 : value 1 : can't calculate usage
#        T0+2 : value 2 : can't calculate usage
#        T0+4 : value 3 : usage=(value3-value1)/((T0+4)-T0)
#        T0+6 : value 4 : usage=(value4-value2)/((T0+6)-T0+2)
#        (Yes I know TO+4-T0=4, it's just to explain..)
#     The script will allow 10% less of the delta and 300% more than delta
#     as a correct interval. For example, with a delta of 5 minutes, the
#     acceptable interval will be between 4'30" and 15 minutes.
# Msg size option (-o option)
#     In case you get a "ERROR: running table: Message size exceeded maxMsgSize"
#     error, you may need to adjust the maxMsgSize, i.e. the maximum size of
#     snmp message with the -o option. Try a value with -o AND the -v option, 
#     the script will output the actual value so you can add some octets to it
#     with the -o option.
# --label option
#     This option will put label before performance data value: 
#        Without : eth1:UP (10.3Kbps/4.4Kbps), eth0:UP (10.9Kbps/16.4Kbps):2 UP: OK
#        With : eth1:UP (in=14.4Kbps/out=6.2Kbps), eth0:UP (in=15.3Kbps/out=22.9Kbps):2 UP: OK
# Note: Do not rely on this option meaning same thing in the future, it may be
#       changed to specify label to put prior to plugin output with this
#       option changing to something else...
# ----------------------------------------------------------------------------- 
# Below is documentation for options & features unique to check_snmp_netint
# that were not part of check_snmp_int:
# I. Plugin execution time and performance and optimization options:
#   1. [default] By default this plugin will first read full
#      'ifindex description' table and from that determine which interfaces
#      are to be checked by doing regex with name(s) given at -n. It will
#      then issue several SNMP queries - one for operational or admin status
#      and 2nd one for "performance" data. If '--cisco' and '--stp' options
#      are given then several more queries are done to find mapping from
#      cisco ports to ifindex and separate mapping between ifindex and stp,
#      only then can queries be done for additional cisco & stp status data.
#   2. ['minimize_queries'] If you use '-m' ('--minimize_queries') option then
#      all queries for status data are done together but the original ifindex
#      snmp table is still read separately. By itself this brings about 30%
#      speed improvement
#   3. ['minimize_queries' and -P] When using '-f -m -P "$SERVICEPERFDATA$"'
#      as options, your nagios config performance data is feed back and
#      used as a placeholder to cache information on exactly which
#      interfaces need to be queried. So no aditional description table
#      lookup is necessary. Similarly data for '--cisco' and '--stp'
#      maps is also cached and reused. There is only one SNMP query done
#      together for all data OIDs (status & performance data) and 
#      for all interfaces; this query also includes query for specific
#      description OID (but not reading entire table) which is then
#      compared against cached result to make sure ifindex has not changed.
#      Once every 12 hours full check is done and description data is recached.
#      65% to 90% or more speed improvements are common with this option.
#   4. ['minimum_queries' and -P] Using '-f -mm -P "$SERVICEPERFDATA$"'
#      is almost the same as "-m" but here extra check that interface
#      description is still the same is not done and recaching is every
#      3 days instead of 12 hours. Additionally port speed data is also
#      cached and not checked every time. These provide marginal extra
#      plugin execution time impovements over '-m' (75%-100% improvement
#      over not doing -m) but is not safe for devices where port ifindex
#      may change (i.e. switches with removeable interface modules).
#      But in 99% of the cases it should be ok do to use this option.
# II. As mentioned previously when you want to see current traffic in/out &
#     utilization data (-k option) for interface this requires previous octet
#     count data to calculate average and so normally this requires temporary
#     file (see -F option). But when you feed nagios performance data back to
#     plugin as per above that means you already provide with at least one set
#     of previous data, so by also adding '-T $LASTSERVICECHECK$' (which is time
#     of last check when this data was cached) you can have this plugin report
#     current traffic in Mb (or kb, etc) without any temporary files.
#     As of version 2.1 its possible to also have short history as part of
#     performance data output  i.e. plugin will output not only the
#     most current data but also one or more sets of previous data.
#     Bandwidth calculations are then less "bursty". Total number of such
#     sets is controlled with '--pcount' option and by default is 2.
#     If you have only one interface checked with this plugin its probably
#     safe to increase this to 3 or 4, but larger values or more interfaces
#     are an issue unless you increased size of nagios buffer used to
#     store performance data. 
# III.For those of you with Cisco switches you may have noticed that they
#     do not provide appropriate port names at standard SNMP ifdescr table.
#     There are two options to help you:
#   1. If you set custom port names ('set port 1/xx name zzz") you can use
#      those names with "--cisco=use_portnames" option.
#   2. Another option is specify custom description table with
#       "-N"
#       and optionally display "set port name" as a comment. 
#   Its recommended you try both:
#       "-N --cisco=show_portnames" and
#       "-O --cisco=use_portnames"
#   and see which works best in your case 
#   Additionally when using "--cisco" option the plugin will attempt to
#   retrieve port status information from 3 cisco-specific tables (see below).
#   If any "unusual" status is listed there the output is provided back - this
#   can be useful to diagnose if you have faulty cable or if the equipment
#   on the other end is bad, etc. The tables retrieved are:
#    --cisco=oper	portOperStatus =
#    --cisco=linkfault  portLinkFaultStatus =
#    --cisco=addoper	portAdditionalOperStatus =
#    --cisco=noauto	special option - none of the above
#   You can mix-match more then one table (together with show_portnames) or not
#   specify at all (i.e. just '--cisco') in which case plugin will attempt to
#   retrieve data from all 3 tables first time (stop with '--cisco=noauto')
#   but if you use caching (-m) it will output and cache which table actually
#   had usable data and will not attempt to retrieve from tables that did
#   not exist on subsequent calls. 
# IV. Support is also provided to query STP (Spanning Tree Protocol) status
#     of the port. Although only tested with cisco switches, this is
#     standartized SNMP data and should be supported by few other vendors
#     so separate '--stp' option will work without '--cisco' option.
#     The plugin will report single WARNING alert if status changes so
#     be prepared for some alerts if your network is undergoing reorganization
#     due to some other switch getting unplugged. Otherwise STP status is also
#     very useful diagnostic data if you're looking as to why no traffic is
#     passing through particular interface...
# ============================ EXAMPLES =======================================
# First set of examples is from Patrick's site:
# check_snmp_netint using snmpv1:
#   define command{
#     command_name check_snmp_int_v1
#     command_line $USER1$/check_snmp_netint.pl -H $HOSTADDRESS$ $USER7$ -n $ARG1$ $ARG2$
#   }
# Checks FastEthernet 1 to 6 are up (snmpv1):
#   define service {
#     name check_int_1_6
#     check_command check_snmp_int_v1!"FastEthernet-[1-6]"
#   }
# Checks input bandwith on eth1 is < 100 KBytes/s and output is < 50 Kbytes/s
# (critical at 0,0 means no critical levels). (snmpv3):
#   define service {
#     name check_int_eth0_bdw
#     check_command check_snmp_int_v3!eth0!-k -w 100,50 -c 0,0
#   }
# ----------------------------------------------------------------
# Linux server with one or more eth? and one or more bond? interface:
#   define command {
#        command_name check_snmp_network_interface_linux
#        command_line $USER1$/check_snmp_int.pl -2 -f -e -C $USER6$ -H $HOSTADDRESS$
# -n $ARG1$ -w $ARG2$ -c $ARG3$ -d 200 -q -k -y -M -B 
#   }
#   define service{
#       use                             std-service
#       servicegroups                   snmp,netstatistics
#       hostgroup_name                  linux
#       service_description             Network Interfaces
#       check_command                   check_snmp_network_interface_linux!"eth|bond"!50,50,0,0,0,0!100,100,0,0,0,0
#   }
# Alteon switch - really funky device that does not like snmp v2 queries
# (so no -2) and no good interface names table. Therefore normal ifindex
# is used instead with index->names translation somewhat "guessed" manually
# with snmpwalk based on data (for those who want to know more, the first
# 255 ids are reserved for VLANs):
#   define command {
#       command_name check_snmp_network_interface_alteon
#       command_line $USER1$/check_snmp_netint.pl -f -C $USER5$ -H $HOSTADDRESS$
# -N -n $ARG1$ -w $ARG2$ -c $ARG3$ -d 200 -k -y 
#   }
#   define service{
#        use                             std-switch-service
#        servicegroups                   snmp,netstatistics
#        hostgroup_name                  alteon184
#        service_description             Alteon Gigabit Port 1
#        check_command                   check_snmp_network_interface_alteon!"257"!0,0!0,0
#   }
# Cisco CatOS switch (will work for 5500 and many others), full set of possible options is given: 
#   define command {
#      command_name check_snmp_network_interface_catos
#      command_line $USER1$/check_snmp_netint.pl -2 -f -C $USER5$
# -H $HOSTADDRESS$ -N --cisco=show_portnames --stp
# -n $ARG1$ -w $ARG2$ -c $ARG3$ -d 200 -e -q -k -y -M -B -mm
#   }
#   define service{
#       use                             std-switch-service
#       servicegroups                   snmp,netstatistics
#       hostgroup_name                  cs2948
#       service_description             GigabitEthernet2/1
#       check_command                   check_snmp_network_interface_catos!"2/1$"!0,0,0,0,0,0!0,0,0,0,0,0
#   }
# Cisco 2960 (IOS) switch (has only portOperStatus extended port state table):
#   define command {
#      command_name check_snmp_network_interface_cisco2960
#      command_line $USER1$/check_snmp_netint.pl -2 -f -C $USER5$
# -H $HOSTADDRESS$ --cisco=oper,show_portnames --stp -n $ARG1$ -w $ARG2$
# -c $ARG3$ -d $USER8$ -e -q -k -y -M -B -mm -P "$SERVICEPERFDATA$"
#   }
#   define service{
#       use                             std-switch-service
#       servicegroups                   snmp,netstatistics
#       hostgroup_name                  cs2960
#       service_description             GigabitEthernet0/1
#       check_command                   check_snmp_network_interface_cisco2960!"GigabitEthernet0/1$"!0,0,0,0,0,0!0,0,0,0,0,0
#   }
# Other ports on above switches are defined similarly as separate services - 
# you don't have to do it this way though, but all 48 ports is too much for
# one check to handle so if you have that many split checks into groups of
# no more then 12 ports
# ======================= VERSIONS and CHANGE HISTORY =========================
# [1.4] This plugin is based on (with now about 60% rewrite or new code)
#       release 1.4 (somewhere around May 2007) of the check_snmp_int
#       plugin by Patrick Ploy. This is info provided with 1.4 version:
#       ----------------------------------------------------------
#       Version : 1.4.1
#       Date : Jul 9 2006
#       Author  : Patrick Proy ( patrick at proy.org )
#       Help : http://www.manubulon.com/nagios/
#       Licence : GPL - http://www.fsf.org/licenses/gpl.txt
#       Contrib : J. Jungmann, S. Probst, R. Leroy, M. Berger
#       TODO :
#         Check isdn "dormant" state
#         Maybe put base directory for performance as an option
#       ----------------------------------------------------------
#  The first changes for performance improvements were started in around
#  October 2006 with code base at version 1.4.1 of Patrick's check_snmp_int
#  plugin. Patricks's latest code from about May 2007 was ported back into
#  code maintained by WL (exact 1.4.x version of this port is unclear).  
#  Those early performance improvement code changes are now invoked with
#  'minimize_queries' (but without -P) option and allow to do query
#  for status data for all ports together. Additionally -N option to
#  specify different port names table OID was added in 2006 as well.
#  Also -F option from above TODO was added too.
# [1.5] 06/01/07 - Main code changes by William to allow the plugin to reuse
#       its previous performance data (passed with $SERVICEPERFDATA$ macro).
#       The changes were extensive and allow to reuse this data in way similar
#       to maintaining history file and result in traffic rate (per Mb/Gb etc)
#       being reported in the output. Additionally of paramout importance was
#       saving list of ports to check (i.e. result of regex) which means that
#       port/interface names table do not need to be checked with SNMP every
#       time and instead specific ports OIDs can be retrieved with bulk request
#       (this is what results in up to 75% performance improvement). 
#       About 30-40% of the original code was rewritten for these changes and
#       '--minimize_queries' (or '-m') option added - back then it acted more
#       like '--minimum_queries' or '-mm' in 2.0 release
# [1.5.5] 07/15/07 - Code additions to support cisco-specific data given
#       with '--cisco' option. Support is both for using cisco port names
#       for regex matching of ports and for using different table for regex
#       matching but adding cisco port name as additional comment/description.
#       Also cisco-specific port status data (info on if cable is attached,
#       etc) are also retrieved & added as additional commentary to port
#       UP/DOWN status. Additional coding work on performance improvements
#       was also done somewhere between June and July 2007 which in part resulted
#       in separation of "--minimize_queries" and "--minimum_queries" options.
# [1.5.7] 07/22/07 - This is when code to support retrieval of STP data
#       and '--stp' option were added. Also some more code cleanup related
#       to 1.5.x to better support cisco switches.
#       A code from locally maintained but never released to public 1.5.7
#       branch was sent by William to Patrick sometime in early August 2007.
#       He briefly responded back that he'll look at it later but never
#       responded further and did not incorporate this code into his main
#       branch releasing newer version of 1.4.x. As a result since there is
#       public benefit in new code due to both performance and cisco-specific
#       improvements, this will now be released as new plugin 'check_snmp_netint"
#       with branch version startint at 2.0. The code will be maintained
#       by William unless Patrick wants to merge it into his branch later.
#       There is about 50% code differences (plugin header documentation you're
#       reading are not counted) between this release and check_snmp_int 1.4
#       which is where this plugin started from.
# [2.0] 12/20/07 - First public release as check_snmp_netint plugin. Primary
#       changes from 1.5.7 are the "header" with history and documentation
#       which are necessary for such public release, copyright notice changed
#       (W. Leibzon was listed only as contributor before), etc. 
# [2.1] 12/26/07 - Support for more then one set of previous data in
#       performance output to create short history for better bandwidth
#       check results. New option '--pcount' controls how many sets.
#       12/27/07 - Finally looked deeper into code that calculates bandwidth
#       and speed data and saw that it was really only using one result and
#       not some form or average. I rewrote that and it will now report back
#	average from multiple successful consequitive checks which should give
#       much smoother results. It also means that --pcount option will now
# 	be used to specify how many sets of data will be used for average
#	even if temporary file is used to store results.
#       01/08/08 - Bug fixes in new algorithm
# [2.15] 01/12/08 - Fixed so that port speed table is not retrieved unless
#       options -Y or -u or -S are given. Also fixed to make sure portpseed
#	performance variable is only reported when '-S' option is given
#	(however for caching speed data is also in 'cache_int_speed')
# [2.16] 02/03/08 - Bug fixed in how timestamp array is saved by new algorithm,
#       it would have resulted in only up to 2 previous data being used properly
#       even if > 2 are actually available
# [2.17] 04/02/08 - Bug fixes related to STP and Cisco port data extensions for
#        cases when no data is returned for some or all of the ports
# [2.18] 04/03/08 - Rewrite of cisco additional port status data extensions.
#        Now 3 tables: portOperStatus=
#		       portLinkFaultStatus =
#		       portAdditionalOperStatus = 
#	 are supported but user can specify as option to --cisco= which one
#        is to be retrieved. When its not specified the plugin defaults to
#	 "auto" mode (unless --cisco=noauto is used) and will try to retrieve
#	 data for all 3 tables, check which data is available and then
#	 cache these results and in the future only retrieve tables that
#	 returned some data. This behavior should work with all cisco switches
#	 and not only with cisco catos models. But be warned about bugs in
#        complex behavior such as this...
# [2.19] 04/06/08 - For STP port changes previous state is now reported in
#                   the output (instead of just saying STP changed)
# [2.20] 04/10/08 - Releasing 2.2 version as stable. No code changes but
#                   documentation above has been updated
# [2.201] 04/15/08 - Minor results text info issue (',' was not added before operstatus)
# [2.21] 06/10/08 - Minor fixes. Some documentation cleanup.
#		    Option -S extended to allow specifying expected interface
#		    speed with critical alert if speed is not what is specified
# [2.22] 10/20/08 - Added support for "-D" option (dormant state of ISDN)
# [2.23] 10/22/08 - Code fixes submitted or suggested by Bryan Leaman:
#                    - Fix to write data to new file, for those using file
#                      (instead of perfdata MACRO) for previous data
#                    - _out_bps fixes for those who want to use that directly
#                      for graphing instead of octet counter
#                    - New option '-Z' to have octet count in performance data
#                      instead of having this data by default (though this data
#                      is required and added automaticly with -P option)
# [2.3]  12/15/10 - Various small fixes. Plus a patch sent by Tristan Horn to better
#                   support minimum and maximum warning and critical thresholds
# [2.31] 01/10/11 - Bug fix when reporting in_prct/out_prct performance metric 
# [2.32] 12/22/11 - Fixes for bugs reported by Joe Trungale and Nicolas Parpandet
#		    Updates to check on existance of utils.pm and use but not require it
#		    Patch by Steve Hanselman that adds "-I" option:
#		      "I’ve attached a patch that adds an option to ignore interface status
# 		       (this is useful when you’re monitoring a switch with user devices
#		       attached that randomly power on and off but you still want
#		       performance stats and alerts on bandwidth when in use)."
# [2.34] 12/25/11 - Based on comments/requests on nagiosexchange, -z option has been added.
#		    This option makes specifying thresholds with -w and/or -c optional
#		    for those who want to use plugin primarily for data collection
#		    and graphing. This was (and still can be) accomplished before by
#		    specifying threshold value as 0 and then its not checked. Also the
#		    use of -w and -c is unnecessary if you do not use -k or -q options.
# [2.35] 04/19/12 - Added patch by Sébastien PRUD'HOMME which incorporates changes
#                   and bug fixes in revsions 1.23 and 1.19 of check_snmp_int (done
#                   after this plugin deverged from it) into this plugin as well.
#                   The changes add proper support for 64-bit counters when -g
#                   option is used and fix a bug when output is in % / perf in Bytes.
# [2.36] 06/15/12 - 1) Added fixes suggested in modified version of this plugin created
#		       by Yannick Charton to remove ^@ (NULL ?) and other not-ASCII
#		       characters at the end of the interface description. This allows
#		       to correctly match the network interface on some Windows servers.
#		    2) Extended '-v' (debug/verbose) option so that instead of writing
#		       to STDOUT people could specify a file to write debug output to.
#		    3) Using of quotewords() in prev_perf as suggested by Nicholas Scott
#		       allows to work with interfaces that have space in their name.
#		       Due to this plugin now require Text::ParseWords perl library.
#		    4) List of contributors created as a separate header section below.
# [2.4] alpha/beta  This version will support getting data from network interfaces on
#		    the local machine rather than just by SNMP. It will also support
#		    gettind data on average traffic (50-percentalile) and being able
#		    to specify threshold based on deviation from this average. There
#		    will be several alpha and beta versions before official 2.4 release.
# Specific info on each alpha/beta release will be removed in the future and only
# summary of below will appear in documentation on features and updated in 2.4 release
# 2.4a1 - 07/07/12 - Implemented in this release:
#		    1) The plugin has been renamed "check_netint" from "check_snmp_netint".
#		       It can now check interfaces on a local Linux system and in the
#		       future FreeBSD, Sun and other systems maybe supported too.
#		       Checking of local interfaces happens if you do not specify -H and
#		       snmp (-O, -C, etc) options and if plugin name does not start with
#		       "check_snmp". For local interfaces options like --stp and --cisco
#		       are not valid, and optimization options -m and -mm also do not
#		       work same way since plugin will always get all data locally.
#		    2) The plugin no longer requires -n (interface name) option
#		       though it is still recommended you use it. When interface
#		       name is not specified, all interfaces will be checked.
#		    3) If with -F option directory is given instead of a file this
#		       will become base directory to write temporary file to.
#		    4) Many doc and code fixes and cleanups all over
# 2.4a2 - 08/15/12 - Fixed bug with cache of previous data for SNMP queries that came
#		     around due to change in logic and introduction of non-SNMP.
#		     Added experimental support for future Nagios SAVEDDATA feature
#		     (plugin output after || after perfdata) enabled with --nagios_with_saveddata
# 2.4a3 - 09/13/12 - Patch/contrib by Franky Van Liedekerke:
#		     1) Added option --admindown_ok: when checking for operational UP
#                       interfaces, the interfaces that are administratively down are OK
#                    2) The '-z' option now also prevents tmp files of being written
#                       and removes the 'no usable data' warning because of missing perf data
# 2.4a4 - 09/28/12 - Additional patch by FVL for --admindown_ok. Option also got -K one-letter alias.
#		     Also added determining interface speed on linux with ethtool and iwconfig..
# 2.4a5 - 10/10/12 - Interface speed can now be specified with -S/--intspeed option for use when
#                    plugin can not find speed by itsef or when what it finds is wrong. Previously
#		     this option was used to warn if speed is not what is expected, To do this now
#                    requires using prefix WARNING<> or CRITICAL<> before actual speed which is
#		     an incompatible change to preious format of this option.
# 2.4a6 - 11/17/12 - Changed ok interval from 0.9*delta - 3*delta to 0.75*delta - 4*delta.
#		     Fixed bug that would not output interface speed percent data in
#                    perf unless both -y and -u were used together. This bug was introduced
#		     somewhere around 2.2 and apparently 2.31 did not entirely fix it
# 2.4a7 - 11/18/12 - Added support for SNMP bulk requests and --bulk_snmp_queries option
# 2.4a8 - 11/21/12 - Another major code refactoring work to separate snmp-specific query
#                    code into its own function (as well as new ifconfig processing
#                    for linux local checks into its own function).
# 2.4a9 - 11/30/12 - prev_perf() function added in place of directly accessing prev_perf hash
#		     message size is reset to 5 times the default with --bulk_snmp_queries
# ============================ LIST OF CONTRIBUTORS ===============================
# The following individuals have contributed code, patches, bug fixes and ideas to
# this plugin (listed in last-name alphabetical order):
#    M. Berger
#    Yannick Charton
#    Steve Hanselman
#    Tristan Horn
#    J. Jungmann
#    Bryan Leaman
#    William Leibzon
#    R. Leroy
#    S. Probst
#    Patrick Proy
#    Sébastien PRUD'HOMME
#    Nicholas Scott
#    Franky Van Liedekerke
# Open source community is grateful for all your contributions.
# ============================ START OF PROGRAM CODE =============================

use strict;
use Getopt::Long;
use Text::ParseWords;

# Nagios specific
use lib "/usr/local/nagios/libexec";
our %ERRORS;
eval 'use utils qw(%ERRORS $TIMEOUT)';
if ($@) {
 $TIMEOUT = 10;

our $do_snmp=1;
eval 'use Net::SNMP';
if ($@) {

# Version 
my $Version='2.4';

############### BASE DIRECTORY FOR TEMP FILE (override this with -F) ########
my $o_base_dir="/tmp/tmp_Nagios_int.";
my $file_history=200;   # number of lines of data to keep in file

# SNMP OID Datas
my $inter_table= '.';
my $index_table = '';
my $descr_table = '';
my $oper_table = '';
my $admin_table = '';
my $speed_table = '';
my $speed_table_64 = '';
my $in_octet_table = '';
my $in_octet_table_64 = '';
my $in_error_table = '';
my $in_discard_table = '';
my $out_octet_table = '';
my $out_octet_table_64 = '';
my $out_error_table = '';
my $out_discard_table = '';

# WL: I reversed hash array meaning so that human-redable name can be used to assign status instead
#     of numeric value. Second array is used for reversing it back when doing status line output
my %status=('UP'=>1,'DOWN'=>2,'TESTING'=>3,'UNKNOWN'=>4,'DORMANT'=>5,'NotPresent'=>6,'lowerLayerDown'=>7);
my %status_print=(1=>'UP',2=>'DOWN',3=>'TESTING',4=>'UNKNOWN',5=>'DORMANT',6=>'NotPresent',7=>'lowerLayerDown');

# WL: These are in use for Cisco CATOS special hacks, enable use with "--cisco"
my $cisco_port_name_table='';     # table of port names (the ones you set with 'set port name')
my $cisco_port_ifindex_map='';   # map from cisco port table to normal SNMP ifindex table
my $cisco_port_linkfaultstatus_table=''; # see table below for possible codes
my $cisco_port_operstatus_table='' ;;   # see table below for possible values
my $cisco_port_addoperstatus_table=''; # see table below for possible codes
# codes are as of July 2007 (just in case cisco updates MIB and somebody is working with this plugin later)
my %cisco_port_linkfaultstatus=(1=>'UP',2=>'nearEndFault',3=>'nearEndConfigFail',4=>'farEndDisable',5=>'farEndFault',6=>'farEndConfigFail',7=>'otherFailure');
my %cisco_port_operstatus=(0=>'operstatus:unknown',1=>'operstatus:other',2=>'operstatus:ok',3=>'operstatus:minorFault',4=>'operstatus:majorFault');
my %cisco_port_addoperstatus=(0=>'other',1=>'connected',2=>'standby',3=>'faulty',4=>'notConnected',5=>'inactive',6=>'shutdown',7=>'dripDis',8=>'disable',9=>'monitor',10=>'errdisable',11=>'linkFaulty',12=>'onHook',13=>'offHook',14=>'reflector');

# STP Information (only tested with Cisco but should work with other vendor switches too)
my $stp_dot1dbase_ifindex_map='';	   # map from dot1base port table to SNMP ifindex table
my $stp_dot1dbase_portstate='';	   # stp port states
my %stp_portstate=('0'=>'unknown',1=>'disabled',2=>'blocking',3=>'listening',4=>'learning',5=>'forwarding',6=>'broken');
my %stp_portstate_reverse=(); # becomes reverse of above, i.e. 'disabled'=>1, etc

# Standard options
my $o_host = 		undef; 	# hostname
my $o_timeout=  	undef;  # Timeout (Default 10) 
my $o_descr = 		undef; 	# description filter
my $o_help=		undef; 	# wan't some help ?
my $o_admin=		undef;	# admin status instead of oper
my $o_inverse=  	undef;	# Critical when up
my $o_ignorestatus=     undef;  # Ignore interface NAK status, always report OK
my $o_dormant=        	undef;  # Dormant state is OK
my $o_verb=		undef;	# verbose mode/debug file name
my $o_version=		undef;	# print version
my $o_noreg=		undef;	# Do not use Regexp for name
my $o_short=		undef;	# set maximum of n chars to be displayed
my $o_label=		undef;	# add label before speed (in, out, etc...).
my $o_admindown_ok=	undef;  # admin down is ok (usefull when checking operational status)

# Speed/error checks
my $o_warn_opt=         undef;  # warning options
my $o_crit_opt=         undef;  # critical options
my @o_warn_min=         undef;  # warning levels of perfcheck
my @o_warn_max=         undef;  # warning levels of perfcheck
my @o_crit_min=         undef;  # critical levels of perfcheck
my @o_crit_max=         undef;  # critical levels of perfcheck
my $o_checkperf=	undef;	# checks in/out/err/disc values
my $o_delta=		300;	# delta of time of perfcheck (default 5min)
my $o_ext_checkperf=	undef;  # extended perf checks (+error+discard) 
my $o_highperf=         undef;  # Use 64 bits counters
my $o_meg=              undef;  # output in MBytes or Mbits (-M)
my $o_gig=              undef;  # output in GBytes or Gbits (-G)
my $o_prct=             undef;  # output in % of max speed  (-u)
my $o_kbits=	        undef;	# Warn and critical in Kbits instead of KBytes
my $o_zerothresholds=	undef;  # If warn/crit are not specified, assume its 0

# Average Traffic Calculation Options (new option for upcoming 2.4 beta)
my $o_timeavg_opt=	undef;  # New option that allows to keep track of average traffic
				# (50 percentile) over longer period and to set
				# threshold based on deviation from this average
my $o_atime_nchecks_opt= undef;	# Minimum number of samples for threshold to take affect
				# (2 numbers: one fo take affect in addition to regular
			        #  threshold, 2nd number is to take

# Performance data options
my $o_perf=             undef;  # Output performance data
my $o_perfe=            undef;  # Output discard/error also in perf data
my $o_perfp=            undef;  # output performance data in % of max speed (-y)
my $o_perfr=            undef;  # output performance data in bits/s or Bytes/s (-Y)
my $o_perfo=            undef;  # output performance data in octets (-Z)
my $o_intspeed=         undef;  # include speed in performance output (-S), specify speed

# WL: These are for previous performance data that nagios can send data to the plugin
# with $SERVICEPERFDATA$ macro (and $SERVICESAVEDDATA$ for future naios versions).
# This allows to calculate traffic without temporary file and also used to cache
# SNMP table info so as not to retreive it every time 
my $o_prevperf=		undef;	# performance data given with $SERVICEPERFDATA$ macro
my $o_prevtime=         undef;  # previous time plugin was run $LASTSERVICECHECK$ macro
my @o_minsnmp=		();     # see below
my $o_minsnmp=		undef;	# minimize number of snmp queries
my $o_maxminsnmp=	undef;  # minimize number of snmp queries even futher (slightly less safe in case of switch config changes)
my $o_bulksnmp=		undef;	# do snmp bulk request
my $o_filestore=        "";  # path of the file to store cached data in - overrides $o_base_dir
my $o_pcount=		2;	# how many sets of previous data should be in performance data
my $o_nagios_saveddata=	undef;	# enabled SAVEDDATA special output after ||

# These are unrelated WL's contribs to override default description OID and for stp and cisco m[a|y]stery
my $o_descroid=         undef;  # description oid, overrides $descr_table
my $o_commentoid=	undef;  # comment text oid, kind-of like additional label text
my $o_ciscocat=		undef;	# enable special cisco catos hacks
my %o_cisco=		();	# cisco options
my $o_stp=		undef;	# stp support option

# Login and other options specific to SNMP
my $o_port =		161;    # SNMP port
my $o_octetlength=	undef;	# SNMP Message size parameter (Makina Corpus contrib)
my $o_community =	undef; 	# community
my $o_version2	=	undef;	# use snmp v2c
my $o_login=		undef;	# Login for snmpv3
my $o_passwd=		undef;	# Pass for snmpv3
my $v3protocols=	undef;	# V3 protocol list.
my $o_authproto=	'md5';	# Auth protocol
my $o_privproto=	'des';	# Priv protocol
my $o_privpass= 	undef;	# priv password

# Readable names for counters (M. Berger contrib)
my @countername = ( "in=" , "out=" , "errors-in=" , "errors-out=" , "discard-in=" , "discard-out=" );
my $checkperf_out_desc;

## Additional global variables
my %prev_perf_data=();  # array that is populated with previous performance data
my @prev_time=	();     # timestamps if more then one set of previois performance data
my $perfcache_time=undef;  # time when data was cached
my $perfcache_recache_trigger=43200;  # How many seconds to use cached data for (default 12 hours for -m)
my $perfcache_recache_max=259200; # and 3 days for -mm (minmize most)
my $timenow=time(); 	# This used to be defined later but easier if moved to the top
my $stp_warntime=900;	# Warn in case of change in STP state in last 15 minutes
my $check_speed=0;      # If '-Y', '-u' or '-S' options are given this is set to 1
my $specified_speed=0;	# if -S has interface speed specified, this is set to speed specified there
my $speed_alert=undef; 	# if -S has alert specified, this is alert to issue if interface speed is not what is expected
my $shell_pid=undef;	# defined only if run locally
my $snmp_session_v=0;   # if no snmp session, its 0, otherwise 1 2 or 3 depending on version of SNMP session opened
my $num_int = 0;	# number of interfaces that have matched
my @interfaces=();	# main array for interfaces data
# separated arrays that existed before that were replaced by above common array of structure/hash
# my @descr = (); --> $descr[$i] is now $interfaces[$i]{'descr'}
# my @portspeed=(); --> $portspeed[$i] is now $interfaces[$i]{'portspeed'}
my $perf_out='';	# performance data accumulator
my $saved_out='';	# saved data accumulator (added to perf)

# Functions
sub read_file { 
	# Input : File, items_number
	# Returns : array of value : [line][item] 
  my ($traffic_file,$items_number)=@_;
  my ($ligne,$n_rows)=(undef,0);  
  my (@last_values,@file_values,$i);
  open(FILE,"<".$traffic_file) || return (1,0,0); 
  while($ligne = <FILE>)
    @file_values = split(":",$ligne);
    if ($#file_values >= ($items_number-1)) { 
	# check if there is enough data, else ignore line
      for ( $i=0 ; $i< $items_number ; $i++ ) {$last_values[$n_rows][$i]=$file_values[$i];}
  close FILE;
  if ($n_rows != 0) { 
    return (0,$n_rows,@last_values);
  } else {
    return (1,0,0);

sub write_file { 
  # Input : file , rows, items, array of value : [line][item]
  # Returns : 0 / OK, 1 / error
  my ($file_out,$rows,$item,@file_values)=@_;
  my $start_line= ($rows > $file_history) ? $rows -  $file_history : 0;
  if ( open(FILE2,">".$file_out) ) {
    for (my $i=$start_line;$i<$rows;$i++) {
      for (my $j=0;$j<$item;$j++) {
	print FILE2 $file_values[$i][$j];
	if ($j != ($item -1)) { print FILE2 ":" };
      print FILE2 "\n";
    close FILE2;
    return 0;
  } else {
    return 1;

sub p_version { print "check_snmp_netint version : $Version\n"; }

sub print_usage {
    print "Usage: $0 [-v [debugfilename]] -H <host> (-C <snmp_community> [-2]) | (-l login -x passwd [-X pass -L <authp>,<privp>)  [-p <port>] [-N <desc table oid>] -n <name in desc_oid> [-O <comments table OID>] [-I] [-i | -a | -D | -K] [-r] [-f[eSyYZ] [-P <previous perf data from nagios \$SERVICEPERFDATA\$>] [-T <previous time from nagios \$LASTSERVICECHECK\$>] [--pcount=<hist size in perf>]] [-k[qBMGu] [-S [intspeed]] -g [-w<warn levels> -c<crit levels> [-z]| -z] -d<delta>] [-o <octet_length>] [-m|-mm] [-t <timeout>] [-s] [--label] [--cisco=[oper,][addoper,][linkfault,][use_portnames|show_portnames]] [--stp[=<expected stp state>]] [-V]\n";

sub isnnum { # Return true if arg is not a number
  my $num = shift;
  if ( $num =~ /^(\d+\.?\d*)|(^\.\d+)$/ ) { return 0 ;}
  return 1;

sub ascii_to_hex { # Convert each ASCII character to a two-digit hex number [WL]
  (my $str = shift) =~ s/(.|\n)/sprintf("%02lx", ord $1)/eg;
  return $str;

sub help {
   print "\nNetwork Interfaces Monitor Plugin for Nagios (check_netint/check_snmp_netint) v. ",$Version,"\n";
   print "GPL 2.0 or 3.0 licence, (c)2004-2007 Patrick Proy, (c)2007-2012 William Leibzon\n";
   print "Please see documentation for a full list of authors and contributors\n\n";
   print <<EOT;

-h, --help
   print this help message
-V, --version
   prints plugin version number (required of all nagios plugins)
-t, --timeout=INTEGER
   timeout in seconds (Default: 5). if SNMP this is timeout for SNMP response
-v, --verbose[=FILENAME], --debug=FILENAME
   Print extra debugging information (including interface list on the system)
   If filename is specified instead of STDOUT the debug data is written to that file

Interface Selection and Status Output options:

-n, --name=NAME
   Name of the interface (eth0, ppp0 ...).
   This is treated as a regexp : -n eth will match eth0,eth1,...
   Test it before, because there are known bugs (ex : trailling /)
-r, --noregexp
   Do not use regexp to match NAME
-i, --inverse
   Return status CRITICAL when UP instead
-a, --admin
   Use administrative status instead of default operational
-D, --dormant
   Dormant state is an OK state (mainly for ISDN interfaces)
-I, --ignorestatus
   Ignore the interface status and return OK regardless
-s, --short=int
   Make the output shorter : only the first <n> chars of the interface(s)
   If the number is negative, then get the <n> LAST characters.
-K, --admindown_ok
   Indicate that administrative down status is OK for operational
   interfaces that are down

Note : when multiple interfaces are selected with regexp,
       all must be up (or down with -i) to get an OK result.

Threshold Checks and Performance Data options:

-f, --perfparse
   Perfparse compatible output (no output when interface is down).
-e, --error
   Add error & discard to Perfparse output
-S, --intspeed[=[OK|WARNING|CRITICAL<>]1000000Kb|100000000Kb|100000000Kb|10Mb|100Mb|1000Mb]
   If -S is used by itself, this adds speed in performance output in bits/s.
   This option also allows to specify speed of the interface if it can not be found by plugin
   or if what plugin determined is wrong. Be carefull, if you're checking multiple interfaces,
   this will override and set speed for all of them. Additionally if you prefix speed with
   WARNING<> or CRITICAL<> the alert will be issued if speed is not what is expected.
      IMPORTANT: Prior to version 2.4 of this plugin if you specified speed after --intspeed=
                 then instead of overriding it would issue a critical alert if speed is not
                 the same (CRITICAL<> behavior). You must specify alert type before speed now.
-y, --perfprct ; -Y, --perfspeed ; -Z, --perfoctet
   -y : output performance data in % of max speed 
   -Y : output performance data in bits/s or Bytes/s (depending on -B)
   -Z : output performance data in octets i.e. bytes (always so with -P)
-k, --perfcheck ; -q, --extperfcheck 
   -k check the input/ouput bandwidth of the interface
   -q also check the error and discard input/output
   Add label before speed in output : in=, out=, errors-out=, etc...
-B, --kbits
   Make the warning and critical levels in K|M|G Bits/s instead of K|M|G Bytes/s
-G, --giga ; -M, --mega ; -u, --prct
   -G : Make the warning and critical levels in Gbps (with -B) or GBps
   -M : Make the warning and critical levels in Mbps (with -B) or MBps
   -u : Make the warning and critical levels in % of reported interface speed.
-w, --warning=input,output[,error in,error out,discard in,discard out]
   warning level for input / output bandwidth (0 for no warning)
     unit depends on B,M,G,u options
   warning for error & discard input / output in error/min (need -q)
-c, --critical=input,output[,error in,error out,discard in,discard out]
   critical level for input / output bandwidth (0 for no critical)
     unit depends on B,M,G,u options
   critical for error & discard input / output in error/min (need -q)
-z, --zerothresholds
   if warning and/or critical thresholds are not specified, assume they are 0
   i.e. do not check thresholds, but still give input/ouput bandwidth for graphing
   This option also prevents tmp files of being writtena.

Options for saving results of previous checks to calculate Traffic & Utilization:

-P, --prev_perfdata
   Previous performance data (normally put '-P \$SERVICEPERFDATA\$' in nagios
   command definition). This is used in place of temporary file that otherwise
   could be needed when you want to calculate utilization of the interface
   Also used to cache data about which OIDs to lookup instead of having
   to check interface names table each time.
-T, --prev_checktime
   This is used with -P and is a previous time plugin data was obtained,
   use it as '-T \$LASTSERVICECHECK\$'. This is now optional as plugin
   will also save time as part of performance variables and get it with -P
   Default: 2
   How many sets of previus data to keep as performance data. By keeping
   at least couple sets allows for more realistic and less 'bursty' results
   but nagios has buffer limits so very large output of performance data
   would not be kept.
-d, --delta=seconds
   Default: 300 seconds = 5 minutes
   Expected time between checks in seconds. Used for making sure traffic
   can be calculated properly. If plugin receives is run more often than
   0.75 of specified value, it'll not use results but keep previous data
   for later check. If it is run and receives results more than 4 times
   later then this value, it'll discard all previous performance data
   and start calculation again next time it is run.
-F, --filestore[=<filename>|<directory>]
   When you use -P option that causes plugin to use previous performance data 
   that is passed as an argument to plugin to calculate in/out bandwidth
   instead of storing data in temporary file. This option is an alternative
   to -P and causes results of previous check to be saved in a file.
   If this option has a parameter and it is a directory, then temporary 
   file will be saved in this directory, otherwise /tmp is used.
   If parameter is a filename then it is used as a first part in
   how temporary file is named.
   Enables experimental support for future Nagios SAVEDATA (output after ||)
   where cached data for next plugin use goes to special buffer and not PERFDATA

SNMP Authentication options and options valid only with SNMP:

-H, --hostname=HOST
   name or IP address of host to check
-C, --community=COMMUNITY NAME
   community name for the SNMP agent (used with v1 or v2c protocols)
-2, --v2c
   use snmp v2c (can not be used with -l, -x)
-l, --login=LOGIN ; -x, --passwd=PASSWD
   Login and auth password for snmpv3 authentication 
   If no priv password exists, implies AuthNoPriv 
-X, --privpass=PASSWD
   Priv password for snmpv3 (AuthPriv protocol)
-L, --protocols=<authproto>,<privproto>
   <authproto> : Authentication protocol (md5|sha : default md5)
   <privproto> : Priv protocols (des|aes : default des) 
-p, --port=PORT
   SNMP port (Default 161)
-o, --octetlength=INTEGER
   Max-size of the SNMP message. Usefull in case of too long responses.
   Be carefull with network filters. Range 484 - 65535, default are
   usually 1472,1452,1460 or 1440.     
-N, --descrname_oid=OID
   SNMP OID of the description table (optional for non-standard equipment)
-O, --optionaltext_oid=OID
   SNMP OID for additional optional commentary text name for each interface
   This is added into output as interface "label" (but it is not matched on).
-g, --64bits
   Use 64 bits counters instead of the standard counters when checking
   bandwidth & performance data for interface >= 1Gbps.
   You must use snmp v2c or v3 to get 64 bits counters.
-m, --minimize_queries | -mm, --minimum_queries 
   Optimization options to minimize number of SNMP queries. 
   This is done by saving table ids in performance data (see -P above) and doing
   all SNMP checks together. When "-mm" or "--minimum_queries" option is used
   the number of queries is even smaller but there are no checks done to make
   sure ifindex description is still the same (not safe only if you add vlans)
   Enables using GET_BULK_REQUEST (SNMP v2 and v3 only) to get data
   While this may work and be faster on some systems, it fails on others 
   This enables special cisco snmp additions which:
   1) Provide extra detail on operational and fault status for physical ports.
      There are 3 tables that are available: 'operStatus','AdditionalOperStatus',
      'LinkFaultStatus' (some switches have one, some may have all 3), if you do
      not specify an attempt will be made for all tables but if caching is used

Partager le fichier

Télécharger check_net

Télécharger check_net