#!/usr/bin/perl ############################################################################# # (c) 2001, 2003 Juniper Networks, Inc. # # (c) 2011 Sebastian "tokkee" Harl # # and team(ix) GmbH, Nuernberg, Germany # # # # This file is part of "team(ix) Monitoring Plugins" # # URL: http://oss.teamix.org/projects/monitoringplugins/ # # # # All rights reserved. # # Redistribution and use in source and binary forms, with or without # # modification, are permitted provided that the following conditions # # are met: # # 1. Redistributions of source code must retain the above copyright # # notice, this list of conditions and the following disclaimer. # # 2. Redistributions in binary form must reproduce the above copyright # # notice, this list of conditions and the following disclaimer in the # # documentation and/or other materials provided with the distribution. # # 3. The name of the copyright owner may not be used to endorse or # # promote products derived from this software without specific prior # # written permission. # # # # THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR # # IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED # # WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE # # DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, # # INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES # # (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR # # SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) # # HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, # # STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING # # IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE # # POSSIBILITY OF SUCH DAMAGE. # ############################################################################# use strict; use warnings; use utf8; use POSIX qw( :termios_h ); use Nagios::Plugin; use JUNOS::Device; binmode STDOUT, ":utf8"; my $valid_checks = "interfaces|chassis_environment"; # TODO: # * chassis_routing_engine: show chassis routing-engine (-> number and status) # # * storage: show system storage my $plugin = Nagios::Plugin->new( plugin => 'check_junos', shortname => 'check_junos', version => '0.1', url => 'http://oss.teamix.org/projects/monitoringplugins', blurb => 'Monitor Juniperâ„¢ Switches.', usage => "Usage: %s [-v|--verbose] [-H ] [-p ] [-t ] [-P "This nagios plugin is free software, and comes with ABSOLUTELY NO WARRANTY. It may be used, redistributed and/or modified under the terms of the 3-Clause BSD License (see http://opensource.org/licenses/BSD-3-Clause).", extra => " This plugin connects to a Juniperâ„¢ Switch device and checks various of its components. A check-tuple consists of the name of the check and, optionally, a \"target\" which more closely specifies which characteristics should be checked, and warning and critical thresholds: checkname[,target[,warning[,critical]]] The following checks are available: * interfaces: Status of interfaces. If a target is specified, only the specified interface is taken into account. If an aggregated interface is encountered, the physical interfaces will be checked as well. * chassis_environment: Check the status of verious system components (as provided by 'show chassis environment'). Warning and critical thresholds may be specified in the format documented at http://nagiosplug.sourceforge.net/developer-guidelines.html#THRESHOLDFORMAT.", ); # Predefined arguments (by Nagios::Plugin) my @predefined_args = qw( usage help version extra-opts timeout verbose ); my @args = ( { spec => 'host|H=s', usage => '-H, --host=HOSTNAME', desc => 'Hostname/IP of Juniper box to connect to', default => 'localhost', }, { spec => 'port|p=i', usage => '-p, --port=PORT', desc => 'Port to connect to', default => 22, }, { spec => 'user|U=s', usage => '-U, --user=USERNAME', desc => 'Username to log into box as', default => 'root', }, { spec => 'password|P=s', usage => '-P, --password=PASSWORD', desc => 'Password for login username', default => '', }, ); my %conf = (); my $junos = undef; foreach my $arg (@args) { add_arg($plugin, $arg); } $plugin->getopts; # Initialize this first, so it may be used right away. $conf{'verbose'} = $plugin->opts->verbose; foreach my $arg (@args) { my @c = get_conf($plugin, $arg); $conf{$c[0]} = $c[1]; } foreach my $arg (@predefined_args) { $conf{$arg} = $plugin->opts->$arg; } add_checks(\%conf, @ARGV); if (! $plugin->opts->password) { my $term = POSIX::Termios->new(); my $lflag; print "Password: "; $term->getattr(fileno(STDIN)); $lflag = $term->getlflag; $term->setlflag($lflag & ~POSIX::ECHO); $term->setattr(fileno(STDIN), TCSANOW); $conf{'password'} = ; chomp($conf{'password'}); $term->setlflag($lflag | POSIX::ECHO); print "\n"; } verbose(1, "Connecting to host $conf{'host'} as user $conf{'user'}."); $junos = JUNOS::Device->new( hostname => $conf{'host'}, login => $conf{'user'}, password => $conf{'password'}, access => 'ssh', 'ssh-compress' => 0); if (! ref $junos) { $plugin->die("ERROR: failed to connect to " . $conf{'host'} . "!"); } foreach my $check (@{$conf{'checks'}}) { my $code; my $value; my @targets = (); if (defined $check->{'target'}) { @targets = @{$check->{'target'}}; } $plugin->set_thresholds( warning => $check->{'warning'}, critical => $check->{'critical'}, ); if ($check->{'name'} eq 'interfaces') { my $opts = { with_description => 0, }; if (grep { m/^\@with_description$/; } @targets) { $opts->{'with_description'} = 1; @targets = grep { ! m/^\@with_description$/; } @targets; } my @interfaces = get_interfaces($junos, $opts, @targets);; my $down_count = 0; my @down_ifaces = (); my $phys_down_count = 0; my @phys_down_ifaces = (); my $have_lag_ifaces = 0; foreach my $iface (@interfaces) { my $name = get_iface_name($iface); my $status = check_interface($iface, $opts, @targets); if ($status == 0) { ++$down_count; push @down_ifaces, $name; } if ($status <= 0) { # disabled or down next; } if ($name !~ m/^ae/) { next; } $have_lag_ifaces = 1; my @markers = get_liface_marker(get_iface_first_logical($iface)); if (! @markers) { next; } foreach my $marker (@markers) { my $phy_name = get_iface_name($marker); $phy_name =~ s/\.\d+$//; verbose(3, "Quering physical interface '$phy_name' " . "for $name."); my @phy_interfaces = get_interfaces($junos, {}, $phy_name); foreach my $phy_iface (@phy_interfaces) { if (check_interface($phy_iface, {}, $phy_name) == 0) { ++$phys_down_count; push @phys_down_ifaces, "$name -> $phy_name"; } } } } if ($down_count > 0) { $plugin->add_message(CRITICAL, $down_count . " interfaces down (" . join(", ", @down_ifaces) . ")"); } if ($phys_down_count > 0) { $plugin->add_message(WARNING, $phys_down_count . " LAG member interfaces down (" . join(", ", @phys_down_ifaces) . ")"); } if ((! $down_count) && (! $phys_down_count)) { if (! scalar(@targets)) { $plugin->add_message(OK, "all interfaces up"); } else { $plugin->add_message(OK, "interface" . (scalar(@targets) == 1 ? " " : "s ") . join(", ", @targets) . " up" . ($have_lag_ifaces ? " (including all LAG member interfaces)" : "")); } } } elsif ($check->{'name'} eq 'chassis_environment') { # XXX #show chassis environment (see check_snmp_environment) } } my ($code, $msg) = $plugin->check_messages(join => ', '); $junos->disconnect(); $plugin->nagios_exit($code, $msg); sub send_query { my $device = shift; my $query = shift; my $queryargs = shift; my $res; my $err; verbose(3, "Sending query '$query' " . join(", ", map { "$_ => $queryargs->{$_}" } keys %$queryargs) . " to router."); if (ref $queryargs) { $res = $device->$query(%$queryargs); } else { $res = $device->$query(); } if (! ref $res) { return "ERROR: Failed to execute query '$query'"; } $err = $res->getFirstError(); if ($err) { return "ERROR: " . $err->{message}; } return $res; } sub check_interface { my $iface = shift; my $opts = shift || {}; my @targets = @_; my $name = get_iface_name($iface); my $admin_status = get_iface_admin_status($iface); if ($admin_status !~ m/^up$/) { if ((grep { $name =~ m/^$_$/; } @targets) || ($opts->{'with_description'} && get_iface_description($iface))) { $plugin->add_message(CRITICAL, "$name is not enabled"); return -1; } return 1; } if (get_iface_status($iface) !~ m/^up$/i) { return 0; } $plugin->add_perfdata( label => "'$name-input-bytes'", value => get_iface_traffic($iface, "input"), min => 0, max => undef, uom => 'B', threshold => undef, ); $plugin->add_perfdata( label => "'$name-output-bytes'", value => get_iface_traffic($iface, "output"), min => 0, max => undef, uom => 'B', threshold => undef, ); return 1; } sub get_interfaces { my $device = shift; my $opts = shift || {}; my @targets = @_; my @ifaces = (); my @ret = (); my $cmd = 'get_interface_information'; my $res; my $args = { detail => 1 }; if ((scalar(@targets) == 1) && (! $opts->{'with_description'})) { $args->{'interface_name'} = $targets[0]; } $res = send_query($device, $cmd, $args); if (! ref $res) { $plugin->die($res); } @ifaces = $res->getElementsByTagName('physical-interface'); @targets = map { s/\*/\.\*/g; s/\?/\./g; $_; } @targets; if (scalar(@targets)) { @ret = grep { my $i = $_; grep { get_iface_name($i) =~ m/^$_$/ } @targets; } @ifaces; } elsif (! $opts->{'with_description'}) { @ret = @ifaces; } if ($opts->{'with_description'}) { foreach my $iface (@ifaces) { my $name = get_iface_name($iface); if (get_iface_description($iface) && (! grep { m/^$name$/; } @targets)) { push @ret, $iface; } } } if ($conf{'verbose'} >= 3) { my @i = map { get_iface_name($_) . " => " . get_iface_status($_) } @ret; verbose(3, "Interfaces: " . join(", ", @i)); } return @ret; } sub get_obj_element { my $obj = shift; my $elem = shift; $elem = $obj->getElementsByTagName($elem); if ((! $elem) || (! $elem->item(0))) { return; } return $elem->item(0)->getFirstChild->getNodeValue; } sub get_iface_name { my $iface = shift; return get_obj_element($iface, 'name'); } sub get_iface_description { my $iface = shift; return get_obj_element($iface, 'description'); } sub get_iface_status { my $iface = shift; return get_obj_element($iface, 'oper-status'); } sub get_iface_admin_status { my $iface = shift; return get_obj_element($iface, 'admin-status'); } sub get_iface_traffic { my $iface = shift; my $type = shift; my $stats = get_obj_element($iface, 'traffic-statistics'); return get_obj_element($iface, "$type-bytes"); } sub get_iface_first_logical { my $iface = shift; return $iface->getElementsByTagName('logical-interface')->item(0); } sub get_liface_marker { my $liface = shift; my $lag_stats = $liface->getElementsByTagName('lag-traffic-statistics')->item(0); if (! $lag_stats) { print STDERR "Cannot get marker for non-LACP interfaces yet!\n"; return; } my @markers = $lag_stats->getElementsByTagName('lag-marker'); return @markers; } sub add_arg { my $plugin = shift; my $arg = shift; my $spec = $arg->{'spec'}; my $help = $arg->{'usage'}; if (defined $arg->{'desc'}) { my @desc; if (ref($arg->{'desc'})) { @desc = @{$arg->{'desc'}}; } else { @desc = ( $arg->{'desc'} ); } foreach my $d (@desc) { $help .= "\n $d"; } if (defined $arg->{'default'}) { $help .= " (default: $arg->{'default'})"; } } elsif (defined $arg->{'default'}) { $help .= "\n (default: $arg->{'default'})"; } $plugin->add_arg( spec => $spec, help => $help, ); } sub get_conf { my $plugin = shift; my $arg = shift; my ($name, undef) = split(m/\|/, $arg->{'spec'}); my $value = $plugin->opts->$name || $arg->{'default'}; if ($name eq 'password') { verbose(3, "conf: password => " . (($value eq '') ? '' : '')); } else { verbose(3, "conf: $name => $value"); } return ($name => $value); } sub add_single_check { my $conf = shift; my @check = split(m/,/, shift); my %c = (); if ($check[0] !~ m/\b(?:$valid_checks)\b/) { return "ERROR: invalid check '$check[0]'"; } $c{'name'} = $check[0]; $c{'target'} = undef; if (defined($check[1])) { $c{'target'} = [ split(m/\+/, $check[1]) ]; } $c{'warning'} = $check[2]; $c{'critical'} = $check[3]; # check for valid thresholds # set_threshold() will die if any threshold is not valid $plugin->set_thresholds( warning => $c{'warning'}, critical => $c{'critical'}, ) || $plugin->die("ERROR: Invalid thresholds: " . "warning => $c{'warning'}, critical => $c{'critical'}"); push @{$conf->{'checks'}}, \%c; } sub add_checks { my $conf = shift; my @checks = @_; my $err_str = "ERROR:"; if (scalar(@checks) == 0) { $conf->{'checks'}[0] = { name => 'chassis_environment', target => [], warning => undef, critical => undef, }; return 1; } $conf->{'checks'} = []; foreach my $check (@checks) { my $e; $e = add_single_check($conf, $check); if ($e =~ m/^ERROR: (.*)$/) { $err_str .= " $1,"; } } if ($err_str ne "ERROR:") { $err_str =~ s/,$//; $plugin->die($err_str); } } sub verbose { my $level = shift; my @msgs = @_; if ($level > $conf{'verbose'}) { return; } foreach my $msg (@msgs) { print "V$level: $msg\n"; } }