bogdan/zira-etc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Initial commit.

Browse Source
This commit is contained in:
Bogdan Stoica
2021-05-24 22:18:33 +03:00
commit e2954d55f4
3701 changed files with 330017 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

849
snmp/bind Executable file
View File

@@ -0,0 +1,849 @@
#!/usr/bin/env perl
#Copyright (c) 2017, Zane C. Bowers-Hadley
#All rights reserved.
#
#Redistribution and use in source and binary forms, with or without modification,
#are permitted provided that the following conditions are met:
#
# * Redistributions of source code must retain the above copyright notice,
# this list of conditions and the following disclaimer.
# * Redistributions in binary form must reproduce the above copyright notice,
# this list of conditions and the following disclaimer in the documentation
# and/or other materials provided with the distribution.
#
#THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
#ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
#WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
#IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
#INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING,
#BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
#DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
#LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
#OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF
#THE POSSIBILITY OF SUCH DAMAGE.
=for comment
Add this to snmpd.conf as below and restart it.
extend bind /etc/snmp/bind
You may also need to create the config file, which defaults to the same path as the script,
but with .config appended. So if the script is located at /etc/snmp/bind, the config file
will be /etc/snmp/bind.config. Alternatively you can also specific a config via -c.
Anything starting with a # is comment. The format for variables is $variable=$value. Empty
lines are ignored. Spaces and tabes at either the start or end of a line are ignored.
The variables are as below.
rndc = The path to rndc. Default: /usr/bin/env rndc
call_rndc = A 0/1 boolean on weather to call rndc stats. Suggest to set to 0 if using netdata. Default: 1
stats_file = The path to the named stats file. Default: /var/run/named/stats
agent = A 0/1 boolean for if this is being used as a LibreNMS agent or not. Default: 0
zero_stats = A 0/1 boolean for if the stats file should be zeroed first. Default: 0 (1 if guessed)
If you want to guess at the configuration, call it with -g and it will print out what it thinks
it should be.
=cut
##
## You should not need to touch anything below here.
##
my $call_rndc=1;
my $rndc='/usr/bin/env rndc';
my $stats_file='/var/run/named/stats';
my $zero_stats=0;
my $agent=0;
my $missing=0;
use strict;
use warnings;
use File::ReadBackwards;
use Getopt::Std;
$Getopt::Std::STANDARD_HELP_VERSION = 1;
sub main::VERSION_MESSAGE {
print "BIND named stats extend 0.0.0\n";
};
sub main::HELP_MESSAGE {
print "\n".
"-c <config> The config file to use.\n".
"-m print any unknowns and exit\n".
"-g Guess at the config and print it to STDOUT.\n";
}
#gets the options
my %opts=();
getopts('gmc:', \%opts);
# guess if asked
if ( defined( $opts{g} ) ){
#get what path to use for rndc
$rndc=`which rndc`;
chomp($rndc);
if ( $? != 0 ){
warn("'which rndc' failed with a exit code of $?");
exit 1;
}else{
$rndc="# This is the path to rndc.\n".
'rndc='.$rndc."\n";
}
#make a basic guess at the stats file
if ( -f $stats_file ){
# a more sane location
$stats_file="# This is the the path to the named stats file.\n".
'stats_file='.$stats_file."\n";
}elsif( -f '/etc/bind/named.stats' ){
# this is if the person using the old suggested config in the LibreNMS docs
$stats_file="# This is the the path to the named stats file.\n".
"stats_file=/etc/bind/named.stats\n";
}else{
#we find it
$stats_file="# This is the the path to the named stats file.\n".
"# Please make sure this has been set to the value of statistics-file in named.conf.\n".
"stats_file=?\n";
}
if ( $0 =~ /agent/ ){
$agent='agent=1';
}else{
$agent='agent=0';
}
print "# The default config file is... ".$0.".config\n".
$rndc.
$stats_file.
"# This is a 0/1 boolean for if rndc should be called.\n".
"# If you are using netdata, you most likely want to set this to 0.\n".
"call_rndc=1\n".
"# This is a 0/1 boolean for this is being used as a LibreNMS agent.\n".
$agent."\n".
"# This is a 0/1 boolean for if the stats file should be zeroed before calling rndc stats.\n".
"zero_stats=1\n";
exit 0;
}
#get which config file to use
my $config=$0.'.config';
if ( defined( $opts{c} ) ){
$config=$opts{c};
}
#reads the config file
my $config_file='';
if ( -f $config ){
open(my $readfh, "<", $config) or die "Can't open '".$config."'";
read($readfh , $config_file , 1000000);
close($readfh);
#parse the config file and remove comments and empty lines
my @configA=split(/\n/, $config_file);
@configA=grep(!/^$/, @configA);
@configA=grep(!/^\#/, @configA);
@configA=grep(!/^[\s\t]*$/, @configA);
my $configA_int=0;
while ( defined( $configA[$configA_int] ) ){
my $line=$configA[$configA_int];
$line=~s/^[\t\s]+//;
$line=~s/[\t\s]+$//;
my ( $var, $val )=split(/=/, $line, 2);
if ( $var eq 'call_rndc' ){
$call_rndc=$val;
}
if ( $var eq 'rndc' ){
$rndc=$val;
}
if ( $var eq 'stats_file' ){
$stats_file=$val;
}
if ( $var eq 'agent' ){
$agent=$val;
}
if ( $var eq 'zero_stats' ){
$zero_stats=$val;
}
$configA_int++;
}
}
#zero the stats if needed
if ( $zero_stats ){
system('echo > '.$stats_file);
if ( $? != 0 ){
die ("'echo > $stats_file' failed with a system return value of $?");
}
}
# call rndc if needed and die if it failes
if ( $call_rndc ){
system($rndc.' stats');
if ( $? != 0 ){
die ("'$rndc stats' failed with a system return value of $?");
}
}
my $bw=File::ReadBackwards->new( $stats_file ) or
die( "con't read '$stats_file': $!" );
#read backwards till we find the start of the last stats entry
my $read=1;
my @data;
until (
($bw->eof) ||
( ! $read )
){
my $new_line=$bw->readline;
$data[$#data++]=$new_line;
if ($new_line =~ /^\+\+\+\ Statistics\ Dump\ \+\+\+/){
$read=0;
}
}
my %incoming=(
'A'=>0,
'AAAA'=>0,
'AFSDB'=>0,
'APL'=>0,
'CAA'=>0,
'CDNSKEY'=>0,
'CDS'=>0,
'CERT'=>0,
'CNAME'=>0,
'DHCID'=>0,
'DLV'=>0,
'DNSKEY'=>0,
'DS'=>0,
'IPSECKEY'=>0,
'KEY'=>0,
'KX'=>0,
'LOC'=>0,
'MX'=>0,
'NAPTR'=>0,
'NS'=>0,
'NSEC'=>0,
'NSEC3'=>0,
'NSEC3PARAM'=>0,
'PTR'=>0,
'RRSIG'=>0,
'RP'=>0,
'SIG'=>0,
'SOA'=>0,
'SRV'=>0,
'SSHFP'=>0,
'TA'=>0,
'TKEY'=>0,
'TLSA'=>0,
'TSIG'=>0,
'TXT'=>0,
'URI'=>0,
'DNAME'=>0,
'ANY'=>0,
'AXFR'=>0,
'IXFR'=>0,
'OPT'=>0,
'SPF'=>0,
);
my %outgoing=(
'A'=>0,
'AAAA'=>0,
'AFSDB'=>0,
'APL'=>0,
'CAA'=>0,
'CDNSKEY'=>0,
'CDS'=>0,
'CERT'=>0,
'CNAME'=>0,
'DHCID'=>0,
'DLV'=>0,
'DNSKEY'=>0,
'DS'=>0,
'IPSECKEY'=>0,
'KEY'=>0,
'KX'=>0,
'LOC'=>0,
'MX'=>0,
'NAPTR'=>0,
'NS'=>0,
'NSEC'=>0,
'NSEC3'=>0,
'NSEC3PARAM'=>0,
'PTR'=>0,
'RRSIG'=>0,
'RP'=>0,
'SIG'=>0,
'SOA'=>0,
'SRV'=>0,
'SSHFP'=>0,
'TA'=>0,
'TKEY'=>0,
'TLSA'=>0,
'TSIG'=>0,
'TXT'=>0,
'URI'=>0,
'DNAME'=>0,
'ANY'=>0,
'AXFR'=>0,
'IXFR'=>0,
'OPT'=>0,
'SPF'=>0,
);
my %server=(
'IPv4 requests received'=>0, #i4rr
'IPv6 requests received'=>0, #i6rr
'requests with EDNS(0) received'=>0, #rwer
'TCP requests received'=>0, #trr
'auth queries rejected'=>0, #aqr
'recursive queries rejected'=>0, #rqr
'responses sent'=>0, #rs
'truncated responses sent'=>0, #trs
'responses with EDNS(0) sent'=>0, #rwes
'queries resulted in successful answer'=>0, #qrisa
'queries resulted in authoritative answer'=>0, #qriaa
'queries resulted in non authoritative answer'=>0, #qrinaa
'queries resulted in nxrrset'=>0, #qrin
'queries resulted in SERVFAIL'=>0, #qris
'queries resulted in NXDOMAIN'=>0, #qrind
'queries caused recursion'=>0, #qcr
'duplicate queries received'=>0, #dqr
'other query failures'=>0, #oqf
'UDP queries received'=>0, #uqr
'TCP queries received'=>0, #tqr
'Other EDNS option received'=>0, #oeor
'queries dropped'=>0, #qd
);
my %resolver=(
'IPv4 queries sent'=>0, #i4qs
'IPv6 queries sent'=>0, #i6qs
'IPv4 responses received'=>0, #i4rr
'IPv6 responses received'=>0, #i6rr
'NXDOMAIN received'=>0, #nr
'SERVFAIL received'=>0, #sr
'FORMERR received'=>0, #fr
'EDNS(0) query failures'=>0, #eqf
'truncated responses received'=>0, #trr
'lame delegations received'=>0, #ldr
'query retries'=>0, #qr
'query timeouts'=>0, #qt
'IPv4 NS address fetches'=>0, #i4naf
'IPv6 NS address fetches'=>0, #i6naf
'IPv4 NS address fetch failed'=>0, #i4naff
'IPv6 NS address fetch failed'=>0, #i6naff
'queries with RTT < 10ms'=>0, #rttl10
'queries with RTT 10-100ms'=>0, #rtt10t100
'queries with RTT 100-500ms'=>0, #rtt100t500
'queries with RTT 500-800ms'=>0, #rtt500t800
'queries with RTT 800-1600ms'=>0, #rtt800t1600
'queries with RTT > 1600ms'=>0, #rttg1600
'bucket size'=>0, #bs
'REFUSED received'=>0 #rr
);
my %cache=(
'cache hits'=>0, #ch
'cache misses'=>0, #cm
'cache hits (from query)'=>0, #chfq
'cache misses (from query)'=>0, #cmfq
'cache records deleted due to memory exhaustion'=>0, #crddtme
'cache records deleted due to TTL expiration'=>0, #crddtte
'cache database nodes'=>0, #cdn
'cache database hash buckets'=>0, #cdhb
'cache tree memory total'=>0, #ctmt
'cache tree memory in use'=>0, #ctmiu
'cache tree highest memory in use'=>0, #cthmiu
'cache heap memory total'=>0, #chmt
'cache heap memory in use'=>0, #chmiu
'cache heap highest memory in use'=>0,#chhmiu
);
my %RRsets=(
'A'=>0,
'AAAA'=>0,
'AFSDB'=>0,
'APL'=>0,
'CAA'=>0,
'CDNSKEY'=>0,
'CDS'=>0,
'CERT'=>0,
'CNAME'=>0,
'DHCID'=>0,
'DLV'=>0,
'DNSKEY'=>0,
'DS'=>0,
'IPSECKEY'=>0,
'KEY'=>0,
'KX'=>0,
'LOC'=>0,
'MX'=>0,
'NAPTR'=>0,
'NS'=>0,
'NSEC'=>0,
'NSEC3'=>0,
'NSEC3PARAM'=>0,
'PTR'=>0,
'RRSIG'=>0,
'RP'=>0,
'SIG'=>0,
'SOA'=>0,
'SRV'=>0,
'SSHFP'=>0,
'TA'=>0,
'TKEY'=>0,
'TLSA'=>0,
'TSIG'=>0,
'TXT'=>0,
'URI'=>0,
'DNAME'=>0,
'NXDOMAIN'=>0,
'ANY'=>0,
'AXFR'=>0,
'IXFR'=>0,
'OPT'=>0,
'SPF'=>0,
'!A'=>0,
'!AAAA'=>0,
'!AFSDB'=>0,
'!APL'=>0,
'!CAA'=>0,
'!CDNSKEY'=>0,
'!CDS'=>0,
'!CERT'=>0,
'!CNAME'=>0,
'!DHCID'=>0,
'!DLV'=>0,
'!DNSKEY'=>0,
'!DS'=>0,
'!IPSECKEY'=>0,
'!KEY'=>0,
'!KX'=>0,
'!LOC'=>0,
'!MX'=>0,
'!NAPTR'=>0,
'!NS'=>0,
'!NSEC'=>0,
'!NSEC3'=>0,
'!NSEC3PARAM'=>0,
'!PTR'=>0,
'!RRSIG'=>0,
'!RP'=>0,
'!SIG'=>0,
'!SOA'=>0,
'!SRV'=>0,
'!SSHFP'=>0,
'!TA'=>0,
'!TKEY'=>0,
'!TLSA'=>0,
'!TSIG'=>0,
'!TXT'=>0,
'!URI'=>0,
'!DNAME'=>0,
'!NXDOMAIN'=>0,
'!ANY'=>0,
'!AXFR'=>0,
'!IXFR'=>0,
'!OPT'=>0,
'!SPF'=>0,
);
my %ADB=(
'Address hash table size'=>0, #ahts
'Addresses in hash table'=>0, #aiht
'Name hash table size'=>0, #nhts
'Names in hash table'=>0, #niht
);
my %sockets=(
'UDP/IPv4 sockets opened'=>0, #ui4so
'UDP/IPv6 sockets opened'=>0, #ui6so
'TCP/IPv4 sockets opened'=>0, #ti4so
'TCP/IPv6 sockets opened'=>0, #ti6so
'Raw sockets opened'=>0, #rso
'UDP/IPv4 sockets closed'=>0, #ui4sc
'UDP/IPv6 sockets closed'=>0, #ui6sc
'TCP/IPv4 sockets closed'=>0, #ti4sc
'TCP/IPv6 sockets closed'=>0, #ti6sc
'UDP/IPv4 socket bind failures'=>0, #ui4sbf
'TCP/IPv4 socket bind failures'=>0, #ti4sbf
'UDP/IPv6 socket bind failures'=>0, #ui6sbf
'TCP/IPv6 socket bind failures'=>0, #ti6sbf
'UDP/IPv4 socket connect failures'=>0, #ui4scf
'TCP/IPv4 socket connect failures'=>0, #ti4scf
'UDP/IPv6 socket connect failures'=>0, #ui6scf
'TCP/IPv6 socket connect failures'=>0, #ti6scf
'UDP/IPv4 connections established'=>0, #ui4ce
'TCP/IPv4 connections established'=>0, #ti4ce
'UDP/IPv6 connections established'=>0, #ui6ce
'TCP/IPv6 connections established'=>0, #ti6ce
'TCP/IPv4 connections accepted'=>0, #ti4ca
'TCP/IPv6 connections accepted'=>0, #ti6ca
'UDP/IPv4 send errors'=>0, #ui4se
'TCP/IPv4 send errors'=>0, #ti4se
'UDP/IPv6 send errors'=>0, #ui6se
'TCP/IPv6 send errors'=>0, #ti6se
'UDP/IPv4 recv errors'=>0, #ui4re
'TCP/IPv4 recv errors'=>0, #ti4re
'UDP/IPv6 recv errors'=>0, #ui6re
'TCP/IPv6 recv errors'=>0, #ti6re
'UDP/IPv4 sockets active'=>0, #ui4sa
'UDP/IPv6 sockets active'=>0, #ui6sa
'TCP/IPv4 sockets active'=>0, #ti4sa
'TCP/IPv6 sockets active'=>0, #ti6sa
'Raw sockets active'=>0, #rsa
);
my $int=$#data-1;
my $section='';
while ( defined( $data[$int] ) ){
my $line=$data[$int];
my $done=0;
if ( $line =~ /^\+\+\ Incoming\ Queries\ \+\+/ ){
$section='incoming';
$done=1;
}elsif( $line =~ /\+\+\ Outgoing\ Queries\ \+\+/ ){
$section='outgoing';
$done=1;
}elsif( $line =~ /^\+\+\ Name\ Server\ Statistics\ \+\+/ ){
$section='server';
$done=1;
}elsif( $line =~ /^\+\+\ Resolver\ Statistics\ \+\+/ ){
$section='resolver';
$done=1;
}elsif( $line =~ /^\+\+\ Cache\ Statistics\ \+\+/ ){
$section='cache';
$done=1;
}elsif( $line =~ /^\+\+\ Cache\ DB\ RRsets\ \+\+/ ){
$section='RRsets';
$done=1;
}elsif( $line =~ /^\+\+\ ADB\ stats\ \+\+/ ){
$section='ADB';
$done=1;
}elsif( $line =~ /^\+\+\ Socket\ I\/O\ Statistics\ \+\+/ ){
$section='sockets';
$done=1;
}elsif( $line =~ /^\[/ ){
$done=1;
}elsif( $line !~ /^[\s\t]/){
$section='';
}
if (
( $section ne '' ) &&
( ! $done )
) {
$line=~s/^[\t\s]+//;
chomp($line);
my ( $count, $type )=split(/ /, $line, 2);
if ( defined( $opts{m} ) ){
eval( 'if (! defined($'.$section.'{$type} ) ){ print $section.",".$type.",".$count."\n";}' );
}
my $to_eval='if( defined($'.$section.'{$type}) ){$'.$section.'{$type}=$'.$section.'{$type}+$count;}';
eval( $to_eval );
}
$int--;
}
#exit now if we are just checking for missing items
if ( defined( $opts{m} ) ){
exit 0;
}
if ( $agent ){
print "<<<bind>>>\n";
}
print $incoming{'A'}.','.
$incoming{'AAAA'}.','.
$incoming{'AFSDB'}.','.
$incoming{'APL'}.','.
$incoming{'CAA'}.','.
$incoming{'CDNSKEY'}.','.
$incoming{'CDS'}.','.
$incoming{'CERT'}.','.
$incoming{'CNAME'}.','.
$incoming{'DHCID'}.','.
$incoming{'DLV'}.','.
$incoming{'DNSKEY'}.','.
$incoming{'DS'}.','.
$incoming{'IPSECKEY'}.','.
$incoming{'KEY'}.','.
$incoming{'KX'}.','.
$incoming{'LOC'}.','.
$incoming{'MX'}.','.
$incoming{'NAPTR'}.','.
$incoming{'NS'}.','.
$incoming{'NSEC'}.','.
$incoming{'NSEC3'}.','.
$incoming{'NSEC3PARAM'}.','.
$incoming{'PTR'}.','.
$incoming{'RRSIG'}.','.
$incoming{'RP'}.','.
$incoming{'SIG'}.','.
$incoming{'SOA'}.','.
$incoming{'SRV'}.','.
$incoming{'SSHFP'}.','.
$incoming{'TA'}.','.
$incoming{'TKEY'}.','.
$incoming{'TLSA'}.','.
$incoming{'TSIG'}.','.
$incoming{'TXT'}.','.
$incoming{'URI'}.','.
$incoming{'DNAME'}.','.
$incoming{'ANY'}.','.
$incoming{'AXFR'}.','.
$incoming{'IXFR'}.','.
$incoming{'OPT'}.','.
$incoming{'SPF'}."\n";
print $outgoing{'A'}.','.
$outgoing{'AAAA'}.','.
$outgoing{'AFSDB'}.','.
$outgoing{'APL'}.','.
$outgoing{'CAA'}.','.
$outgoing{'CDNSKEY'}.','.
$outgoing{'CDS'}.','.
$outgoing{'CERT'}.','.
$outgoing{'CNAME'}.','.
$outgoing{'DHCID'}.','.
$outgoing{'DLV'}.','.
$outgoing{'DNSKEY'}.','.
$outgoing{'DS'}.','.
$outgoing{'IPSECKEY'}.','.
$outgoing{'KEY'}.','.
$outgoing{'KX'}.','.
$outgoing{'LOC'}.','.
$outgoing{'MX'}.','.
$outgoing{'NAPTR'}.','.
$outgoing{'NS'}.','.
$outgoing{'NSEC'}.','.
$outgoing{'NSEC3'}.','.
$outgoing{'NSEC3PARAM'}.','.
$outgoing{'PTR'}.','.
$outgoing{'RRSIG'}.','.
$outgoing{'RP'}.','.
$outgoing{'SIG'}.','.
$outgoing{'SOA'}.','.
$outgoing{'SRV'}.','.
$outgoing{'SSHFP'}.','.
$outgoing{'TA'}.','.
$outgoing{'TKEY'}.','.
$outgoing{'TLSA'}.','.
$outgoing{'TSIG'}.','.
$outgoing{'TXT'}.','.
$outgoing{'URI'}.','.
$outgoing{'DNAME'}.','.
$outgoing{'ANY'}.','.
$outgoing{'AXFR'}.','.
$outgoing{'IXFR'}.','.
$outgoing{'OPT'}.','.
$outgoing{'SPF'}."\n";
print $server{'IPv4 requests received'}.','.
$server{'IPv6 requests received'}.','.
$server{'requests with EDNS(0) received'}.','.
$server{'TCP requests received'}.','.
$server{'auth queries rejected'}.','.
$server{'recursive queries rejected'}.','.
$server{'responses sent'}.','.
$server{'truncated responses sent'}.','.
$server{'responses with EDNS(0) sent'}.','.
$server{'queries resulted in successful answer'}.','.
$server{'queries resulted in authoritative answer'}.','.
$server{'queries resulted in non authoritative answer'}.','.
$server{'queries resulted in nxrrset'}.','.
$server{'queries resulted in SERVFAIL'}.','.
$server{'queries resulted in NXDOMAIN'}.','.
$server{'queries caused recursion'}.','.
$server{'duplicate queries received'}.','.
$server{'other query failures'}.','.
$server{'UDP queries received'}.','.
$server{'TCP queries received'}.','.
$server{'Other EDNS option received'}.','.
$server{'queries dropped'}."\n";
print $resolver{'IPv4 queries sent'}.','.
$resolver{'IPv6 queries sent'}.','.
$resolver{'IPv4 responses received'}.','.
$resolver{'IPv6 responses received'}.','.
$resolver{'NXDOMAIN received'}.','.
$resolver{'SERVFAIL received'}.','.
$resolver{'FORMERR received'}.','.
$resolver{'EDNS(0) query failures'}.','.
$resolver{'truncated responses received'}.','.
$resolver{'lame delegations received'}.','.
$resolver{'query retries'}.','.
$resolver{'query timeouts'}.','.
$resolver{'IPv4 NS address fetches'}.','.
$resolver{'IPv6 NS address fetches'}.','.
$resolver{'IPv4 NS address fetch failed'}.','.
$resolver{'IPv6 NS address fetch failed'}.','.
$resolver{'queries with RTT < 10ms'}.','.
$resolver{'queries with RTT 10-100ms'}.','.
$resolver{'queries with RTT 100-500ms'}.','.
$resolver{'queries with RTT 500-800ms'}.','.
$resolver{'queries with RTT 800-1600ms'}.','.
$resolver{'queries with RTT > 1600ms'}.','.
$resolver{'bucket size'}.','.
$resolver{'REFUSED received'}."\n";
print $cache{'cache hits'}.','.
$cache{'cache misses'}.','.
$cache{'cache hits (from query)'}.','.
$cache{'cache misses (from query)'}.','.
$cache{'cache records deleted due to memory exhaustion'}.','.
$cache{'cache records deleted due to TTL expiration'}.','.
$cache{'cache database nodes'}.','.
$cache{'cache database hash buckets'}.','.
$cache{'cache tree memory total'}.','.
$cache{'cache tree memory in use'}.','.
$cache{'cache tree highest memory in use'}.','.
$cache{'cache heap memory total'}.','.
$cache{'cache heap memory in use'}.','.
$cache{'cache heap highest memory in use'}."\n";
print $RRsets{'A'}.','.
$RRsets{'AAAA'}.','.
$RRsets{'AFSDB'}.','.
$RRsets{'APL'}.','.
$RRsets{'CAA'}.','.
$RRsets{'CDNSKEY'}.','.
$RRsets{'CDS'}.','.
$RRsets{'CERT'}.','.
$RRsets{'CNAME'}.','.
$RRsets{'DHCID'}.','.
$RRsets{'DLV'}.','.
$RRsets{'DNSKEY'}.','.
$RRsets{'DS'}.','.
$RRsets{'IPSECKEY'}.','.
$RRsets{'KEY'}.','.
$RRsets{'KX'}.','.
$RRsets{'LOC'}.','.
$RRsets{'MX'}.','.
$RRsets{'NAPTR'}.','.
$RRsets{'NS'}.','.
$RRsets{'NSEC'}.','.
$RRsets{'NSEC3'}.','.
$RRsets{'NSEC3PARAM'}.','.
$RRsets{'PTR'}.','.
$RRsets{'RRSIG'}.','.
$RRsets{'RP'}.','.
$RRsets{'SIG'}.','.
$RRsets{'SOA'}.','.
$RRsets{'SRV'}.','.
$RRsets{'SSHFP'}.','.
$RRsets{'TA'}.','.
$RRsets{'TKEY'}.','.
$RRsets{'TLSA'}.','.
$RRsets{'TSIG'}.','.
$RRsets{'TXT'}.','.
$RRsets{'URI'}.','.
$RRsets{'DNAME'}.','.
$RRsets{'NXDOMAIN'}.','.
$RRsets{'ANY'}.','.
$RRsets{'AXFR'}.','.
$RRsets{'IXFR'}.','.
$RRsets{'OPT'}.','.
$RRsets{'SPF'}.','.
$RRsets{'!A'}.','.
$RRsets{'!AAAA'}.','.
$RRsets{'!AFSDB'}.','.
$RRsets{'!APL'}.','.
$RRsets{'!CAA'}.','.
$RRsets{'!CDNSKEY'}.','.
$RRsets{'!CDS'}.','.
$RRsets{'!CERT'}.','.
$RRsets{'!CNAME'}.','.
$RRsets{'!DHCID'}.','.
$RRsets{'!DLV'}.','.
$RRsets{'!DNSKEY'}.','.
$RRsets{'!DS'}.','.
$RRsets{'!IPSECKEY'}.','.
$RRsets{'!KEY'}.','.
$RRsets{'!KX'}.','.
$RRsets{'!LOC'}.','.
$RRsets{'!MX'}.','.
$RRsets{'!NAPTR'}.','.
$RRsets{'!NS'}.','.
$RRsets{'!NSEC'}.','.
$RRsets{'!NSEC3'}.','.
$RRsets{'!NSEC3PARAM'}.','.
$RRsets{'!PTR'}.','.
$RRsets{'!RRSIG'}.','.
$RRsets{'!RP'}.','.
$RRsets{'!SIG'}.','.
$RRsets{'!SOA'}.','.
$RRsets{'!SRV'}.','.
$RRsets{'!SSHFP'}.','.
$RRsets{'!TA'}.','.
$RRsets{'!TKEY'}.','.
$RRsets{'!TLSA'}.','.
$RRsets{'!TSIG'}.','.
$RRsets{'!TXT'}.','.
$RRsets{'!URI'}.','.
$RRsets{'!DNAME'}.','.
$RRsets{'!NXDOMAIN'}.','.
$RRsets{'!ANY'}.','.
$RRsets{'!AXFR'}.','.
$RRsets{'!IXFR'}.','.
$RRsets{'!OPT'}.','.
$RRsets{'!SPF'}."\n";
print $ADB{'Address hash table size'}.','.
$ADB{'Addresses in hash table'}.','.
$ADB{'Name hash table size'}.','.
$ADB{'Names in hash table'}."\n";
print $sockets{'UDP/IPv4 sockets opened'}.','.
$sockets{'UDP/IPv6 sockets opened'}.','.
$sockets{'TCP/IPv4 sockets opened'}.','.
$sockets{'TCP/IPv6 sockets opened'}.','.
$sockets{'Raw sockets opened'}.','.
$sockets{'UDP/IPv4 sockets closed'}.','.
$sockets{'UDP/IPv6 sockets closed'}.','.
$sockets{'TCP/IPv4 sockets closed'}.','.
$sockets{'TCP/IPv6 sockets closed'}.','.
$sockets{'UDP/IPv4 socket bind failures'}.','.
$sockets{'TCP/IPv4 socket bind failures'}.','.
$sockets{'UDP/IPv6 socket bind failures'}.','.
$sockets{'TCP/IPv6 socket bind failures'}.','.
$sockets{'UDP/IPv4 socket connect failures'}.','.
$sockets{'TCP/IPv4 socket connect failures'}.','.
$sockets{'UDP/IPv6 socket connect failures'}.','.
$sockets{'TCP/IPv6 socket connect failures'}.','.
$sockets{'UDP/IPv4 connections established'}.','.
$sockets{'TCP/IPv4 connections established'}.','.
$sockets{'UDP/IPv6 connections established'}.','.
$sockets{'TCP/IPv6 connections established'}.','.
$sockets{'TCP/IPv4 connections accepted'}.','.
$sockets{'TCP/IPv6 connections accepted'}.','.
$sockets{'UDP/IPv4 send errors'}.','.
$sockets{'TCP/IPv4 send errors'}.','.
$sockets{'UDP/IPv6 send errors'}.','.
$sockets{'TCP/IPv6 send errors'}.','.
$sockets{'UDP/IPv4 recv errors'}.','.
$sockets{'TCP/IPv4 recv errors'}.','.
$sockets{'UDP/IPv6 recv errors'}.','.
$sockets{'TCP/IPv6 recv errors'}.','.
$sockets{'UDP/IPv4 sockets active'}.','.
$sockets{'UDP/IPv6 sockets active'}.','.
$sockets{'TCP/IPv4 sockets active'}.','.
$sockets{'TCP/IPv6 sockets active'}.','.
$sockets{'Raw sockets active'}."\n";

5
snmp/bind.config Normal file
View File

@@ -0,0 +1,5 @@
rndc=/usr/sbin/rndc
stats_file=/var/named/named.stats
call_rndc=1
agent=0
zero_stats=1

238
snmp/fail2ban Executable file
View File

@@ -0,0 +1,238 @@
#!/usr/bin/env perl
# Author: Zane C. Bowers-Hadley <vvelox@vvelox.net>
# https://docs.librenms.org/#Extensions/Applications/#fail2ban
# See the above for additional information not documented in the POD below.
=head1 DESCRIPTION
A basic SNMP extend for polling fail2ban for LibreNMS.
=head1 SWITCHES
=head2 -c
Prints the cache file.
=head2 -C <file>
Uses the specified file as the cache file.
If not specified, /var/cache/fail2ban is used.
=head2 -f <fail2ban-client>
This is the path to the fail2ban-client if needed.
If not specified, "/usr/bin/env fail2ban-client" is used.
=head2 -p
Pretty prints the JSON.
=head2 -u
Updates the cache.
=head2 -U
When used with -c, allows attempted cache updating if the file is older
than 360 seconds or does not exist.
=head1 CRON EXAMPLE
*/3 * * * * /etc/snmp/fail2ban -u
or
*/3 * * * * /etc/snmp/fail2ban -u -C /foo/bar/cache
3 minutes is used as LibreNMS runs every 5 minutes, this helps ensure it
is most likely up to date in between runs.
=head1 SNMPD SETUP EXAMPLES
extend fail2ban /etc/snmp/fail2ban
The above will set it up for basic uncached usage.
This is likely fine for most configurations.
extend fail2ban /etc/snmp/fail2ban -c
Will use the cache.
extend fail2ban /etc/snmp/fail2ban -c -U
Will use the cache and update if needed.
extend fail2ban /etc/snmp/fail2ban -f /foo/bin/fail2ban-client
Run it with fail2ban being installed under /foo the the path to
fail2ban-cleint being /foo/bin/fail2ban-client.
=cut
use strict;
use warnings;
use Getopt::Std;
use JSON;
#fail2ban-client path
my $f2bc="/bin/fail2ban-client";
#the path to the cache
my $cache='/var/cache/fail2ban';
$Getopt::Std::STANDARD_HELP_VERSION = 1;
sub main::VERSION_MESSAGE {
print "fail2ban-client SNMP extend 1.0.0\n";
};
sub main::HELP_MESSAGE {
print "\n".
"-c Print from the cache.\n".
"-C <file> Use this as the cache file.\n".
"-f <fail2ban-client> The fail2ban-client path if needed.".
"-p Pretty prints the JSON.\n".
"-u Update the cache, '".$cache."'\n".
"-U When used with -c, allow update of the cache file if it does not exist or is older than 360 seconds.".
"\n".
"Unless -c or -u is given, it just talks to fail2ban-client and prints the results.\n";
}
#generats stats
sub stats{
my %toReturn;
$toReturn{data}={};
$toReturn{data}{total}=0; # total number in jails
$toReturn{data}{jails}={}; # each jail
$toReturn{error}=0; # error code, 0 if good
$toReturn{errorString}=''; # detailed description of any errors
$toReturn{version}='1'; # format version of the returned data
#gets a list of jails
my $jailsOutput=`$f2bc status`;
$toReturn{error}=$?;
if ( $? == -1){
$toReturn{errorString}='failed to run fail2ban-client';
}
elsif ($? & 127) {
$toReturn{errorString}= sprintf "fail2ban-client died with signal %d, %s coredump\n",
($? & 127), ($? & 128) ? 'with' : 'without';
}
else {
$toReturn{error}=$? >> 8;
$toReturn{errorString}="fail2ban-client exited with ".$toReturn{error};
}
if ( $toReturn{error} == 0 ){
my @jailsOutputA=split(/\n/, $jailsOutput);
my ( $jailsS )=grep( /Jail\ list/, @jailsOutputA );
$jailsS=~s/.*\://;
$jailsS=~s/\s//g;
my @jails=split(/\,/, $jailsS);
#process jails
my $int=0;
while(defined($jails[$int])){
#get the total for this jail
my $jailStatusOutput=`$f2bc status $jails[$int]`;
my @jailStatusOutputA=split(/\n/, $jailStatusOutput);
my ( $jailTotal )=grep(/Currently\ banned\:/, @jailStatusOutputA);
$jailTotal=~s/.*\://;
$jailTotal=~s/\s//g;
#tally the total and add this jail to the list
$toReturn{data}{total} = $toReturn{data}{total} + $jailTotal;
$toReturn{data}{jails}{ $jails[$int] } = $jailTotal;
$int++;
}
}
my $j=JSON->new;
if ( $_[0] ){
$j->pretty(1);
return $j->encode( \%toReturn );
}
return $j->encode( \%toReturn )."\n";
}
#updates $cache
sub cacheUpdate{
my $stats=stats($_[0]);
open(my $writefh, ">", $cache) or die "Can't open '".$cache."'";
print $writefh $stats;
close($writefh);
}
#prints $cache
sub cachePrint{
my $old='';
open(my $readfh, "<", $cache) or die "Can't open '".$cache."'";
# if this is over 2048, something is most likely wrong
read($readfh , $old , 10240);
close($readfh);
print $old;
}
#gets the options
my %opts=();
getopts('puUcC:f:', \%opts);
#use custom cache file if needed
if ( defined( $opts{C} ) ){
$cache=$opts{C};
}
#use custom fail2ban location if needed
if ( defined( $opts{f} ) ){
$f2bc=$opts{f};
}
#use the cache
if ( defined( $opts{c} ) ){
my ($dev,$ino,$mode,$nlink,$uid,$gid,$rdev,$size,
$atime,$mtime,$ctime,$blksize,$blocks) = stat($cache);
if (( -f $cache ) && defined( $mtime ) && ( (time-$mtime) < 360 )){
#cache exists and time is fine
cachePrint;
exit 0;
}else{
#cache does not exist or is old
if ( $opts{U} ){
#allowed to update it via -U
cacheUpdate( $opts{p} );
cachePrint;
exit 0;
}else{
#-U not given
warn("'".$cache."' does not exist or is to old and -U was not given");
exit 1;
}
}
warn('we should never get here...');
exit 2;
}
#update the cache
if (defined( $opts{u} )){
cacheUpdate( $opts{p} );
exit 0;
}
#no cache opions given, just print it
print &stats( $opts{p} );
exit 0;

1250
snmp/mysql Executable file
View File

File diff suppressed because it is too large Load Diff

131
snmp/mysql-stats Executable file
View File

@@ -0,0 +1,131 @@
#!/usr/bin/env python2
import warnings
import re
warnings.filterwarnings(action="ignore", message='the sets module is deprecated')
import sets
import MySQLdb
import base64
conn = MySQLdb.connect(host='localhost',
user='root',
passwd='d8z4a80',
db='')
cursor = conn.cursor ()
cursor.execute ("SHOW GLOBAL STATUS")
rows = cursor.fetchall()
datavariables = {
'Command Counters': ['Com_delete','Com_insert','Com_insert_select','Com_load','Com_replace','Com_replace_select', 'Com_select', 'Com_update', 'Com_update_multi'],
'Connections': ['max_connections', 'Max_used_connections', 'Aborted_clients', 'Aborted_connects','Threads_connected','Connections'],
'Files and Tables': ['table_open_cache','Open_files','Open_tables','Opened_tables'],
'InnoDB Buffer Pool': ['ib_bpool_size','ib_bpool_dbpages', 'ib_bpool_free','ib_bpool_modpages'],
'InnoDB Buffer Pool Activity': ['ib_bpool_read','ib_bpool_created', 'ib_bpool_written'],
'InnoDB Insert Buffer': ['ib_ibuf_inserts','ib_ibuf_merged_rec', 'ib_ibuf_merges'],
'InnoDB IO': ['ib_io_read','ib_io_write','ib_io_log', 'ib_io_fsync'],
'InnoDB IO Pending': ['ib_iop_log','ib_iop_sync', 'ib_iop_flush_log', 'ib_iop_flush_bpool', 'ib_iop_ibuf_aio','ib_iop_aioread','ib_iop_aiowrite'],
'InnoDB Log': ['innodb_log_buffer_size','ib_log_flush','ib_log_written'],
'InnoDB Row Operations': ['Innodb_rows_deleted','Innodb_rows_inserted','Innodb_rows_read','Innodb_rows_updated'],
'InnoDB Semaphores': ['ib_spin_rounds','ib_spin_waits','ib_os_waits'],
'InnoDB Transactions': ['ib_tnx'],
'MyISAM Indexes': ['Key_read_requests','Key_reads','Key_write_requests','Key_writes'],
'Network Traffic': ['Bytes_received','Bytes_sent'],
'Query Cache': ['Qcache_queries_in_cache','Qcache_hits','Qcache_inserts','Qcache_not_cached','Qcache_lowmem_prunes'],
'Query Cache Memory': ['query_cache_size','Qcache_free_memory'],
'Select Types': ['Select_full_join','Select_full_range_join','Select_range','Select_range_check','Select_scan'],
'Slow Queries': ['Slow_queries'],
'Sorts': ['Sort_rows','Sort_range','Sort_merge_passes','Sort_scan'],
'Table Locks': ['Table_locks_immediate','Table_locks_waited'],
'Temporary Objects': ['Created_tmp_disk_tables','Created_tmp_tables','Created_tmp_files']
}
data = {}
for row in rows:
data[row[0]] = row[1]
cursor = ""
cursor = conn.cursor ()
cursor.execute ("SHOW VARIABLES")
rows = cursor.fetchall()
for row in rows:
data[row[0]] = row[1]
cursor = ""
cursor = conn.cursor()
cursor.execute("SHOW ENGINE INNODB STATUS")
rows = cursor.fetchall()
for row in rows:
for line in row[2].split("\n"):
ib_bpool_size = re.match(r"Buffer\spool\ssize\s+(\d+)", line)
ib_bpool_free = re.match(r"Free\sbuffers\s+(\d+)", line)
ib_bpool_dbpages = re.match(r"Database\spages\s+(\d+)", line)
ib_bpool_modpages = re.match(r"Modified\sdb\spages\s+(\d+)", line)
ib_b_reg = re.match(r"Pages\sread\s(\d+),\screated\s(\d+),\swritten (\d+)", line)
ib_insert_buffer = re.match(r"(\d+)\sinserts,\s(\d+)\smerged\srecs,\s(\d+)", line)
ib_io = re.match(r"(\d+)\sOS\sfile\sreads,\s(\d+)\sOS\sfile\swrites,\s(\d+)\sOS\sfsyncs", line)
ib_io_log = re.match(r"(\d+)\slog\si\/o's\sdone.*", line)
ib_io_p1 = re.match(r"Pending\snormal\saio\sreads:\s(\d+),\saio\swrites:\s(\d+),", line)
ib_io_p2 = re.match(r"\s?ibuf\saio\sreads:\s(\d+),\slog\si\/o's:\s(\d+),\ssync\si\/o's:\s(\d+)", line)
ib_io_p3 = re.match(r"\s?Pending\sflushes\s\(fsync\)\slog:\s(\d+);\sbuffer\spool:\s(\d+)\s?", line)
ib_log_p1 = re.match(r"\s?Log\ssequence\snumber\s([[a-fA-F\d]+)(?: (\d+))?", line)
ib_log_p2 = re.match(r"\s?Log\sflushed\sup\sto\s+([[a-fA-F\d]+)(?: (\d+))?", line)
ib_semaphore = re.match(r"\s?Mutex\sspin\swaits\s(\d+),\srounds\s(\d+),\sOS waits\s(\d+)", line)
ib_tnx = re.match(r"\s?Trx\sid\scounter\s([[a-fA-F\d]+)(?: (\d+))?", line)
if ib_bpool_size:
data['ib_bpool_size'] = ib_bpool_size.group(1)
elif ib_bpool_free:
data['ib_bpool_free'] = ib_bpool_free.group(1)
elif ib_bpool_dbpages:
data['ib_bpool_dbpages'] = ib_bpool_dbpages.group(1)
elif ib_bpool_modpages:
data['ib_bpool_modpages'] = ib_bpool_modpages.group(1)
elif ib_insert_buffer:
data['ib_ibuf_inserts'] = ib_insert_buffer.group(1)
data['ib_ibuf_merged_rec'] = ib_insert_buffer.group(2)
data['ib_ibuf_merges'] = ib_insert_buffer.group(3)
elif ib_io:
data['ib_io_read'] = ib_io.group(1)
data['ib_io_write'] = ib_io.group(2)
data['ib_io_fsync'] = ib_io.group(3)
elif ib_io_log:
data['ib_io_log'] = ib_io_log.group(1)
elif ib_io_p1:
data['ib_iop_aioread'] = ib_io_p1.group(1)
data['ib_iop_aiowrite'] = ib_io_p1.group(2)
elif ib_io_p2:
data['ib_iop_ibuf_aio'] = ib_io_p2.group(1)
data['ib_iop_log'] = ib_io_p2.group(2)
data['ib_iop_sync'] = ib_io_p2.group(3)
elif ib_io_p3:
data['ib_iop_flush_log'] = ib_io_p3.group(1)
data['ib_iop_flush_bpool'] = ib_io_p3.group(2)
elif ib_log_p1:
data['ib_log_written'] = ib_log_p1.group(1)
if ib_log_p1.group(2):
data['ib_log_written'] = int(data['ib_log_written']) + int(ib_log_p1.group(2))
elif ib_log_p2:
data['ib_log_flush'] = ib_log_p2.group(1)
if ib_log_p2.group(2):
data['ib_log_flush'] = int(data['ib_log_flush']) + int(ib_log_p2.group(2))
elif ib_semaphore:
data['ib_spin_waits'] = ib_semaphore.group(1)
data['ib_spin_rounds'] = ib_semaphore.group(2)
data['ib_os_waits'] = ib_semaphore.group(3)
elif ib_tnx:
data['ib_tnx'] = ib_tnx.group(1)
if ib_tnx.group(2):
data['ib_tnx'] = int(data['ib_tnx']) + int(ib_tnx.group(2))
elif ib_b_reg:
data['ib_bpool_read'] = ib_b_reg.group(1)
data['ib_bpool_created'] = ib_b_reg.group(2)
data['ib_bpool_written'] = ib_b_reg.group(3)
for category in datavariables:
for variable in datavariables[category]:
if variable in data:
print data[variable]

8
snmp/mysql.cnf Normal file
View File

@@ -0,0 +1,8 @@
<?php
$mysql_user = 'root';
$mysql_pass = 'd8z4a80';
$mysql_host = 'localhost';
$mysql_port = 3306;
?>

37
snmp/nginx-nms Executable file
View File

@@ -0,0 +1,37 @@
#!/usr/bin/env python2
import urllib2
import re
data = urllib2.urlopen('http://linux.vrem.ro:80/nginx_status').read()
params = {}
for line in data.split("\n"):
smallstat = re.match(r"\s?Reading:\s(.*)\sWriting:\s(.*)\sWaiting:\s(.*)$", line)
req = re.match(r"\s+(\d+)\s+(\d+)\s+(\d+)", line)
if smallstat:
params["Reading"] = smallstat.group(1)
params["Writing"] = smallstat.group(2)
params["Waiting"] = smallstat.group(3)
elif req:
params["Requests"] = req.group(3)
else:
pass
dataorder = [
"Active",
"Reading",
"Writing",
"Waiting",
"Requests"
]
for param in dataorder:
if param == "Active":
Active = int(params["Reading"]) + int(params["Writing"]) + int(params["Waiting"])
print Active
else:
print params[param]

72
snmp/os-updates Executable file
View File

@@ -0,0 +1,72 @@
#!/usr/bin/env bash
################################################################
# copy this script to /etc/snmp/ and make it executable: #
# chmod +x /etc/snmp/os-updates.sh #
# ------------------------------------------------------------ #
# edit your snmpd.conf and include: #
# extend osupdate /opt/os-updates.sh #
#--------------------------------------------------------------#
# restart snmpd and activate the app for desired host #
#--------------------------------------------------------------#
# please make sure you have the path/binaries below #
################################################################
BIN_AWK='/usr/bin/awk'
BIN_WC='/usr/bin/wc'
BIN_GREP='/bin/grep'
CMD_GREP='-c'
CMD_WC='-l'
BIN_ZYPPER='/usr/bin/zypper'
CMD_ZYPPER='lu'
BIN_YUM='/usr/bin/yum'
CMD_YUM='-q check-update'
BIN_DNF='/usr/bin/dnf'
CMD_DNF='-q check-update'
BIN_APT='/usr/bin/apt-get'
CMD_APT='-qq -s upgrade'
BIN_PACMAN='/usr/bin/pacman'
CMD_PACMAN='-Sup'
################################################################
# Don't change anything unless you know what are you doing #
################################################################
if [ -f /etc/os-release ]; then
OS=`$BIN_AWK -F= '/^ID=/{print $2}' /etc/os-release`
if [ $OS == "opensuse" ]; then
UPDATES=`$BIN_ZYPPER $CMD_ZYPPER | $BIN_WC $CMD_WC`
if [ $UPDATES -gt 3 ]; then
echo $(($UPDATES-3));
else
echo "0";
fi
elif [ $OS == "\"centos\"" ]; then
UPDATES=`$BIN_YUM $CMD_YUM | $BIN_WC $CMD_WC`
if [ $UPDATES -gt 6 ]; then
echo $(($UPDATES-6));
else
echo "0";
fi
elif [ $OS == "fedora" ]; then
UPDATES=`$BIN_DNF $CMD_DNF | $BIN_WC $CMD_WC`
if [ $UPDATES -gt 6 ]; then
echo $(($UPDATES-6));
else
echo "0";
fi
elif [ $OS == "debian" ] || [ $OS == "devuan" ] || [ $OS == "ubuntu" ]; then
UPDATES=`$BIN_APT $CMD_APT | $BIN_GREP $CMD_GREP 'Inst'`
if [ $UPDATES -gt 1 ]; then
echo $UPDATES;
else
echo "0";
fi
elif [ $OS == "arch" ]; then
UPDATES=`$BIN_PACMAN $CMD_PACMAN | $BIN_WC $CMD_WC`
if [ $UPDATES -gt 1 ]; then
echo $(($UPDATES-1));
else
echo "0";
fi
fi
else
echo "0";
fi

148
snmp/phpfpm-sp Executable file
View File

@@ -0,0 +1,148 @@
#!/usr/bin/env bash
# add this to snmpd.conf as below... actual path to the script can vary
# extend phpfpmsp /root/snmp-extends/phpfpm-sp
#
# The location is is irrelevant. It just needs to be executable,
# have access to curl, and be reachable by the snmpd.
#
# You can check it via...
# snmpget -v 2c -c public localhost .1.3.6.1.4.1.8072.1.3.2.3.1.2.8.112.104.112.102.112.109.115.112
# which should print out... actual values will very...
# NET-SNMP-EXTEND-MIB::nsExtendOutputFull."phpfpmsp" = STRING: www
# 11/Feb/2017:18:45:43 -0600
# 189514
# 178516
# 0
# 0
# 0
# 2
# 1
# 3
# 20
# 13
# 0
#
# In order the returned values are.
#
# pool
# start_time
# start_since
# accepted_conn
# listen_queue
# max_listen_queue
# listen_queue_len
# idle_processes
# active_processes
# total_processes
# max_active_processes
# max_children_reached
# slow_requests
# the URL to fetch, change as needed
url="http://192.168.1.2/fpm-status?full"
opts=""
# netdata
# real-time performance and health monitoring, done right!
# (C) 2016 Costa Tsaousis <costa@tsaousis.gr>
# GPL v3+
#
# Contributed by @safeie with PR #276
# Modified to work as a SNMP extend by Zane C. Bowers-Hadley
declare -A phpfpm_urls=()
declare -A phpfpm_curl_opts=()
# _update_every is a special variable - it holds the number of seconds
# between the calls of the _update() function
phpfpm_update_every=
phpfpm_priority=60000
declare -a phpfpm_response=()
phpfpm_pool=""
phpfpm_start_time=""
phpfpm_start_since=0
phpfpm_accepted_conn=0
phpfpm_listen_queue=0
phpfpm_max_listen_queue=0
phpfpm_listen_queue_len=0
phpfpm_idle_processes=0
phpfpm_active_processes=0
phpfpm_total_processes=0
phpfpm_max_active_processes=0
phpfpm_max_children_reached=0
phpfpm_slow_requests=0
# local opts="${1}" url="${2}"
phpfpm_response=($(curl -Ss ${opts} "${url}"))
[ $? -ne 0 -o "${#phpfpm_response[@]}" -eq 0 ] && exit 1
if [[ "${phpfpm_response[0]}" != "pool:" \
|| "${phpfpm_response[2]}" != "process" \
|| "${phpfpm_response[5]}" != "start" \
|| "${phpfpm_response[12]}" != "accepted" \
|| "${phpfpm_response[15]}" != "listen" \
|| "${phpfpm_response[16]}" != "queue:" \
|| "${phpfpm_response[26]}" != "idle" \
|| "${phpfpm_response[29]}" != "active" \
|| "${phpfpm_response[32]}" != "total" \
]]
then
echo "invalid response from phpfpm status server: ${phpfpm_response[*]}"
exit 1;
fi
phpfpm_pool="${phpfpm_response[1]}"
phpfpm_start_time="${phpfpm_response[7]} ${phpfpm_response[8]}"
phpfpm_start_since="${phpfpm_response[11]}"
phpfpm_accepted_conn="${phpfpm_response[14]}"
phpfpm_listen_queue="${phpfpm_response[17]}"
phpfpm_max_listen_queue="${phpfpm_response[21]}"
phpfpm_listen_queue_len="${phpfpm_response[25]}"
phpfpm_idle_processes="${phpfpm_response[28]}"
phpfpm_active_processes="${phpfpm_response[31]}"
phpfpm_total_processes="${phpfpm_response[34]}"
phpfpm_max_active_processes="${phpfpm_response[38]}"
phpfpm_max_children_reached="${phpfpm_response[42]}"
if [ "${phpfpm_response[43]}" == "slow" ]
then
phpfpm_slow_requests="${phpfpm_response[45]}"
else
phpfpm_slow_requests="-1"
fi
if [[ -z "${phpfpm_pool}" \
|| -z "${phpfpm_start_time}" \
|| -z "${phpfpm_start_since}" \
|| -z "${phpfpm_accepted_conn}" \
|| -z "${phpfpm_listen_queue}" \
|| -z "${phpfpm_max_listen_queue}" \
|| -z "${phpfpm_listen_queue_len}" \
|| -z "${phpfpm_idle_processes}" \
|| -z "${phpfpm_active_processes}" \
|| -z "${phpfpm_total_processes}" \
|| -z "${phpfpm_max_active_processes}" \
|| -z "${phpfpm_max_children_reached}" \
]]
then
echo "empty values got from phpfpm status server: ${phpfpm_response[*]}"
exit 1
fi
echo $phpfpm_pool
echo $phpfpm_start_time
echo $phpfpm_start_since
echo $phpfpm_accepted_conn
echo $phpfpm_listen_queue
echo $phpfpm_max_listen_queue
echo $phpfpm_listen_queue_len
echo $phpfpm_idle_processes
echo $phpfpm_active_processes
echo $phpfpm_total_processes
echo $phpfpm_max_active_processes
echo $phpfpm_max_children_reached
echo $phpfpm_slow_requests

13
snmp/postfix-queues Executable file
View File

@@ -0,0 +1,13 @@
#!/bin/bash
#Written by Valec 2006. Steal and share.
#Get postfix queue lengths
#extend mailq /opt/observer/scripts/getmailq.sh
QUEUES="incoming active deferred hold"
for i in $QUEUES; do
COUNT=`qshape $i | grep TOTAL | awk '{print $2}'`
printf "$COUNT\n"
done

545
snmp/postfixdetailed Executable file
View File

@@ -0,0 +1,545 @@
#!/usr/bin/env perl
# add this to your snmpd.conf file as below
# extend postfixdetailed /etc/snmp/postfixdetailed
# The cache file to use.
my $cache='/var/cache/postfixdetailed';
# the location of pflogsumm
my $pflogsumm='/usr/bin/env pflogsumm';
#totals
# 847 received = received
# 852 delivered = delivered
# 0 forwarded = forwarded
# 3 deferred (67 deferrals)= deferred
# 0 bounced = bounced
# 593 rejected (41%) = rejected
# 0 reject warnings = rejectw
# 0 held = held
# 0 discarded (0%) = discarded
# 16899k bytes received = bytesr
# 18009k bytes delivered = bytesd
# 415 senders = senders
# 266 sending hosts/domains = sendinghd
# 15 recipients = recipients
# 9 recipient hosts/domains = recipienthd
######message deferral detail
#Connection refused = deferralcr
#Host is down = deferralhid
########message reject detail
#Client host rejected = chr
#Helo command rejected: need fully-qualified hostname = hcrnfqh
#Sender address rejected: Domain not found = sardnf
#Sender address rejected: not owned by user = sarnobu
#blocked using = bu
#Recipient address rejected: User unknown = raruu
#Helo command rejected: Invalid name = hcrin
#Sender address rejected: need fully-qualified address = sarnfqa
#Recipient address rejected: Domain not found = rardnf
#Recipient address rejected: need fully-qualified address = rarnfqa
#Improper use of SMTP command pipelining = iuscp
#Message size exceeds fixed limit = msefl
#Server configuration error = sce
#Server configuration problem = scp
#unknown reject reason = urr
my $old='';
#reads in the old data if it exists
if ( -f $cache ){
open(my $fh, "<", $cache) or die "Can't open '".$cache."'";
# if this is over 2048, something is most likely wrong
read($fh , $old , 2048);
close($fh);
}
my ( $received,
$delivered,
$forwarded,
$deferred,
$bounced,
$rejected,
$rejectw,
$held,
$discarded,
$bytesr,
$bytesd,
$senders,
$sendinghd,
$recipients,
$recipienthd,
$deferralcr,
$deferralhid,
$chr,
$hcrnfqh,
$sardnf,
$sarnobu,
$bu,
$raruu,
$hcrin,
$sarnfqa,
$rardnf,
$rarnfqa,
$iuscp,
$msefl,
$sce,
$scp,
$urr) = split ( /\n/, $old );
if ( ! defined( $received ) ){ $received=0; }
if ( ! defined( $delivered ) ){ $delivered=0; }
if ( ! defined( $forwarded ) ){ $forwarded=0; }
if ( ! defined( $deferred ) ){ $deferred=0; }
if ( ! defined( $bounced ) ){ $bounced=0; }
if ( ! defined( $rejected ) ){ $rejected=0; }
if ( ! defined( $rejectw ) ){ $rejectw=0; }
if ( ! defined( $held ) ){ $held=0; }
if ( ! defined( $discarded ) ){ $discarded=0; }
if ( ! defined( $bytesr ) ){ $bytesr=0; }
if ( ! defined( $bytesd ) ){ $bytesd=0; }
if ( ! defined( $senders ) ){ $senders=0; }
if ( ! defined( $sendinghd ) ){ $sendinghd=0; }
if ( ! defined( $recipients ) ){ $recipients=0; }
if ( ! defined( $recipienthd ) ){ $recipienthd=0; }
if ( ! defined( $deferralcr ) ){ $deferralcr=0; }
if ( ! defined( $deferralhid ) ){ $deferralhid=0; }
if ( ! defined( $chr ) ){ $chr=0; }
if ( ! defined( $hcrnfqh ) ){ $hcrnfqh=0; }
if ( ! defined( $sardnf ) ){ $sardnf=0; }
if ( ! defined( $sarnobu ) ){ $sarnobu=0; }
if ( ! defined( $bu ) ){ $bu=0; }
if ( ! defined( $raruu ) ){ $raruu=0; }
if ( ! defined( $hcrin ) ){ $hcrin=0; }
if ( ! defined( $sarnfqa ) ){ $sarnfqa=0; }
if ( ! defined( $rardnf ) ){ $rardnf=0; }
if ( ! defined( $rarnfqa ) ){ $rarnfqa=0; }
if ( ! defined( $iuscp ) ){ $iuscp=0; }
if ( ! defined( $msefl ) ){ $msefl=0; }
if ( ! defined( $sce ) ){ $sce=0; }
if ( ! defined( $scp ) ){ $scp=0; }
if ( ! defined( $urr ) ){ $urr=0; }
#init current variables
my $receivedC=0;
my $deliveredC=0;
my $forwardedC=0;
my $deferredC=0;
my $bouncedC=0;
my $rejectedC=0;
my $rejectwC=0;
my $heldC=0;
my $discardedC=0;
my $bytesrC=0;
my $bytesdC=0;
my $sendersC=0;
my $sendinghdC=0;
my $recipientsC=0;
my $recipienthdC=0;
my $deferralcrC=0;
my $deferralhidC=0;
my $chrC=0;
my $hcrnfqhC=0;
my $sardnfC=0;
my $sarnobuC=0;
my $buC=0;
my $raruuC=0;
my $hcrinC=0;
my $sarnfqaC=0;
my $rardnfC=0;
my $rarnfqaC=0;
my $iuscpC=0;
my $mseflC=0;
my $sceC=0;
my $scpC=0;
my $urrC=0;
sub newValue{
my $old=$_[0];
my $new=$_[1];
#if new is undefined, just default to 0... this should never happen
if ( !defined( $new ) ){
warn('New not defined');
return 0;
}
#sets it to 0 if old is not defined
if ( !defined( $old ) ){
warn('Old not defined');
$old=0;
}
#make sure they are both numberic and if not set to zero
if( $old !~ /^[0123456789]*$/ ){
warn('Old not numeric');
$old=0;
}
if( $new !~ /^[0123456789]*$/ ){
warn('New not numeric');
$new=0;
}
#log rotation happened
if ( $old > $new ){
return $new;
};
return $new - $old;
}
my $output=`$pflogsumm /var/log/maillog`;
#holds client host rejected values till the end when it is compared to the old one
my $chrNew=0;
#holds RBL values till the end when it is compared to the old one
my $buNew=0;
# holds recipient address rejected values till the end when it is compared to the old one
my $raruuNew=0;
#holds the current values for checking later
my $current='';
my @outputA=split( /\n/, $output );
my $int=0;
while ( defined( $outputA[$int] ) ){
my $line=$outputA[$int];
$line=~s/^ *//;
$line=~s/ +/ /g;
$line=~s/\)$//;
my $handled=0;
#received line
if ( ( $line =~ /[0123456789] received$/ ) && ( ! $handled ) ){
$line=~s/ .*//;
$receivedC=$line;
$received=newValue( $received, $line );
$handled=1;
}
#delivered line
if ( ( $line =~ /[0123456789] delivered$/ ) && ( ! $handled ) ){
$line=~s/ .*//;
$deliveredC=$line;
$delivered=newValue( $delivered, $line );
$handled=1;
}
#forward line
if ( ( $line =~ /[0123456789] forwarded$/ ) && ( ! $handled ) ){
$line=~s/ .*//;
$forwardedC=$line;
$forwarded=newValue( $forwarded, $line );
$handled=1;
}
#defereed line
if ( ( $line =~ /[0123456789] deferred \(/ ) && ( ! $handled ) ){
$line=~s/ .*//;
$deferredC=$line;
$deferred=newValue( $deferred, $line );
$handled=1;
}
#bounced line
if ( ( $line =~ /[0123456789] bounced$/ ) && ( ! $handled ) ){
$line=~s/ .*//;
$bouncedC=$line;
$bounced=newValue( $bounced, $line );
$handled=1;
}
#rejected line
if ( ( $line =~ /[0123456789] rejected \(/ ) && ( ! $handled ) ){
$line=~s/ .*//;
$rejectedC=$line;
$rejected=newValue( $rejected, $line );
$handled=1;
}
#reject warning line
if ( ( $line =~ /[0123456789] reject warnings/ ) && ( ! $handled ) ){
$line=~s/ .*//;
$rejectwC=$line;
$rejectw=newValue( $rejectw, $line );
$handled=1;
}
#held line
if ( ( $line =~ /[0123456789] held$/ ) && ( ! $handled ) ){
$line=~s/ .*//;
$heldC=$line;
$held=newValue( $held, $line );
$handled=1;
}
#discarded line
if ( ( $line =~ /[0123456789] discarded \(/ ) && ( ! $handled ) ){
$line=~s/ .*//;
$discardedC=$line;
$discarded=newValue( $discarded, $line );
$handled=1;
}
#bytes received line
if ( ( $line =~ /[0123456789kM] bytes received$/ ) && ( ! $handled ) ){
$line=~s/ .*//;
$line=~s/k/000/;
$line=~s/M/000000/;
$bytesrC=$line;
$bytesr=newValue( $bytesr, $line );
$handled=1;
}
#bytes delivered line
if ( ( $line =~ /[0123456789kM] bytes delivered$/ ) && ( ! $handled ) ){
$line=~s/ .*//;
$line=~s/k/000/;
$line=~s/M/000000/;
$bytesdC=$line;
$bytesd=newValue( $bytesd, $line );
$handled=1;
}
#senders line
if ( ( $line =~ /[0123456789] senders$/ ) && ( ! $handled ) ){
$line=~s/ .*//;
$sendersC=$line;
$senders=newValue( $senders, $line );
$handled=1;
}
#sendering hosts/domains line
if ( ( $line =~ /[0123456789] sending hosts\/domains$/ ) && ( ! $handled ) ){
$line=~s/ .*//;
$sendinghdC=$line;
$sendinghd=newValue( $sendinghd, $line );
$handled=1;
}
#recipients line
if ( ( $line =~ /[0123456789] recipients$/ ) && ( ! $handled ) ){
$line=~s/ .*//;
$recipientsC=$line;
$recipients=newValue( $recipients, $line );
$handled=1;
}
#recipients line
if ( ( $line =~ /[0123456789] recipient hosts\/domains$/ ) && ( ! $handled ) ){
$line=~s/ .*//;
$recipienthdC=$line;
$recipienthd=newValue( $recipienthd, $line );
$handled=1;
}
# deferrals connectios refused
if ( ( $line =~ /[0123456789] 25\: Connection refused$/ ) && ( ! $handled ) ){
$line=~s/ .*//;
$deferralcrC=$line;
$deferralcr=newValue( $deferralcr, $line );
$handled=1;
}
# deferrals Host is down
if ( ( $line =~ /Host is down$/ ) && ( ! $handled ) ){
$line=~s/ .*//;
$deferralhidC=$line;
$deferralhid=newValue( $deferralhid, $line );
$handled=1;
}
# Client host rejected
if ( ( $line =~ /Client host rejected/ ) && ( ! $handled ) ){
$line=~s/.*\: //g;
$chrNew=$chrNew + $line;
$handled=1;
}
#Helo command rejected: need fully-qualified hostname
if ( ( $line =~ /Helo command rejected\: need fully\-qualified hostname/ ) && ( ! $handled ) ){
$line=~s/.*\: //g;
$hcrnfqhC=$line;
$hcrnfqh=newValue( $hcrnfqh, $line );
$handled=1;
}
#Sender address rejected: Domain not found
if ( ( $line =~ /Sender address rejected\: Domain not found/ ) && ( ! $handled ) ){
$line=~s/.*\: //g;
$sardnfC=$line;
$sardnf=newValue( $sardnf, $line );
$handled=1;
}
#Sender address rejected: not owned by user
if ( ( $line =~ /Sender address rejected\: not owned by user/ ) && ( ! $handled ) ){
$line=~s/.*\: //g;
$sarnobuC=$line;
$sarnobu=newValue( $sarnobu, $line );
$handled=1;
}
#blocked using
# These lines are RBLs so there will be more than one.
# Use $buNew to add them all up.
if ( ( $line =~ /blocked using/ ) && ( ! $handled ) ){
$line=~s/.*\: //g;
$buNew=$buNew + $line;
$handled=1;
}
#Recipient address rejected: User unknown
if ( ( $line =~ /Recipient address rejected\: User unknown/ ) && ( ! $handled ) ){
$line=~s/.*\: //g;
$raruuNew=$raruuNew + $line;
$handled=1;
}
#Helo command rejected: Invalid name
if ( ( $line =~ /Helo command rejected\: Invalid name/ ) && ( ! $handled ) ){
$line=~s/.*\: //g;
$hcrinC=$line;
$hcrin=newValue( $hcrin, $line );
}
#Sender address rejected: need fully-qualified address
if ( ( $line =~ /Sender address rejected\: need fully-qualified address/ ) && ( ! $handled ) ){
$line=~s/.*\: //g;
$sarnfqaC=$line;
$sarnfqa=newValue( $sarnfqa, $line );
}
#Recipient address rejected: Domain not found
if ( ( $line =~ /Recipient address rejected\: Domain not found/ ) && ( ! $handled ) ){
$line=~s/.*\: //g;
$rardnfC=$line;
$rardnf=newValue( $rardnf, $line );
}
#Improper use of SMTP command pipelining
if ( ( $line =~ /Improper use of SMTP command pipelining/ ) && ( ! $handled ) ){
$line=~s/.*\: //g;
$iuoscpC=$line;
$iuoscp=newValue( $iuoscp, $line );
}
#Message size exceeds fixed limit
if ( ( $line =~ /Message size exceeds fixed limit/ ) && ( ! $handled ) ){
$line=~s/.*\: //g;
$mseflC=$line;
$msefl=newValue( $msefl, $line );
}
#Server configuration error
if ( ( $line =~ /Server configuration error/ ) && ( ! $handled ) ){
$line=~s/.*\: //g;
$sceC=$line;
$sce=newValue( $sce, $line );
}
#Server configuration problem
if ( ( $line =~ /Server configuration problem/ ) && ( ! $handled ) ){
$line=~s/.*\: //g;
$scpC=$line;
$scp=newValue( $scp, $line );
}
#unknown reject reason
if ( ( $line =~ /unknown reject reason/ ) && ( ! $handled ) ){
$line=~s/.*\: //g;
$urrC=$line;
$urr=newValue( $urr, $line );
}
$int++;
}
# final client host rejected total
$chr=newValue( $chr, $chrNew );
# final RBL total
$bu=newValue( $bu, $buNew );
# final recipient address rejected total
$raruu=newValue( $raruu, $raruuNew );
my $data=$received."\n".
$delivered."\n".
$forwarded."\n".
$deferred."\n".
$bounced."\n".
$rejected."\n".
$rejectw."\n".
$held."\n".
$discarded."\n".
$bytesr."\n".
$bytesd."\n".
$senders."\n".
$sendinghd."\n".
$recipients."\n".
$recipienthd."\n".
$deferralcr."\n".
$deferralhid."\n".
$chr."\n".
$hcrnfqh."\n".
$sardnf."\n".
$sarnobu."\n".
$bu."\n".
$raruu."\n".
$hcrin."\n".
$sarnfqa."\n".
$rardnf."\n".
$rarnfqa."\n".
$iuscp."\n".
$sce."\n".
$scp."\n".
$urr."\n";
$msefl."\n".
print $data;
my $current=$receivedC."\n".
$deliveredC."\n".
$forwardedC."\n".
$deferredC."\n".
$bouncedC."\n".
$rejectedC."\n".
$rejectwC."\n".
$heldC."\n".
$discardedC."\n".
$bytesrC."\n".
$bytesdC."\n".
$sendersC."\n".
$sendinghdC."\n".
$recipientsC."\n".
$recipienthdC."\n".
$deferralcrC."\n".
$deferralhidC."\n".
$chrNew."\n".
$hcrnfqhC."\n".
$sardnfC."\n".
$sarnobuC."\n".
$buNew."\n".
$raruuNew."\n".
$hcrinC."\n".
$sarnfqaC."\n".
$rardnfC."\n".
$rarnfqaC."\n".
$iuscpC."\n".
$mseflC."\n".
$sceC."\n".
$scpC."\n".
$urrC."\n";
open(my $fh, ">", $cache) or die "Can't open '".$cache."'";
print $fh $current;
close($fh);

77
snmp/snmpd.conf Normal file
View File

@@ -0,0 +1,77 @@
###############################################################################
#
# snmpd.conf:
# An example configuration file for configuring the ucd-snmp snmpd agent.
#
###############################################################################
syscontact "Bogdan Stoica <bogdan@898.ro>"
syslocation "Bucharest, Romania"
sysname zira.898.ro
sysservices 15
agentAddress udp:161
# sec.name source community
com2sec local localhost public
com2sec mynetwork 192.168.1.0/24 public
com2sec edgemax 86.104.210.218 Z2O0jHAU4YKa1D10TPxuWQ
com2sec librenms 10.208.1.202 Z2O0jHAU4YKa1D10TPxuWQ
# Second, map the security names into group names:
# sec.model sec.name
#group MyRWGroup v1 local
group MyRWGroup v2c local
group MyRWGroup usm local
#group MyROGroup v1 mynetwork
group MyROGroup v2c mynetwork
group MyROGroup v2c edgemax
####
# Third, create a view for us to let the groups have rights to:
# incl/excl subtree mask
view all included .1 80
####
# Finally, grant the 2 groups access to the 1 view with different
# write permissions:
# context sec.model sec.level match read write notif
access MyROGroup "" any noauth exact all none none
access MyRWGroup "" any noauth exact all all none
# nginx
proc nginx
#hard disk partitions
disk /
#mibs +FORTINET-FORTIGATE-MIB:FORTINET-CORE-MIB
### librenms ###
# os update
extend osupdate /etc/snmp/os-updates
# postfix
extend postfixdetailed /etc/snmp/postfixdetailed
extend mailq /etc/snmp/postfix-queues
# bind
extend bind /etc/snmp/bind
# mysql
extend mysql /etc/snmp/mysql
# nginx
extend nginx /etc/snmp/nginx-nms
# php-fpm
extend phpfpmsp /etc/snmp/phpfpm-sp
# fail2ban
extend fail2ban /etc/snmp/fail2ban -f /bin/fail2ban-client
# distro
extend .1.3.6.1.4.1.2021.7890.1 distro /usr/bin/distro

6
snmp/snmptrapd.conf Normal file
View File

@@ -0,0 +1,6 @@
# Example configuration file for snmptrapd
#
# No traps are handled by default, you must edit this file!
#
# authCommunity log,execute,net public
# traphandle SNMPv2-MIB::coldStart /usr/bin/bin/my_great_script cold