xymon-ext-scripts

Check-in [8f9f30297c]
Login

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

Overview
Comment:Merge branch 'master' of github.com:feld/xymon-ext-scripts
Downloads: Tarball | ZIP archive | SQL archive
Timelines: family | ancestors | descendants | both | master | trunk
Files: files | file ages | folders
SHA3-256:8f9f30297c5df11f7dc62e4723d711d3580a8df01f6a9c527ea42146db5a1f9a
User & Date: feld@feld.me 2015-12-07 19:56:55
Context
2015-12-07
20:00
Revert; that doesn't alpha sort. It sorts by JID which is meaningless. check-in: 78f186c1bc user: feld@feld.me tags: master, trunk
19:56
Merge branch 'master' of github.com:feld/xymon-ext-scripts check-in: 8f9f30297c user: feld@feld.me tags: master, trunk
19:56
alpha sort the jails check-in: 1b9a0e8282 user: feld@feld.me tags: master, trunk
2015-11-06
14:57
add -f to rm of tmpfile -f will play nice and never bark an error if tmpfile doesn't exist check-in: df76db4bba user: feld@feld.me tags: master, trunk
Changes
Hide Diffs Unified Diffs Ignore Whitespace Patch

Changes to gmirror.sh.

23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
# IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.

#
# Place this file in /usr/local/www/xymon/client/ext/
# Then, to activate simply append the following to
# the /usr/local/www/xymon/client/etc/localclient.cfg file:
#
#[gmirror]
#        ENVFILE $XYMONCLIENTHOME/etc/xymonclient.cfg
#        CMD $XYMONCLIENTHOME/ext/gmirror.sh
#        LOGFILE $XYMONCLIENTLOGS/gmirror.log
#        INTERVAL 5m
#







|







23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
# IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.

#
# Place this file in /usr/local/www/xymon/client/ext/
# Then, to activate simply append the following to
# the /usr/local/www/xymon/client/etc/clientlaunch.cfg file:
#
#[gmirror]
#        ENVFILE $XYMONCLIENTHOME/etc/xymonclient.cfg
#        CMD $XYMONCLIENTHOME/ext/gmirror.sh
#        LOGFILE $XYMONCLIENTLOGS/gmirror.log
#        INTERVAL 5m
#

Changes to pkgaudit.sh.

23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
..
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82

83
84
85
86
87
88
89
90
...
107
108
109
110
111
112
113
114
115
116
# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
# IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.

#
# Place this file in /usr/local/www/xymon/client/ext/
# Then, to activate simply append the following to 
# the /usr/local/www/xymon/client/etc/localclient.cfg file:
#
#[pkg]
#        ENVFILE $XYMONCLIENTHOME/etc/xymonclient.cfg
#        CMD $XYMONCLIENTHOME/ext/pkgaudit.sh
#        LOGFILE $XYMONCLIENTLOGS/pkgaudit.log
#        INTERVAL 5m
#
................................................................................
# Now restart the xymon client to start using it.

# These can be overridden in xymonclient.cfg
: ${PKGAUDIT_COLOR="yellow"};		# Set color when results are found
: ${PKGAUDIT_JAILS="NO"};		# Audit jails if they don't run their own xymon-client
					# This needs to be capitalized "YES" to enable
: ${PKGAUDIT_JAILGREP="poudriere"};	# Argument to egrep to remove jails with name patterns.
: ${PKGAUDIT_FORCEFETCH="NO"};		# Attempt to always fetch vuln.xml -- every 5 mins!
					# This needs to be capitalized "YES" to enable

# Xymon doesn't have /usr/local in PATH
PATH=${PATH}:/usr/local/bin:/usr/local/sbin

# Don't edit below unless you know what you're doing
COLUMN=pkgaudit
COLOR=green
PKGAUDIT_FLAGS=""
TMPFILE="$(mktemp -t xymon-client-pkgaudit)"
FETCH=""
VULNXML="-f /var/db/pkg/vuln.xml"

if [ $? -ne 0 ]; then
	echo "$0: Can't create temp file, exiting..."
	exit 1
fi

# Build the pkg-audit message header for main host
echo "$(hostname) pkg audit status" >> ${TMPFILE}
echo "" >> ${TMPFILE}

# If PKGAUDIT_FORCEFETCH is enabled, pass -F flag and set VULNXML to a path where Xymon can write
[ ${PKGAUDIT_FORCEFETCH} = "YES" ] && FETCH="-F" && VULNXML="-f /usr/local/www/xymon/client/tmp/vuln.xml"

# Run pkg audit and collect output for main host. Use -F always here.
# Jail checks below don't need -F as it was done here.
pkg-static audit ${FETCH} ${VULNXML} >> ${TMPFILE} || export NONGREEN=1

# Check if we should run on jails too. Grep removes poudriere jails.
if [ ${PKGAUDIT_JAILS} = "YES" ]; then
	for i in $(jls | sed '1d' | egrep -v "${PKGAUDIT_JAILGREP}" | awk '{print $1}' | sort); do
		JAILROOT=$(jls -j ${i} -h path | sed '1d')
		{ echo "" ;
		echo "##############################" ;
		echo "" ;
		echo "jail $(jexec ${i} hostname) pkg audit status" ;

		pkg-static -o PKG_DBDIR=${JAILROOT}/var/db/pkg audit ${VULNXML} ; } > ${TMPFILE} || export NONGREEN=1
	done
fi

# Ingest all the pkg audit messages.
MSG=$(cat ${TMPFILE})

# NONGREEN was detected.
................................................................................
${XYMON} ${XYMSRV} "status ${MACHINE}.${COLUMN} ${COLOR} $(date)

${STATUS}

${MSG}
"

rm ${TMPFILE}

exit 0







|







 







<
<







|

<











<
<
<
|
<
|








|
>
|







 







|


23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
..
38
39
40
41
42
43
44


45
46
47
48
49
50
51
52
53

54
55
56
57
58
59
60
61
62
63
64



65

66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
...
101
102
103
104
105
106
107
108
109
110
# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
# IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.

#
# Place this file in /usr/local/www/xymon/client/ext/
# Then, to activate simply append the following to 
# the /usr/local/www/xymon/client/etc/clientlaunch.cfg file:
#
#[pkg]
#        ENVFILE $XYMONCLIENTHOME/etc/xymonclient.cfg
#        CMD $XYMONCLIENTHOME/ext/pkgaudit.sh
#        LOGFILE $XYMONCLIENTLOGS/pkgaudit.log
#        INTERVAL 5m
#
................................................................................
# Now restart the xymon client to start using it.

# These can be overridden in xymonclient.cfg
: ${PKGAUDIT_COLOR="yellow"};		# Set color when results are found
: ${PKGAUDIT_JAILS="NO"};		# Audit jails if they don't run their own xymon-client
					# This needs to be capitalized "YES" to enable
: ${PKGAUDIT_JAILGREP="poudriere"};	# Argument to egrep to remove jails with name patterns.



# Xymon doesn't have /usr/local in PATH
PATH=${PATH}:/usr/local/bin:/usr/local/sbin

# Don't edit below unless you know what you're doing
COLUMN=pkgaudit
COLOR=green
PKGAUDIT_FLAGS="-r"
TMPFILE="$(mktemp -t xymon-client-pkgaudit)"

VULNXML="-f /var/db/pkg/vuln.xml"

if [ $? -ne 0 ]; then
	echo "$0: Can't create temp file, exiting..."
	exit 1
fi

# Build the pkg-audit message header for main host
echo "$(hostname) pkg audit status" >> ${TMPFILE}
echo "" >> ${TMPFILE}




# Run pkg audit and collect output for main host

pkg-static audit ${PKGAUDIT_FLAGS} ${VULNXML} >> ${TMPFILE} || export NONGREEN=1

# Check if we should run on jails too. Grep removes poudriere jails.
if [ ${PKGAUDIT_JAILS} = "YES" ]; then
	for i in $(jls | sed '1d' | egrep -v "${PKGAUDIT_JAILGREP}" | awk '{print $1}' | sort); do
		JAILROOT=$(jls -j ${i} -h path | sed '1d')
		{ echo "" ;
		echo "##############################" ;
		echo "" ;
		echo "jail $(jls -j ${i} -h name | sed '/name/d') pkg audit status" ;
		echo "" ;
		pkg-static -o PKG_DBDIR=${JAILROOT}/var/db/pkg audit ${PKGAUDIT_FLAGS} ${VULNXML} ; } >> ${TMPFILE} || export NONGREEN=1
	done
fi

# Ingest all the pkg audit messages.
MSG=$(cat ${TMPFILE})

# NONGREEN was detected.
................................................................................
${XYMON} ${XYMSRV} "status ${MACHINE}.${COLUMN} ${COLOR} $(date)

${STATUS}

${MSG}
"

rm -f ${TMPFILE}

exit 0

Changes to smart.sh.

23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
# IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.

#
# Place this file in /usr/local/www/xymon/client/ext/
# Then, to activate simply append the following to
# the /usr/local/www/xymon/client/etc/localclient.cfg file:
#
#[smart]
#        ENVFILE $XYMONCLIENTHOME/etc/xymonclient.cfg
#        CMD $XYMONCLIENTHOME/ext/smart.sh
#        LOGFILE $XYMONCLIENTLOGS/smart.log
#        INTERVAL 5m
#







|







23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
# IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.

#
# Place this file in /usr/local/www/xymon/client/ext/
# Then, to activate simply append the following to
# the /usr/local/www/xymon/client/etc/clientlaunch.cfg file:
#
#[smart]
#        ENVFILE $XYMONCLIENTHOME/etc/xymonclient.cfg
#        CMD $XYMONCLIENTHOME/ext/smart.sh
#        LOGFILE $XYMONCLIENTLOGS/smart.log
#        INTERVAL 5m
#

Changes to zfs.sh.

23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
# IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.

#
# Place this file in /usr/local/www/xymon/client/ext/
# Then, to activate simply append the following to
# the /usr/local/www/xymon/client/etc/localclient.cfg file:
#
#[zfs]
#        ENVFILE $XYMONCLIENTHOME/etc/xymonclient.cfg
#        CMD $XYMONCLIENTHOME/ext/zfs.sh
#        LOGFILE $XYMONCLIENTLOGS/zfs.log
#        INTERVAL 5m
#







|







23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
# IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
# POSSIBILITY OF SUCH DAMAGE.

#
# Place this file in /usr/local/www/xymon/client/ext/
# Then, to activate simply append the following to
# the /usr/local/www/xymon/client/etc/clientlaunch.cfg file:
#
#[zfs]
#        ENVFILE $XYMONCLIENTHOME/etc/xymonclient.cfg
#        CMD $XYMONCLIENTHOME/ext/zfs.sh
#        LOGFILE $XYMONCLIENTLOGS/zfs.log
#        INTERVAL 5m
#