mirror of
https://github.com/bashclub/check-opnsense.git
synced 2024-11-07 16:31:58 +01:00
Update opnsense_checkmk_agent.py
This commit is contained in:
Thorsten Spille
GitHub
parent
fab74967d8
commit
6d6d9f23ca
@ -38,6 +38,7 @@ import pwd
|
|||||||
import threading
|
import threading
|
||||||
import ipaddress
|
import ipaddress
|
||||||
import base64
|
import base64
|
||||||
|
import traceback
|
||||||
from cryptography import x509
|
from cryptography import x509
|
||||||
from cryptography.hazmat.backends import default_backend as crypto_default_backend
|
from cryptography.hazmat.backends import default_backend as crypto_default_backend
|
||||||
from xml.etree import cElementTree as ELementTree
|
from xml.etree import cElementTree as ELementTree
|
||||||
@ -81,6 +82,8 @@ class checkmk_handler(StreamRequestHandler):
|
|||||||
|
|
||||||
class checkmk_checker(object):
|
class checkmk_checker(object):
|
||||||
_certificate_timestamp = 0
|
_certificate_timestamp = 0
|
||||||
|
_datastore_mutex = threading.RLock()
|
||||||
|
_datastore = object_dict()
|
||||||
def do_checks(self):
|
def do_checks(self):
|
||||||
self._getosinfo()
|
self._getosinfo()
|
||||||
_errors = []
|
_errors = []
|
||||||
@ -92,20 +95,29 @@ class checkmk_checker(object):
|
|||||||
if _check.startswith("check_"):
|
if _check.startswith("check_"):
|
||||||
try:
|
try:
|
||||||
_lines += getattr(self,_check)()
|
_lines += getattr(self,_check)()
|
||||||
except Expetion as e:
|
except:
|
||||||
_errors.append(str(e))
|
_errors.append(traceback.format_exc())
|
||||||
_lines.append("<<<local:sep(0)>>>")
|
_lines.append("<<<local:sep(0)>>>")
|
||||||
for _check in dir(self):
|
for _check in dir(self):
|
||||||
if _check.startswith("checklocal_"):
|
if _check.startswith("checklocal_"):
|
||||||
try:
|
try:
|
||||||
_lines += getattr(self,_check)()
|
_lines += getattr(self,_check)()
|
||||||
except Exeption as e:
|
except:
|
||||||
_errors.append(str(e))
|
_errors.append(traceback.format_exc())
|
||||||
_lines.append("")
|
_lines.append("")
|
||||||
sys.stderr.write("\n".join(_errors))
|
sys.stderr.write("\n".join(_errors))
|
||||||
sys.stderr.flush()
|
sys.stderr.flush()
|
||||||
return "\n".join(_lines)
|
return "\n".join(_lines)
|
||||||
|
|
||||||
|
def _get_storedata(self,section,key):
|
||||||
|
with self._datastore_mutex:
|
||||||
|
return self._datastore.get(section,{}).get(key)
|
||||||
|
def _set_storedata(self,section,key,value):
|
||||||
|
with self._datastore_mutex:
|
||||||
|
if section not in self._datastore:
|
||||||
|
self._datastore[section] = object_dict()
|
||||||
|
self._datastore[section][key] = value
|
||||||
|
|
||||||
def _getosinfo(self):
|
def _getosinfo(self):
|
||||||
_info = json.load(open("/usr/local/opnsense/version/core","r"))
|
_info = json.load(open("/usr/local/opnsense/version/core","r"))
|
||||||
_changelog = json.load(open("/usr/local/opnsense/changelog/index.json","r"))
|
_changelog = json.load(open("/usr/local/opnsense/changelog/index.json","r"))
|
||||||
@ -298,6 +310,21 @@ class checkmk_checker(object):
|
|||||||
_sock = None
|
_sock = None
|
||||||
return ""
|
return ""
|
||||||
|
|
||||||
|
def _get_openvpn_traffic(self,interface,totalbytesin,totalbytesout):
|
||||||
|
_hist_data = self._get_storedata("openvpn",interface)
|
||||||
|
_slot = int(time.time())
|
||||||
|
_slot -= _slot%60
|
||||||
|
_hist_slot = 0
|
||||||
|
_traffic_in = _traffic_out = 0
|
||||||
|
if _hist_data:
|
||||||
|
_hist_slot,_hist_bytesin, _hist_bytesout = _hist_data
|
||||||
|
pprint(_hist_data)
|
||||||
|
_traffic_in = int(totalbytesin -_hist_bytesin) / max(1,_slot - _hist_slot)
|
||||||
|
_traffic_out = int(totalbytesout - _hist_bytesout) / max(1,_slot - _hist_slot)
|
||||||
|
if _hist_slot != _slot:
|
||||||
|
self._set_storedata("openvpn",interface,(_slot,totalbytesin,totalbytesout))
|
||||||
|
return _traffic_in,_traffic_out
|
||||||
|
|
||||||
def checklocal_openvpn(self):
|
def checklocal_openvpn(self):
|
||||||
_ret = [""]
|
_ret = [""]
|
||||||
_cfr = self._config_reader().get("openvpn")
|
_cfr = self._config_reader().get("openvpn")
|
||||||
@ -325,7 +352,7 @@ class checkmk_checker(object):
|
|||||||
_server["maxclients"] = _max_clients
|
_server["maxclients"] = _max_clients
|
||||||
|
|
||||||
_server_cert = self._get_certificate(_server.get("certref"))
|
_server_cert = self._get_certificate(_server.get("certref"))
|
||||||
_nclients, _server["bytesin"], _server["bytesout"] = 0,0,0
|
_server["bytesin"], _server["bytesout"] = 0,0
|
||||||
_server["expiredays"] = 0
|
_server["expiredays"] = 0
|
||||||
_server["expiredate"] = "no certificate found"
|
_server["expiredate"] = "no certificate found"
|
||||||
if _server_cert:
|
if _server_cert:
|
||||||
@ -335,7 +362,11 @@ class checkmk_checker(object):
|
|||||||
try:
|
try:
|
||||||
_unix = "/var/etc/openvpn/server{vpnid}.sock".format(**_server)
|
_unix = "/var/etc/openvpn/server{vpnid}.sock".format(**_server)
|
||||||
try:
|
try:
|
||||||
_nclients, _server["bytesin"], _server["bytesout"] = re.findall("=(\d+)",self._read_from_openvpnsocket(_unix,"load-stats"))
|
|
||||||
|
_server["bytesin"], _server["bytesout"] = self._get_openvpn_traffic(
|
||||||
|
"SRV_{name}".format(**_server),
|
||||||
|
*(map(lambda x: int(x),re.findall("bytes\w+=(\d+)",self._read_from_openvpnsocket(_unix,"load-stats"))))
|
||||||
|
)
|
||||||
except:
|
except:
|
||||||
pass
|
pass
|
||||||
|
|
||||||
@ -395,8 +426,12 @@ class checkmk_checker(object):
|
|||||||
if _current_conn:
|
if _current_conn:
|
||||||
_client["uptime"] = max(map(lambda x: x.get("uptime"),_current_conn))
|
_client["uptime"] = max(map(lambda x: x.get("uptime"),_current_conn))
|
||||||
_client["count"] = len(_current_conn)
|
_client["count"] = len(_current_conn)
|
||||||
_client["bytes_received"] = sum(map(lambda x: x.get("bytes_received"),_current_conn))
|
_client["bytes_received"], _client["bytes_sent"] = self._get_openvpn_traffic(
|
||||||
_client["bytes_sent"] = sum(map(lambda x: x.get("bytes_sent"),_current_conn))
|
"CL_{description}".format(**_client),
|
||||||
|
sum(map(lambda x: x.get("bytes_received"),_current_conn)),
|
||||||
|
sum(map(lambda x: x.get("bytes_sent"),_current_conn))
|
||||||
|
)
|
||||||
|
|
||||||
_client["longdescr"] = ""
|
_client["longdescr"] = ""
|
||||||
for _conn in _current_conn:
|
for _conn in _current_conn:
|
||||||
_client["longdescr"] += "Server:{server} {remote_ip}->{vpn_ip} {cipher} ".format(**_conn)
|
_client["longdescr"] += "Server:{server} {remote_ip}->{vpn_ip} {cipher} ".format(**_conn)
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user