smecontribs/smeserver-zabbix-agent
6
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

initial commit of file from CVS for smeserver-zabbix-agent on Sat Sep 7 21:17:46 AEST 2024

Browse Source
This commit is contained in:
Trevor Batley
2024-09-07 21:17:46 +10:00
parent c771a7111d
commit 127b1311fe
51 changed files with 1771 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

210
root/var/lib/zabbix/bin/check_asterisk Normal file
View File

@@ -0,0 +1,210 @@
#!/usr/bin/perl -w
use Asterisk::AMI::Common;
use Getopt::Long;
open STDERR, '>/dev/null';
# Set some default
my $host = '127.0.0.1';
my $port = '5038';
my $user = 'zabbixagent';
my $secret = 'zabbixsecret';
my $what = 'sip_peers';
GetOptions(
"host=s" => \$host,
"port=s" => \$port,
"user=s" => \$user,
"secret=s" => \$secret,
"what=s" => \$what
);
our $ast = Asterisk::AMI::Common->new(
PeerAddr => $host,
PeerPort => $port,
Username => $user,
Secret => $secret
);
die "Unable to connect to asterisk manager" unless ($ast);
sub help{
print<<"EOF";
usage: $0 --host=asterisk.domain.tld --port=5038 --user=manager --secret=azerty --what=sip_peers
--what can take the following argument:
* sip_peers: number of connected sip peers
* max_latency: highest latency of connected sip_peers
* channels: total number of active channels
* internal_calls: number of active internal calls
* outgoing_calls: number of active outgoing calls (external)
* incoming_calls: number of active incoming calls (external)
* external_calls: number of external calls (in + out)
* duration_internal: actual highest duration of internal calls
* duration_external: actual highest duration of external calls
EOF
}
if ($what eq 'sip_peers'){
print get_connected_peers_num('sip');
}
elsif ($what eq 'max_latency'){
print get_max_peer_latency();
}
elsif($what eq 'channels'){
print get_active_channels_num();
}
elsif ($what eq 'internal_calls'){
print get_internal_call_num();
}
elsif ($what eq 'outgoing_calls'){
print get_outgoing_call_num();
}
elsif ($what eq 'incoming_calls'){
print get_incoming_call_num();
}
elsif ($what eq 'external_calls'){
print get_outgoing_call_num() + get_incoming_call_num();
}
elsif ($what eq 'duration_internal'){
print get_max_duration_internal();
}
elsif ($what eq 'duration_external'){
print get_max_duration_external();
}
else{
help();
$ast->disconnect();
exit (1);
}
$ast->disconnect();
exit(0);
# Return the number of connected peers for
# the specified protocol (only SIP supporteed for now)
sub get_connected_peers_num{
my $proto = shift;
my $peers;
if ($proto eq 'sip'){
$peers = get_sip_peers();
}
else{
return 'unsupported protocol';
}
my $num = 0;
foreach my $peer (keys %{$peers}){
my $status = $peers->{$peer}->{'Status'};
$num++ if ($status =~ m/^OK/);
}
return $num;
}
# Return the list of SIP peers (as a hashref)
sub get_sip_peers{
return $ast->sip_peers();
}
# Return the highest latency of all the peers
sub get_max_peer_latency{
my $peers = get_sip_peers();
my $latency = 0;
foreach my $peer (keys %{$peers}){
my $status = $peers->{$peer}->{'Status'};
$status =~ /\((\d+)\sms\)/;
$latency = $1 if ($1 > $latency);
}
return $latency;
}
# Return channels list as a hashref
sub get_channels(){
return $ast->channels();
}
# Return the number of channels
sub get_active_channels_num{
my $channels = get_channels();
my $num = 0;
foreach my $chan (keys %{$channels}){
$num++;
}
return $num;
}
# Return the number of active channels
sub get_up_channels_num{
my $channels = get_channels();
my $num = 0;
foreach my $chan (keys %{$channels}){
my $status = $channels->{$chan}->{'State'};
$num++ if ($status eq 'Up');
}
return $num;
}
# Return the number of outgoing calls
sub get_outgoing_call_num{
my $channels = get_channels();
my $num = 0;
foreach my $chan (keys %{$channels}){
my $context = $channels->{$chan}->{'Context'};
my $status = $channels->{$chan}->{'State'};
$num++ if ($context eq 'macro-dialout-trunk' and $status eq 'Up');
}
return $num;
}
# Return the number of incoming calls
sub get_incoming_call_num{
my $channels = get_channels();
my $num = 0;
foreach my $chan (keys %{$channels}){
my $context = $channels->{$chan}->{'Context'};
my $status = $channels->{$chan}->{'State'};
$num++ if ($context =~ /^from\-(trunk|pstn|zaptel|dahdi)/ and $status eq 'Up');
}
return $num;
}
# Return the number of internal calls
sub get_internal_call_num{
my $channels = get_channels();
my $num = 0;
foreach my $chan (keys %{$channels}){
my $context = $channels->{$chan}->{'Context'};
my $status = $channels->{$chan}->{'State'};
$num++ if (($context eq 'macro-dial' or $context eq 'from-internal') and $status eq 'Up');
}
return $num
}
# Return the max duration of current internal calls
sub get_max_duration_internal{
my $channels = get_channels();
my $max = 0;
foreach my $chan (keys %{$channels}){
my $dur = $channels->{$chan}->{'Seconds'};
my $context = $channels->{$chan}->{'Context'};
$max = $dur if (($context eq 'macro-dial' or $context eq 'from-internal') and $dur > $max);
}
return $max
}
# Return the max duration of current external calls (in or out)
sub get_max_duration_external{
my $channels = get_channels();
my $max = 0;
foreach my $chan (keys %{$channels}){
my $dur = $channels->{$chan}->{'Seconds'};
my $context = $channels->{$chan}->{'Context'};
$max = $dur if (($context eq 'macro-dialout-trunk' or $context =~ /^from\-(trunk|pstn|zaptel|dahdi)/) and $dur > $max);
}
return $max
}

33
root/var/lib/zabbix/bin/check_certs_sudo Normal file
View File

@@ -0,0 +1,33 @@
#!/usr/bin/perl -w
# Check a PEM certificate
# --what: what to monitor. Only expire is supported for now, and returns the number of day before expiration
# --cert: the path to the certificate you want to check
use strict;
use warnings;
use Crypt::OpenSSL::X509;
use Date::Parse;
use Getopt::Long;
my $what = 'expire';
my $cert = '';
GetOptions(
"cert=s" => \$cert,
"what=s" => \$what
);
die "Usage: $0 --what=status --cert=/path/to/pem/certificate\n" unless
(-f $cert);
$cert = Crypt::OpenSSL::X509->new_from_file( "$cert" );
my $expire_in = int ((str2time($cert->notAfter())-time())/(3600*24));
if ($what eq 'expire'){
print $expire_in;
}
else{
die "Only expire is supported for now";
}

5
root/var/lib/zabbix/bin/check_mysqladmin_status_sudo Normal file
View File

@@ -0,0 +1,5 @@
#!/bin/sh
HOME=/root
exec /usr/bin/mysqladmin status

49
root/var/lib/zabbix/bin/disco_certs_sudo Normal file
View File

@@ -0,0 +1,49 @@
#!/usr/bin/perl -w
use strict;
use warnings;
use Crypt::OpenSSL::X509;
use Date::Parse;
use Getopt::Long;
use JSON;
my $index = '/opt/phpki/phpki-store/CA/index.txt';
my $path = '/opt/phpki/phpki-store/CA/newcerts';
GetOptions(
"index=s" => \$index,
"path=s" => \$path
);
open INDEX, "$index" or die "Couldn't open $index\n";
my $json;
foreach my $l (<INDEX>){
next unless $l =~ m/^([VR])\t\d+Z\t(\d+Z)?\t(\w+)\tunknown\t.*/;
my $status = $1;
my $serial = $3;
my $cert = Crypt::OpenSSL::X509->new_from_file( "$path/$serial.pem" );
my $expire_in = int ((str2time($cert->notAfter())-time())/(3600*24));
if ($status eq 'V'){
$status = 'valid';
}
elsif ($expire_in lt 0){
$status = 'expired';
}
else{
$status = 'revoked';
}
my $subject = $cert->subject;
$subject =~ m/.*\sCN=(.*),/;
my $cn = $1;
push @{$json->{data}}, {
"{#CRTCN}" => $cn,
"{#CRTSERIAL}" => $serial,
"{#CRTSTATUS}" => $status,
};
}
close INDEX;
print to_json($json);

13
root/var/lib/zabbix/bin/util_count_mail_in Normal file
View File

@@ -0,0 +1,13 @@
#!/bin/bash
BINDIR='/var/lib/zabbix/bin'
LOGTAIL=$BINDIR'/util_logtail'
PARSER=$BINDIR'/util_parse_mail_in'
LOGFILE='/var/log/qpsmtpd/current'
TMPDIR='/var/lib/zabbix/tmp/'
for WHAT in $($BINDIR/util_parse_mail_in keys); do
$LOGTAIL $LOGFILE $TMPDIR/mail.in.$WHAT.offset | $PARSER $WHAT > $TMPDIR/mail.in.$WHAT
done

11
root/var/lib/zabbix/bin/util_count_mail_out Normal file
View File

@@ -0,0 +1,11 @@
#!/bin/bash
BINDIR='/var/lib/zabbix/bin'
LOGTAIL=$BINDIR'/util_logtail'
PARSER=$BINDIR'/util_parse_mail_out'
LOGFILE='/var/log/qmail/current'
TMPDIR='/var/lib/zabbix/tmp/'
for WHAT in failure deferral success total; do
$LOGTAIL $LOGFILE $TMPDIR/mail.out.$WHAT.offset | $PARSER $WHAT > $TMPDIR/mail.out.$WHAT
done

95
root/var/lib/zabbix/bin/util_logtail Normal file
View File

@@ -0,0 +1,95 @@
#!/usr/bin/perl
# Copyright (C) 2009 Daniel Berteaud <daniel@firewall-services.com>
# Copyright (C) 2003 Jonathan Middleton <jjm@ixtab.org.uk
# Copyright (C) 2001 Paul Slootman <paul@debian.org>
# This file is part of Logcheck.
# Modifications for integration with smeserver-zabbix-agent
# Logcheck is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
# Logcheck is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
# You should have received a copy of the GNU General Public License
# along with Foobar; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
my ($logfile, $offsetfile) = @ARGV;
if (! -f $logfile) {
print "File $logfile cannot be read.\n";
exit 66;
}
unless ($offsetfile) {
# offsetfile not given, use .offset/$logfile in the same directory
$offsetfile = $logfile . '.offset';
}
unless (open(LOGFILE, $logfile)) {
print "File $logfile cannot be read.\n";
exit 66;
}
my ($inode, $offset) = (0, 0);
if (open(OFFSET, $offsetfile)) {
$_ = <OFFSET>;
unless (! defined $_) {
chomp $_;
$inode = $_;
$_ = <OFFSET>;
unless (! defined $_) {
chomp $_;
$offset = $_;
}
}
}
my ($ino, $size);
unless ((undef,$ino,undef,undef,undef,undef,undef,$size) = stat $logfile) {
print "Cannot get $logfile file size.\n", $logfile;
exit 65;
}
if ($inode == $ino) {
exit 0 if $offset == $size; # short cut
if ($offset > $size) {
$offset = 0;
#print "***************\n";
#print "*** WARNING ***: Log file $logfile is smaller than last time checked!\n";
#print "*************** This could indicate tampering.\n";
}
}
if ($inode != $ino || $offset > $size) {
$offset = 0;
}
seek(LOGFILE, $offset, 0);
while (<LOGFILE>) {
print $_;
}
$size = tell LOGFILE;
close LOGFILE;
unless (open(OFFSET, ">$offsetfile")) {
print "File $offsetfile cannot be created. Check your permissions.\n";
exit 73;
}
unless (chmod 0600, $offsetfile) {
print "Cannot set permissions on file $offsetfile\n";
exit 65;
}
print OFFSET "$ino\n$size\n";
close OFFSET;
exit 0;

129
root/var/lib/zabbix/bin/util_parse_mail_in Normal file
View File

@@ -0,0 +1,129 @@
#!/usr/bin/perl -w
# Copyright (C) 2009-2016 Daniel Berteaud <daniel@firewall-services.com>
# This file is part of smeserver-zabbix-agent package.
# This script is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
# This script is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
# You should have received a copy of the GNU General Public License
# along with Foobar; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
# This script parse qpsmtpd logs (which must be sent to STDIN), and count the number
# of emails rejected by each plugins, and those accepted. You need to logterse plugin enabled
my $what = $ARGV[0] || '';
# This is the list of plugins we can get stats for
# you can set the regex used to identify a line in the logs
my %denied = (
dnsbl => qr{(dnsbl\s+90|naughty\s+90\d\s+\(dnsbl\))},
rhsbl => qr{rhsbl\s+90},
uribl => qr{uribl\s+90},
clamav => qr{virus::clam(av|dscan)\s+90},
check_earlytalker => qr{(check_)?earlytalker\s+90},
check_basicheaders => qr{(check_basic)?headers\s+90},
check_goodrcptto => qr{(check_)?goodrcptto\s+90},
check_spamhelo => qr{((check_spam)?helo\s+90|naughty\s+90\d\s+\(helo\))},
fcrdns => qr{fcrdns\s+90},
karma => qr{(karma\s+90|naughty\s+90\d\s+\(karma\))},
spf => qr{(sender_permitted_from|spf_deny)\s+90},
dmarc => qr{dmarc\s+90},
tls_failed => qr{tls\s+90},
resolvable_fromhost => qr{(require_)?resolvable_fromhost}
);
my @others = qw(total_denied spam_denied other_denied spam_queued queued total);
# If arg is keys, just print the supported keys and exit
if ($what eq "keys"){
print join "\n", (keys %denied, @others);
exit (0)
}
my %cnt;
foreach (keys %denied, @others){
$cnt{$_} = 0;
}
while (<STDIN>) {
my $line = $_;
# We only want logterse lines like
# @400000004994ad092afa867c 18386 logging::logterse plugin:
# The format can slightly change depending on qpsmtpd version
next unless $line =~ m/^\@[0-9a-f]{24} \d+( \((queue|deny)\))? logging::logterse/;
# Lets count all the message which have been denied 'msg denied before queued'
if ($line =~ m/msg denied before queued/){
$cnt{total_denied}++;
# Now try to find the plugin responsible for the deny
foreach (keys %denied){
if ($line =~ m/$denied{$_}/){
$cnt{$_}++;
}
}
next;
}
# Rejected by spamassassin because spam score is too high
elsif ($line =~ m/spam score exceeded threshold/){
$cnt{spam_denied}++;
next;
}
# Tagged as spam, but kept accepted
elsif ($line =~ m/queued\s+<.*>\s+Yes,\s+(score|hits)=/){
$cnt{spam_queued}++;
next;
}
# Queued, not tagged as spam (or spam filtering disabled), those are the clean emails
elsif ($line =~ m/queued\s+<.*>(\s+No,\s+(score|hits)=.+)?/){
$cnt{queued}++;
next;
}
}
# Now lets count other_denied, which is total_denied minus
# all the known plugins denied
$cnt{other_denied} = $cnt{total_denied};
foreach (keys %denied){
$cnt{total} = $cnt{total} + $cnt{$_};
$cnt{other_denied} = $cnt{other_denied} - $cnt{$_};
}
foreach (@others){
$cnt{total} = $cnt{total} + $cnt{$_} if ($_ !~ /total/);
}
# The print argument prints all on stdout
if ($what eq "print"){
foreach (keys %denied,@others){
print "$_: $cnt{$_}\n";
}
}
# If the arg is a known plugin, prints only its value
elsif (defined $cnt{$what}){
print "$cnt{$what}\n";
}
# Else, print an error
else{
print "supported items are: ";
foreach (keys %denied, @others){
print "$_ ";
}
print "\n";
exit 1;
}
exit 0;

70
root/var/lib/zabbix/bin/util_parse_mail_out Normal file
View File

@@ -0,0 +1,70 @@
#!/usr/bin/perl -w
# Copyright (C) 2009 Daniel Berteaud <daniel@firewall-services.com>
# This file is part of smeserver-zabbix-agent package.
# This script is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
# This script is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
# You should have received a copy of the GNU General Public License
# along with Foobar; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
my $what = $ARGV[0] || '';
# On initialise nos compteurs a 0
my @results = qw(failure deferral success total);
my %cnt;
foreach (@results){
$cnt{$_} = 0;
}
while (<STDIN>) {
my $line = $_;
# on limites aux lignes concernant l'envoie
# @400000004994ad092afa867c delivery 96906: success etc...
next unless $line =~ m/^\@[0-9a-f]{24} delivery \d+: (success|failure|deferral).*(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}|CNAME_lookup_failed_temporarily)/;
my $result = $1;
$cnt{$result}++;
}
# Caclul des totaux:
foreach (@results){
$cnt{total} = $cnt{total} + $cnt{$_} if $_ !~ /total/;
}
# Si l'argument est "print" on affiche toutes les stats
if ($what eq "print"){
foreach (@results){
print "$_: $cnt{$_}\n";
}
}
# Si l'argument correspond a un compteur definit
# On affiche uniquemment cette valeur
elsif (defined $cnt{$what}){
print "$cnt{$what}\n";
}
# Sinon, on quitte avec une erreur
else{
print "supported items are: ";
foreach (@results){
print "$_ ";
}
print "\n";
exit 1;
}
exit 0;

31
root/var/lib/zabbix/bin/util_send_status_mail Normal file
View File

@@ -0,0 +1,31 @@
#!/usr/bin/perl -w
use esmith::ConfigDB;
use MIME::Lite;
use Net::SMTP;
my $c = esmith::ConfigDB->open_ro();
my $domain = $c->get('DomainName')->value();
my $host = $c->get('SystemName')->value();
my $z = $c->get('zabbix-agent');
my $dest = $z->prop('StatusRecipient') || 'admin@' . $domain;
my $smtp = Net::SMTP->new('localhost');
my $mail = MIME::Lite->new(
From => 'smeserver-status@' . $domain,
To => $dest,
Subject => "[STATUS] $host.$domain",
Data => localtime(time)."\n" .
"\n#>tail /var/log/messages :\n" .
`/usr/bin/tail \$(readlink /var/log/messages)` .
"\n#>netstat --numeric-hosts -tpu :\n" .
`/bin/netstat --numeric-hosts -tpu`
);
$smtp->mail('smeserver-status@' . $domain);
$smtp->recipient($dest);
$smtp->data();
$smtp->datasend($mail->as_string);
$smtp->dataend();
$smtp->quit;