monitoring-plugins-cyconet/check_bgp/check_bgp
2013-11-18 20:25:31 +01:00

293 lines
9.7 KiB
Perl

#!/usr/bin/perl
# nagios: +epn
#
# check_bgp - nagios plugin
#
# Copyright (C) 2006 Larry Low
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
#
# Report bugs to: llow0@yahoo.com
#
# Primary MIB reference - BGP4-MIB
#
# Version 0.4
# - added snmpv3 support
# Version 0.3
# - fixed $snmp was not checked for being defined
# Version 0.2
# - added conformed with ePN
#
use strict;
use warnings;
use lib "/usr/lib/nagios/plugins" ;
use utils qw($TIMEOUT %ERRORS &print_revision &support);
use vars qw($PROGNAME);
# Just in case of problems, let's not hang Nagios
$SIG{'ALRM'} = sub {
print ("ERROR: Plugin took too long to complete (alarm)\n");
exit $ERRORS{"UNKNOWN"};
};
alarm($TIMEOUT);
$PROGNAME = "check_bgp.pl";
sub print_help ();
sub print_usage ();
use POSIX qw(floor);
sub seconds_to_string($);
my ($opt_h,$opt_V);
my $community = "public";
my $snmp_version = 2;
my ($hostname,$bgppeer);;
use Getopt::Long;
&Getopt::Long::config('bundling');
GetOptions(
"V" => \$opt_V, "version" => \$opt_V,
"h" => \$opt_h, "help" => \$opt_h,
"C=s" => \$community, "community=s" => \$community,
"H=s" => \$hostname, "hostname=s" => \$hostname,
"p=s" => \$bgppeer, "peer=s" => \$bgppeer,
"v=i" => \$snmp_version,"snmp_version=i" => \$snmp_version
);
# -h & --help print help
if ($opt_h) { print_help(); exit $ERRORS{'OK'}; }
# -V & --version print version
if ($opt_V) { print_revision($PROGNAME,'$Revision: 0.4 $ '); exit $ERRORS{'OK'}; }
# Invalid hostname print usage
if (!utils::is_hostname($hostname)) { print_usage(); exit $ERRORS{'UNKNOWN'}; }
# No BGP peer specified, print usage
if (!defined($bgppeer)) { print_usage(); exit $ERRORS{'UNKNOWN'}; }
# Setup SNMP object
use Net::SNMP qw(INTEGER OCTET_STRING IPADDRESS OBJECT_IDENTIFIER NULL);
my ($snmp, $snmperror);
if ($snmp_version == 2) {
($snmp, $snmperror) = Net::SNMP->session(
-hostname => $hostname,
-version => 'snmpv2c',
-community => $community
);
} elsif ($snmp_version == 3) {
my ($v3_username,$v3_password,$v3_protocol,$v3_priv_passphrase,$v3_priv_protocol) = split(":",$community);
my @auth = ();
if (defined($v3_password)) { push(@auth,($v3_password =~ /^0x/) ? 'authkey' : 'authpassword',$v3_password); }
if (defined($v3_protocol)) { push(@auth,'authprotocol',$v3_protocol); }
if (defined($v3_priv_passphrase)) { push(@auth,($v3_priv_passphrase =~ /^0x/) ? 'privkey' : 'privpassword',$v3_priv_passphrase); }
if (defined($v3_priv_protocol)) { push(@auth,'privprotocol',$v3_priv_protocol); }
($snmp, $snmperror) = Net::SNMP->session(
-hostname => $hostname,
-version => 'snmpv3',
-username => $v3_username,
@auth
);
} else {
($snmp, $snmperror) = Net::SNMP->session(
-hostname => $hostname,
-version => 'snmpv1',
-community => $community
);
}
if (!defined($snmp)) {
print ("UNKNOWN - SNMP error: $snmperror\n");
exit $ERRORS{'UNKNOWN'};
}
my $state = 'UNKNOWN';
my $output = "$bgppeer status retrieval failed.";
# Begin plugin check code
{
my $bgpPeerState = "1.3.6.1.2.1.15.3.1.2";
my $bgpPeerAdminStatus = "1.3.6.1.2.1.15.3.1.3";
my $bgpPeerRemoteAs = "1.3.6.1.2.1.15.3.1.9";
my $bgpPeerLastError = "1.3.6.1.2.1.15.3.1.14";
my $bgpPeerFsmEstablishedTime = "1.3.6.1.2.1.15.3.1.16";
my %bgpPeerStates = (
-1 => 'unknown(-1)',
1 => 'idle(1)',
2 => 'connect(2)',
3 => 'active(3)',
4 => 'opensent(4)',
5 => 'openconfirm(5)',
6 => 'established(6)'
);
my %bgpPeerAdminStatuses = (
1=>'stop(1)',
2=>'start(2)'
);
my %bgpErrorCodes = (
'01 00' => 'Message Header Error',
'01 01' => 'Message Header Error - Connection Not Synchronized',
'01 02' => 'Message Header Error - Bad Message Length',
'01 03' => 'Message Header Error - Bad Message Type',
'02 00' => 'OPEN Message Error',
'02 01' => 'OPEN Message Error - Unsupported Version Number',
'02 02' => 'OPEN Message Error - Bad Peer AS',
'02 03' => 'OPEN Message Error - Bad BGP Identifier',
'02 04' => 'OPEN Message Error - Unsupported Optional Parameter',
'02 05' => 'OPEN Message Error', #deprecated
'02 06' => 'OPEN Message Error - Unacceptable Hold Time',
'03 00' => 'UPDATE Message Error',
'03 01' => 'UPDATE Message Error - Malformed Attribute List',
'03 02' => 'UPDATE Message Error - Unrecognized Well-known Attribute',
'03 03' => 'UPDATE Message Error - Missing Well-known Attribute',
'03 04' => 'UPDATE Message Error - Attribute Flags Error',
'03 05' => 'UPDATE Message Error - Attribute Length Erro',
'03 06' => 'UPDATE Message Error - Invalid ORIGIN Attribute',
'03 07' => 'UPDATE Message Error', #deprecated
'03 08' => 'UPDATE Message Error - Invalid NEXT_HOP Attribute',
'03 09' => 'UPDATE Message Error - Optional Attribute Error',
'03 0A' => 'UPDATE Message Error - Invalid Network Field',
'03 0B' => 'UPDATE Message Error - Malformed AS_PATH',
'04 00' => 'Hold Timer Expired',
'05 00' => 'Finite State Machine Error',
'06 00' => 'Cease',
'06 01' => 'Cease - Maximum Number of Prefixes Reached',
'06 02' => 'Cease - Administrative Shutdown',
'06 03' => 'Cease - Peer De-configured',
'06 04' => 'Cease - Administrative Reset',
'06 05' => 'Cease - Connection Rejected',
'06 06' => 'Cease - Other Configuration Change',
'06 07' => 'Cease - Connection Collision Resolution',
'06 08' => 'Cease - Out of Resources'
);
my @snmpoids;
push (@snmpoids,"$bgpPeerState.$bgppeer");
push (@snmpoids,"$bgpPeerAdminStatus.$bgppeer");
push (@snmpoids,"$bgpPeerRemoteAs.$bgppeer");
push (@snmpoids,"$bgpPeerLastError.$bgppeer");
push (@snmpoids,"$bgpPeerFsmEstablishedTime.$bgppeer");
my $result = $snmp->get_request(
-varbindlist => \@snmpoids
);
if (!defined($result)) {
my $answer = $snmp->error;
$snmp->close;
print ("UNKNOWN: SNMP error: $answer\n");
exit $ERRORS{'UNKNOWN'};
}
if ($result->{"$bgpPeerState.$bgppeer"} ne "noSuchInstance") {
$output = "$bgppeer (AS".
$result->{"$bgpPeerRemoteAs.$bgppeer"}.
") state is ".
$bgpPeerStates{$result->{"$bgpPeerState.$bgppeer"}};
my $lasterror;
my $lasterrorcode = $result->{"$bgpPeerLastError.$bgppeer"};
if (hex($lasterrorcode) != 0) {
$lasterrorcode = substr($lasterrorcode,2,2)." ".substr($lasterrorcode,4,2);
my ($code,$subcode) = split(" ",$lasterrorcode);
if (!defined($bgpErrorCodes{$lasterrorcode})) {
$lasterror = $bgpErrorCodes{"$code 00"};
} else {
$lasterror = $bgpErrorCodes{$lasterrorcode};
}
if (!defined($lasterror)) {
$lasterror = "Unknown ($code $subcode)";
}
}
my $establishedtime = seconds_to_string($result->{"$bgpPeerFsmEstablishedTime.$bgppeer"});
if ($result->{"$bgpPeerState.$bgppeer"} == 6) {
$state = 'OK';
$output .= ". Established for $establishedtime.";
} elsif ($result->{"$bgpPeerAdminStatus.$bgppeer"} == 1) { #stop
$state = 'WARNING'; # admin down do warning
$output .= " (administratively down). Last established $establishedtime.";
} else {
$state = 'CRITICAL';
$output .= ". Last established $establishedtime.";
}
if (defined($lasterror)) {
$output .= " Last error \"$lasterror\".";
}
}
}
print "$state - $output\n";
exit $ERRORS{$state};
sub print_help() {
print_revision($PROGNAME,'$Revision: 0.4 $ ');
print "Copyright (c) 2006 Larry Low\n";
print "This program is licensed under the terms of the\n";
print "GNU General Public License\n(check source code for details)\n";
print "\n";
printf "Check BGP peer status via SNMP.\n";
print "\n";
print_usage();
print "\n";
print " -H (--hostname) Hostname to query - (required)\n";
print " -C (--community) SNMP read community or v3 auth (defaults to public)\n";
print " (v3 specified as username:authpassword:... )\n";
print " username = SNMPv3 security name\n";
print " authpassword = SNMPv3 authentication pass phrase (or hexidecimal key)\n";
print " authprotocol = SNMPv3 authentication protocol (md5 (default) or sha)\n";
print " privpassword = SNMPv3 privacy pass phrase (or hexidecmal key)\n";
print " privprotocol = SNMPv3 privacy protocol (des (default) or aes)\n";
print " -v (--snmp_version) 1 for SNMP v1\n";
print " 2 for SNMP v2c (default)\n";
print " 3 for SNMP v3\n";
print " -p {--peer} IP of BGP Peer\n";
print " -V (--version) Plugin version\n";
print " -h (--help) usage help\n";
print "\n";
support();
}
sub print_usage() {
print "Usage: \n";
print " $PROGNAME -H <HOSTNAME> [-C <community>] -p <bgppeer>\n";
print " $PROGNAME [-h | --help]\n";
print " $PROGNAME [-V | --version]\n";
}
sub seconds_to_string($) {
my $time = shift;
my $timestr = "";
if ($time > (365.24225*24*60*60)) {
my $years = floor($time / (365.24225*24*60*60));
$time -= $years*365.24225*24*60*60;
$timestr .= $years."y";
}
if ($time > (24*60*60)) {
my $days = floor($time / (24*60*60));
$time -= $days*24*60*60;
$timestr .= $days."d";
}
if ($time > (60*60)) {
my $hours = floor($time / (60*60));
$time -= $hours*60*60;
$timestr .= $hours."h";
}
if ($time > 60) {
my $minutes = floor($time / 60);
$time -= $minutes*60;
$timestr .= $minutes."m";
}
$timestr .= $time."s";
return $timestr;
}