Search Exchange
Search All Sites
Nagios Live Webinars
Let our experts show you how Nagios can help your organization.Login
New ListingsDirectory Tree
Check Kaspersky Security for Linux Mail Server (KLMS)
Current Version
1.04
Last Release Date
2018-08-10
Compatible With
- Nagios 3.x
- Nagios 4.x
- Nagios XI
Owner
Website
License
GPL
Hits
6073
Files:
| File | Description |
|---|---|
| check_klms.sh | check_klms.sh bash shell script. Sudo permissions should be setup for the klms-control binary, by default installed in /opt/kaspersky/klms/bin/klms-control (if you have installed it in another PATH, only a variable on the script should be changed == KLMS_BIN ). |
It's written as simple as posible to maintain compatibilty between different Linux OS.
Verified compatible with the following OS:
Ubuntu v16.04.1-5 LTS
CentOS v6.10 (Final)
BusyBox v1.22.1
Released under GPLv3. Author: Carlos Ijalba - 2018.
Bash shell Script for Nagios & NagiosXI, reports on the general KLMS health:
OK: All KLMS Databases are Up to Date, KLMS running, LDAP connected.
WARNING: Database Outdated: [ AntiVirus | AntiSPAM | AntiPhishing ].
CRITICAL: Database Obsolete: [ AntiVirus | AntiSPAM | AntiPhishing ], KLMS not running, LDAP not connected.
Error: KLMS couldn't be contacted, or not installed (check your PATH or install KLMS software).
If invoked without parameters, presents a usage screen.
This script is designed to consume as little CPU time as possible and to be used in different OS types.
Verified compatible with the following OS:
Ubuntu v16.04.1-5 LTS
CentOS v6.10 (Final)
BusyBox v1.22.1
Released under GPLv3, feel free to use and modify, please give credits and references when appropriate. Author: Carlos Ijalba - 2018.
Alerts given to Nagios:
Output:
3 - Error: KLMS couldn't be contacted, or not installed.
2 - CRITICAL: Database Obsolete: [ AntiVirus | AntiSPAM | AntiPhishing ].
1 - WARNING: Database Outdated: [ AntiVirus | AntiSPAM | AntiPhishing ], KLMS not running, LDAP not connected.
0 - OK: All KLMS Databases are Up to Date, KLMS running, LDAP connected.
It also reports the original script's name and version to nagios, so check version control can be used within nagios.
-------------
SETUP:
1.- Change your command definition in the nrpe.cfg
nagios@pmimta:/usr/local/nagios/etc$ sudo cp -p nrpe.cfg nrpe.cfg.20180808 <-- always make a backup first!
nagios@pmimta:/usr/local/nagios/etc$ sudo vi nrpe.cfg <-- edit your nrpe.cfg
Add:
command[check_klms]=/usr/local/nagios/libexec/check_klms.sh status
2.- Edit sudoers file:
sudo visudo
3.- Add permissions for the klms-control binary to nagios:
Defaults:nagios !requiretty
nagios ALL=NOPASSWD: /opt/kaspersky/klms/bin/klms-control
4.- Restart the nrpe daemon:
nagios@pmimta:/usr/local/nagios/etc$ ps -ef |grep nrpe
nagios 1476 1 0 Aug05 ? 00:00:02 /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
nagios@pmimta:/usr/local/nagios/etc$ sudo kill -9 1476
nagios@pmimta:/usr/local/nagios/etc$ sudo /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
nagios@pmimta:/usr/local/nagios/etc$ ps -ef |grep nrpe
nagios 31928 1 0 12:11 ? 00:00:00 /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
or, if nrpe is under xinetd: service xinetd restart
5.- Verify nrpe log:
nagios@pmimta:/usr/local/nagios/etc$ journalctl --since=today | grep nrpe
Aug 08 12:11:41 pmimta sudo[31926]: sistemas : TTY=pts/0 ; PWD=/usr/local/nagios/etc ; USER=nagios ; COMMAND=/usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
Aug 08 12:11:41 pmimta nrpe[31928]: Starting up daemon
Aug 08 12:11:41 pmimta nrpe[31928]: Server listening on 0.0.0.0 port 5666.
Aug 08 12:11:41 pmimta nrpe[31928]: Server listening on :: port 5666.
Aug 08 12:11:41 pmimta nrpe[31928]: Warning: Daemon is configured to accept command arguments from clients!
Aug 08 12:11:41 pmimta nrpe[31928]: Listening for connections on port 0
Aug 08 12:11:41 pmimta nrpe[31928]: Allowing connections from: 127.0.0.1, nagiosxiserver
-------------
USE:
check_klms.sh [ status ]
-------------
Reports:
All OK:
OK - KLMS Running.
OK - KLMS AV-DB up to date.
OK - KLMS SPAM-DB up to date.
OK - KLMS Anti-Phishing-DB up to date.
OK - KLMS LDAP Connection is OK.
check_klms.sh v1.04
WARNINGS:
OK - KLMS Running.
WARNING - KLMS AV-DB Outdated.
WARNING - KLMS SPAM-DB Outdated.
WARNING - KLMS Anti-Phishing-DB Outdated.
OK - KLMS LDAP Connection is OK.
check_klms.sh v1.04
CRITICALS:
CRITICAL - KLMS NOT Running.
CRITICAL - KLMS AV-DB Obsolete.
CRITICAL - KLMS SPAM-DB Obsolete.
CRITICAL - KLMS Anti-Phishing-DB Obsolete.
CRITICAL - KLMS LDAP Connection Failed.
check_klms.sh v1.04
-------------
Examples:
In a machine with KLMS OK:
nagios@pmimta05:/usr/local/nagios/libexec# ./check_klms.sh status
OK - KLMS Running.
OK - KLMS AV-DB up to date.
OK - KLMS SPAM-DB up to date.
OK - KLMS Anti-Phishing-DB up to date.
OK - KLMS LDAP Connection is OK.
check_klms.sh v1.04
In a machine with the Anti-SPAM DB not actualized:
nagios@pmimta05:~# /usr/local/nagios/libexec/check_klms.sh status
OK - KLMS Running.
OK - KLMS AV-DB up to date.
WARNING - KLMS SPAM-DB Outdated.
OK - KLMS Anti-Phishing-DB up to date.
OK - KLMS LDAP Connection is OK.
check_klms.sh v1.04
In a machine without KLMS installed (or not in the PATH by default):
[nagios@nagiosxiserver libexec]# check_klms.sh status
CRITICAL - KLMS NOT Running.
ERROR - KLMS binaries not found in this machine (review PATH).
check_klms.sh v1.04
-------------
NAGIOS Plugin Version Control:
After the Nagios Status reported, the script shows the script's name and version, very useful to track nagios services versions and scripts invoked by a service/command.
OK: All KLMS Databases are Up to Date, KLMS running, LDAP connected.
WARNING: Database Outdated: [ AntiVirus | AntiSPAM | AntiPhishing ].
CRITICAL: Database Obsolete: [ AntiVirus | AntiSPAM | AntiPhishing ], KLMS not running, LDAP not connected.
Error: KLMS couldn't be contacted, or not installed (check your PATH or install KLMS software).
If invoked without parameters, presents a usage screen.
This script is designed to consume as little CPU time as possible and to be used in different OS types.
Verified compatible with the following OS:
Ubuntu v16.04.1-5 LTS
CentOS v6.10 (Final)
BusyBox v1.22.1
Released under GPLv3, feel free to use and modify, please give credits and references when appropriate. Author: Carlos Ijalba - 2018.
Alerts given to Nagios:
Output:
3 - Error: KLMS couldn't be contacted, or not installed.
2 - CRITICAL: Database Obsolete: [ AntiVirus | AntiSPAM | AntiPhishing ].
1 - WARNING: Database Outdated: [ AntiVirus | AntiSPAM | AntiPhishing ], KLMS not running, LDAP not connected.
0 - OK: All KLMS Databases are Up to Date, KLMS running, LDAP connected.
It also reports the original script's name and version to nagios, so check version control can be used within nagios.
-------------
SETUP:
1.- Change your command definition in the nrpe.cfg
nagios@pmimta:/usr/local/nagios/etc$ sudo cp -p nrpe.cfg nrpe.cfg.20180808 <-- always make a backup first!
nagios@pmimta:/usr/local/nagios/etc$ sudo vi nrpe.cfg <-- edit your nrpe.cfg
Add:
command[check_klms]=/usr/local/nagios/libexec/check_klms.sh status
2.- Edit sudoers file:
sudo visudo
3.- Add permissions for the klms-control binary to nagios:
Defaults:nagios !requiretty
nagios ALL=NOPASSWD: /opt/kaspersky/klms/bin/klms-control
4.- Restart the nrpe daemon:
nagios@pmimta:/usr/local/nagios/etc$ ps -ef |grep nrpe
nagios 1476 1 0 Aug05 ? 00:00:02 /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
nagios@pmimta:/usr/local/nagios/etc$ sudo kill -9 1476
nagios@pmimta:/usr/local/nagios/etc$ sudo /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
nagios@pmimta:/usr/local/nagios/etc$ ps -ef |grep nrpe
nagios 31928 1 0 12:11 ? 00:00:00 /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
or, if nrpe is under xinetd: service xinetd restart
5.- Verify nrpe log:
nagios@pmimta:/usr/local/nagios/etc$ journalctl --since=today | grep nrpe
Aug 08 12:11:41 pmimta sudo[31926]: sistemas : TTY=pts/0 ; PWD=/usr/local/nagios/etc ; USER=nagios ; COMMAND=/usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
Aug 08 12:11:41 pmimta nrpe[31928]: Starting up daemon
Aug 08 12:11:41 pmimta nrpe[31928]: Server listening on 0.0.0.0 port 5666.
Aug 08 12:11:41 pmimta nrpe[31928]: Server listening on :: port 5666.
Aug 08 12:11:41 pmimta nrpe[31928]: Warning: Daemon is configured to accept command arguments from clients!
Aug 08 12:11:41 pmimta nrpe[31928]: Listening for connections on port 0
Aug 08 12:11:41 pmimta nrpe[31928]: Allowing connections from: 127.0.0.1, nagiosxiserver
-------------
USE:
check_klms.sh [ status ]
-------------
Reports:
All OK:
OK - KLMS Running.
OK - KLMS AV-DB up to date.
OK - KLMS SPAM-DB up to date.
OK - KLMS Anti-Phishing-DB up to date.
OK - KLMS LDAP Connection is OK.
check_klms.sh v1.04
WARNINGS:
OK - KLMS Running.
WARNING - KLMS AV-DB Outdated.
WARNING - KLMS SPAM-DB Outdated.
WARNING - KLMS Anti-Phishing-DB Outdated.
OK - KLMS LDAP Connection is OK.
check_klms.sh v1.04
CRITICALS:
CRITICAL - KLMS NOT Running.
CRITICAL - KLMS AV-DB Obsolete.
CRITICAL - KLMS SPAM-DB Obsolete.
CRITICAL - KLMS Anti-Phishing-DB Obsolete.
CRITICAL - KLMS LDAP Connection Failed.
check_klms.sh v1.04
-------------
Examples:
In a machine with KLMS OK:
nagios@pmimta05:/usr/local/nagios/libexec# ./check_klms.sh status
OK - KLMS Running.
OK - KLMS AV-DB up to date.
OK - KLMS SPAM-DB up to date.
OK - KLMS Anti-Phishing-DB up to date.
OK - KLMS LDAP Connection is OK.
check_klms.sh v1.04
In a machine with the Anti-SPAM DB not actualized:
nagios@pmimta05:~# /usr/local/nagios/libexec/check_klms.sh status
OK - KLMS Running.
OK - KLMS AV-DB up to date.
WARNING - KLMS SPAM-DB Outdated.
OK - KLMS Anti-Phishing-DB up to date.
OK - KLMS LDAP Connection is OK.
check_klms.sh v1.04
In a machine without KLMS installed (or not in the PATH by default):
[nagios@nagiosxiserver libexec]# check_klms.sh status
CRITICAL - KLMS NOT Running.
ERROR - KLMS binaries not found in this machine (review PATH).
check_klms.sh v1.04
-------------
NAGIOS Plugin Version Control:
After the Nagios Status reported, the script shows the script's name and version, very useful to track nagios services versions and scripts invoked by a service/command.
Reviews (0)
Be the first to review this listing!
