Home Directory Plugins Anti-Virus Kaspersky Check Kaspersky Security for Linux Mail Server (KLMS)

Search Exchange

Search All Sites

Nagios Live Webinars

Let our experts show you how Nagios can help your organization.

Contact Us

Phone: 1-888-NAGIOS-1
Email: sales@nagios.com

Login

Remember Me

Directory Tree

Check Kaspersky Security for Linux Mail Server (KLMS)

Rating
0 votes
Favoured:
0
Current Version
1.04
Last Release Date
2018-08-10
Compatible With
  • Nagios 3.x
  • Nagios 4.x
  • Nagios XI
License
GPL
Hits
6333
Files:
FileDescription
check_klms.shcheck_klms.sh bash shell script. Sudo permissions should be setup for the klms-control binary, by default installed in /opt/kaspersky/klms/bin/klms-control (if you have installed it in another PATH, only a variable on the script should be changed == KLMS_BIN ).
Nagios CSP

Meet The New Nagios Core Services Platform

Built on over 25 years of monitoring experience, the Nagios Core Services Platform provides insightful monitoring dashboards, time-saving monitoring wizards, and unmatched ease of use. Use it for free indefinitely.

Monitoring Made Magically Better

  • Nagios Core on Overdrive
  • Powerful Monitoring Dashboards
  • Time-Saving Configuration Wizards
  • Open Source Powered Monitoring On Steroids
  • And So Much More!
Check Kaspersky Security for Linux Mail Server (KLMS)
Bash shell Script for Nagios & NagiosXI, checks if the KLMS application is running OK, has a connection to the LDAP server and has it's Databases up to date.

It's written as simple as posible to maintain compatibilty between different Linux OS.

Verified compatible with the following OS:
Ubuntu v16.04.1-5 LTS
CentOS v6.10 (Final)
BusyBox v1.22.1

Released under GPLv3. Author: Carlos Ijalba - 2018.
Bash shell Script for Nagios & NagiosXI, reports on the general KLMS health:

OK: All KLMS Databases are Up to Date, KLMS running, LDAP connected.
WARNING: Database Outdated: [ AntiVirus | AntiSPAM | AntiPhishing ].
CRITICAL: Database Obsolete: [ AntiVirus | AntiSPAM | AntiPhishing ], KLMS not running, LDAP not connected.
Error: KLMS couldn't be contacted, or not installed (check your PATH or install KLMS software).

If invoked without parameters, presents a usage screen.

This script is designed to consume as little CPU time as possible and to be used in different OS types.

Verified compatible with the following OS:
Ubuntu v16.04.1-5 LTS
CentOS v6.10 (Final)
BusyBox v1.22.1

Released under GPLv3, feel free to use and modify, please give credits and references when appropriate. Author: Carlos Ijalba - 2018.

Alerts given to Nagios:

Output:
3 - Error: KLMS couldn't be contacted, or not installed.
2 - CRITICAL: Database Obsolete: [ AntiVirus | AntiSPAM | AntiPhishing ].
1 - WARNING: Database Outdated: [ AntiVirus | AntiSPAM | AntiPhishing ], KLMS not running, LDAP not connected.
0 - OK: All KLMS Databases are Up to Date, KLMS running, LDAP connected.

It also reports the original script's name and version to nagios, so check version control can be used within nagios.

-------------
SETUP:

1.- Change your command definition in the nrpe.cfg

nagios@pmimta:/usr/local/nagios/etc$ sudo cp -p nrpe.cfg nrpe.cfg.20180808 <-- always make a backup first!
nagios@pmimta:/usr/local/nagios/etc$ sudo vi nrpe.cfg <-- edit your nrpe.cfg
Add:
command[check_klms]=/usr/local/nagios/libexec/check_klms.sh status

2.- Edit sudoers file:

sudo visudo

3.- Add permissions for the klms-control binary to nagios:

Defaults:nagios !requiretty
nagios ALL=NOPASSWD: /opt/kaspersky/klms/bin/klms-control

4.- Restart the nrpe daemon:

nagios@pmimta:/usr/local/nagios/etc$ ps -ef |grep nrpe
nagios 1476 1 0 Aug05 ? 00:00:02 /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
nagios@pmimta:/usr/local/nagios/etc$ sudo kill -9 1476
nagios@pmimta:/usr/local/nagios/etc$ sudo /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
nagios@pmimta:/usr/local/nagios/etc$ ps -ef |grep nrpe
nagios 31928 1 0 12:11 ? 00:00:00 /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d

or, if nrpe is under xinetd: service xinetd restart

5.- Verify nrpe log:

nagios@pmimta:/usr/local/nagios/etc$ journalctl --since=today | grep nrpe
Aug 08 12:11:41 pmimta sudo[31926]: sistemas : TTY=pts/0 ; PWD=/usr/local/nagios/etc ; USER=nagios ; COMMAND=/usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d
Aug 08 12:11:41 pmimta nrpe[31928]: Starting up daemon
Aug 08 12:11:41 pmimta nrpe[31928]: Server listening on 0.0.0.0 port 5666.
Aug 08 12:11:41 pmimta nrpe[31928]: Server listening on :: port 5666.
Aug 08 12:11:41 pmimta nrpe[31928]: Warning: Daemon is configured to accept command arguments from clients!
Aug 08 12:11:41 pmimta nrpe[31928]: Listening for connections on port 0
Aug 08 12:11:41 pmimta nrpe[31928]: Allowing connections from: 127.0.0.1, nagiosxiserver

-------------
USE:
check_klms.sh [ status ]

-------------
Reports:

All OK:
OK - KLMS Running.
OK - KLMS AV-DB up to date.
OK - KLMS SPAM-DB up to date.
OK - KLMS Anti-Phishing-DB up to date.
OK - KLMS LDAP Connection is OK.
check_klms.sh v1.04

WARNINGS:
OK - KLMS Running.
WARNING - KLMS AV-DB Outdated.
WARNING - KLMS SPAM-DB Outdated.
WARNING - KLMS Anti-Phishing-DB Outdated.
OK - KLMS LDAP Connection is OK.
check_klms.sh v1.04

CRITICALS:
CRITICAL - KLMS NOT Running.
CRITICAL - KLMS AV-DB Obsolete.
CRITICAL - KLMS SPAM-DB Obsolete.
CRITICAL - KLMS Anti-Phishing-DB Obsolete.
CRITICAL - KLMS LDAP Connection Failed.
check_klms.sh v1.04

-------------
Examples:

In a machine with KLMS OK:

nagios@pmimta05:/usr/local/nagios/libexec# ./check_klms.sh status
OK - KLMS Running.
OK - KLMS AV-DB up to date.
OK - KLMS SPAM-DB up to date.
OK - KLMS Anti-Phishing-DB up to date.
OK - KLMS LDAP Connection is OK.
check_klms.sh v1.04

In a machine with the Anti-SPAM DB not actualized:

nagios@pmimta05:~# /usr/local/nagios/libexec/check_klms.sh status
OK - KLMS Running.
OK - KLMS AV-DB up to date.
WARNING - KLMS SPAM-DB Outdated.
OK - KLMS Anti-Phishing-DB up to date.
OK - KLMS LDAP Connection is OK.
check_klms.sh v1.04

In a machine without KLMS installed (or not in the PATH by default):

[nagios@nagiosxiserver libexec]# check_klms.sh status
CRITICAL - KLMS NOT Running.
ERROR - KLMS binaries not found in this machine (review PATH).
check_klms.sh v1.04

-------------

NAGIOS Plugin Version Control:

After the Nagios Status reported, the script shows the script's name and version, very useful to track nagios services versions and scripts invoked by a service/command.