Search Exchange
Search All Sites
Nagios Live Webinars
Let our experts show you how Nagios can help your organization.Login
Directory Tree
check_fsecure [F-Secure fsav check]
Meet The New Nagios Core Services Platform
Built on over 25 years of monitoring experience, the Nagios Core Services Platform provides insightful monitoring dashboards, time-saving monitoring wizards, and unmatched ease of use. Use it for free indefinitely.
Monitoring Made Magically Better
- Nagios Core on Overdrive
- Powerful Monitoring Dashboards
- Time-Saving Configuration Wizards
- Open Source Powered Monitoring On Steroids
- And So Much More!
check_fsecure compares the database version of F-Secure fsav with the current date.
We use it on our mailserver via check_by_ssh to make sure fsav (called by amavisd-new) is up-to-date.
Help with "check_fsecure -h"
We use it on our mailserver via check_by_ssh to make sure fsav (called by amavisd-new) is up-to-date.
Help with "check_fsecure -h"
Reviews (1)
byelysium, November 1, 2018
The plugin needs some modification for FSIGK F-Secure Internet Gatekeeper (thats not the same as FSLS, F-Secure Server Linux Security), but then its still useable, thanks for that.
With FSIGK 5.50 you have to change:
1. Link the following binaries to make ./fsav executable within FSIGK:
/usr/lib/libfsavd.so.7 -> /opt/f-secure/fsigk/fssp/lib/libfsavd.so.7
/usr/lib/libsubstatus.so -> /opt/f-secure/fsigk/fssp/lib/libsubstatus.so
/usr/lib/libkeycheck.so -> /opt/f-secure/fsigk/fssp/lib/libkeycheck.so
/usr/lib/libfsclm.so.2 -> /opt/f-secure/fsigk/fssp/lib/libfsclm.so.2
/usr/lib/libmgmtfile.2.0.0.so -> /opt/f-secure/fsigk/fssp/lib/libmgmtfile.2.0.0.so
2. Change line #101 to a hardcoded path conf path (or ad another prefix, FSAV in FSIGK works just different to FSLS):
chomp(my $fsav_version = `$fsav --config=file:/opt/f-secure/fsigk/fssp/etc/fssp.conf --version`);
Now it depends on your FSIGK installation, usually user "nagios" is not able to run "$fsav --config=file:/opt/f-secure/fsigk/fssp/etc/fssp.conf --version" without sudo/root.
2. Add sudo for the FSAV binary like this in check_fsecure:
my $fsav = "/usr/bin/sudo /opt/f-secure/fsigk/fssp/bin/fsav";
3. Comment-out the following lines in check_fsecure:
#if (!-x $fsav) {
# die("ERROR: Unable to execute $fsav");
#}
4. Add a sudo rule /etc/sudoers on monitored machine:
nagios ALL=(root) NOPASSWD: /opt/f-secure/fsigk/fssp/bin/fsav
Thats it.
With FSIGK 5.50 you have to change:
1. Link the following binaries to make ./fsav executable within FSIGK:
/usr/lib/libfsavd.so.7 -> /opt/f-secure/fsigk/fssp/lib/libfsavd.so.7
/usr/lib/libsubstatus.so -> /opt/f-secure/fsigk/fssp/lib/libsubstatus.so
/usr/lib/libkeycheck.so -> /opt/f-secure/fsigk/fssp/lib/libkeycheck.so
/usr/lib/libfsclm.so.2 -> /opt/f-secure/fsigk/fssp/lib/libfsclm.so.2
/usr/lib/libmgmtfile.2.0.0.so -> /opt/f-secure/fsigk/fssp/lib/libmgmtfile.2.0.0.so
2. Change line #101 to a hardcoded path conf path (or ad another prefix, FSAV in FSIGK works just different to FSLS):
chomp(my $fsav_version = `$fsav --config=file:/opt/f-secure/fsigk/fssp/etc/fssp.conf --version`);
Now it depends on your FSIGK installation, usually user "nagios" is not able to run "$fsav --config=file:/opt/f-secure/fsigk/fssp/etc/fssp.conf --version" without sudo/root.
2. Add sudo for the FSAV binary like this in check_fsecure:
my $fsav = "/usr/bin/sudo /opt/f-secure/fsigk/fssp/bin/fsav";
3. Comment-out the following lines in check_fsecure:
#if (!-x $fsav) {
# die("ERROR: Unable to execute $fsav");
#}
4. Add a sudo rule /etc/sudoers on monitored machine:
nagios ALL=(root) NOPASSWD: /opt/f-secure/fsigk/fssp/bin/fsav
Thats it.