Snmpv3 walker check


#1

Hi guys,

I modified check_snmp2.pl from Hermann Treu to use SNMPv3.

This script only uses SNMPv3, it could be modified to support 1,2c and 3 but that’s more work than I’m up for right now.

This script is meant to snmpwalk the process list picking out a daemon to count instances of, say http. I would be interested in any suggestions or clean ups since I pretty much just hacked it.

L8rs,
-K

#!/usr/bin/perl -w
#
##############################################################################
# check_snmp3.pl
##############################################################################
#
# (c) 2001 Hermann Treu <ht@rosenthal.hanse.de>, GPLed
# (c) 2007 Koaps <koaps@yahoo.com>, GPLed
#
# check_snmp2.pl and all its components are free software. You can 
# redistribute it and/or modify it under the terms of the GNU 
# General Public License as published by the Free Software 
# Foundation; either version 2 of the License, or any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.

use POSIX;
use strict;
use File::Basename;
use Getopt::Long;
use vars qw(
            $opt_A
            $opt_a
            $opt_H
            $opt_h
            $opt_L
            $opt_l
            $opt_o
            $opt_snmpwalk
            $opt_U
            $opt_usage
            $opt_v
           );

sub print_usage ();
sub print_help ();

my $progname = basename($0);

my %ERRORS = ('UNKNOWN'  => '-1',
              'OK'       => '0',
              'WARNING'  => '1',
              'CRITICAL' => '2');

Getopt::Long::Configure('bundling');
GetOptions
  (
   "A=s" => \$opt_A, "authpassword=s" => \$opt_A,
   "a=s" => \$opt_a, "authproto=s" => \$opt_a,
   "H=s" => \$opt_H, "host=s"      => \$opt_H,
   "h"   => \$opt_h, "help"        => \$opt_h,
   "L=s" => \$opt_L, "seclevel=s"      => \$opt_L,
   "l=s" => \$opt_l, "label=s"      => \$opt_l,
   "o=s" => \$opt_o, "oid=s"  => \$opt_o,
   "snmpwalk=s" => \$opt_snmpwalk,
   "U=s" => \$opt_U, "secname=s"     => \$opt_U,
   "usage" => \$opt_usage,
   "v=s" => \$opt_v, "value=s"     => \$opt_v,
  ) || die "Try `$progname --help' for more information.\n";

sub print_usage() {
  print "Check SNMPv3 only using snmpwalk\n";
  print "Usage: $progname -H HOST -L [noAuthNoPriv|authNoPriv|authPriv] -a [MD5|SHA] -A PASSWORD -U USERNAME -o OID -l Label -v VALUE\n";
  print "       $progname --help\n";
}

sub print_help() {
  print "$progname - Walk for a specific SNMPv3 value\n";
  print "Options are:\n";
  print "  -A, --authpassword NAME      Authentication password\n";
  print "  -a, --authproto NAME         Auth proto\n";
  print "  -H, --host NAME              Host or ip address\n";
  print "  -h, --help                   Display this help and exit\n";
  print "  -L, --seclevel               Security level\n";
  print "  -l, --label                  Label for output\n";
  print "  -o, --oid                    Object identifier\n";
  print "      --snmpwalk COMMAND       Location of the 'snmpwalk' command\n";
  print "  -U, --secname                Security username\n";
  print "      --usage                  Display a short usage instruction\n";
  print "  -v, --value NAME             Value to check for\n";
  print "Requirements:\n";
  print "  This plugin uses the 'snmpwalk' command included with the NET-SNMP\n";
  print "  package.\n";
}

if ($opt_h) {
  print_help();
  exit $ERRORS{'UNKNOWN'};
}

if ($opt_usage) {
  print_usage();
  exit $ERRORS{'UNKNOWN'};
}

##### DO THE WORK ############################################################

my $snmpwalk = "/usr/bin/snmpwalk";
my @line = ();

if ($opt_A && $opt_a && $opt_H && $opt_L && $opt_o && $opt_U && $opt_v) {

  if ($opt_snmpwalk) {
    $snmpwalk = $opt_snmpwalk;
  }

  if (! $opt_o) {
    print "OID not given.\n";
    exit $ERRORS{'UNKNOWN'};
  }

  open(SNMPWALK,"$snmpwalk -v3 -u$opt_U -l$opt_L -a$opt_a -A$opt_A $opt_H $opt_o |") || die "Command not found.\n";
  while (<SNMPWALK>) {
    @line = <SNMPWALK>;
    @line = grep /$opt_v/, @line;
    my $count = scalar(@line);
    if ($line-1]) {
      print "$opt_v is found $count times. \n";
      exit $ERRORS{'OK'};
    } else {
      print "$opt_v is not found.\n";
      exit $ERRORS{'CRITICAL'};
    }
  }

} else {
  print_usage();
  exit $ERRORS{'UNKNOWN'};
}

##############################################################################