Kaspersky

Check Kaspersky Security for Linux Mail Server (KLMS)

Write a Review

Description:

Bash shell Script for Nagios & NagiosXI, checks if the KLMS application is running OK, has a connection to the LDAP server and has it’s Databases up to date.

It’s written as simple as posible to maintain compatibilty between different Linux OS.

Verified compatible with the following OS:
Ubuntu v16.04.1-5 LTS
CentOS v6.10 (Final)
BusyBox v1.22.1

Released under GPLv3. Author: Carlos Ijalba – 2018.

Current Version

1.04

Last Release Date

2018-08-10

Compatible With

  • Nagios 3.x
  • Nagios 4.x
  • Nagios XI

Owner

Carlos Ijalba

Website

https://ijalba.wordpress.com

License

GPL

Copy Page Link Recommend Login to Add to Favorites
Project Files
FileDescription
check_klms.sh

check_klms.sh bash shell script. Sudo permissions should be setup for the klms-control binary, by default installed in /opt/kaspersky/klms/bin/klms-control (if you have installed it in another PATH, only a variable on the script should be changed == KLMS_BIN ).

Project Photos
Project Notes
Bash shell Script for Nagios & NagiosXI, reports on the general KLMS health: OK: All KLMS Databases are Up to Date, KLMS running, LDAP connected. WARNING: Database Outdated: [ AntiVirus | AntiSPAM | AntiPhishing ]. CRITICAL: Database Obsolete: [ AntiVirus | AntiSPAM | AntiPhishing ], KLMS not running, LDAP not connected. Error: KLMS couldn't be contacted, or not installed (check your PATH or install KLMS software). If invoked without parameters, presents a usage screen. This script is designed to consume as little CPU time as possible and to be used in different OS types. Verified compatible with the following OS: Ubuntu v16.04.1-5 LTS CentOS v6.10 (Final) BusyBox v1.22.1 Released under GPLv3, feel free to use and modify, please give credits and references when appropriate. Author: Carlos Ijalba - 2018. Alerts given to Nagios: Output: 3 - Error: KLMS couldn't be contacted, or not installed. 2 - CRITICAL: Database Obsolete: [ AntiVirus | AntiSPAM | AntiPhishing ]. 1 - WARNING: Database Outdated: [ AntiVirus | AntiSPAM | AntiPhishing ], KLMS not running, LDAP not connected. 0 - OK: All KLMS Databases are Up to Date, KLMS running, LDAP connected. It also reports the original script's name and version to nagios, so check version control can be used within nagios. ------------- SETUP: 1.- Change your command definition in the nrpe.cfg nagios@pmimta:/usr/local/nagios/etc$ sudo cp -p nrpe.cfg nrpe.cfg.20180808 <-- always make a backup first! nagios@pmimta:/usr/local/nagios/etc$ sudo vi nrpe.cfg <-- edit your nrpe.cfg Add: command[check_klms]=/usr/local/nagios/libexec/check_klms.sh status 2.- Edit sudoers file: sudo visudo 3.- Add permissions for the klms-control binary to nagios: Defaults:nagios !requiretty nagios ALL=NOPASSWD: /opt/kaspersky/klms/bin/klms-control 4.- Restart the nrpe daemon: nagios@pmimta:/usr/local/nagios/etc$ ps -ef |grep nrpe nagios 1476 1 0 Aug05 ? 00:00:02 /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d nagios@pmimta:/usr/local/nagios/etc$ sudo kill -9 1476 nagios@pmimta:/usr/local/nagios/etc$ sudo /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d nagios@pmimta:/usr/local/nagios/etc$ ps -ef |grep nrpe nagios 31928 1 0 12:11 ? 00:00:00 /usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d or, if nrpe is under xinetd: service xinetd restart 5.- Verify nrpe log: nagios@pmimta:/usr/local/nagios/etc$ journalctl --since=today | grep nrpe Aug 08 12:11:41 pmimta sudo[31926]: sistemas : TTY=pts/0 ; PWD=/usr/local/nagios/etc ; USER=nagios ; COMMAND=/usr/sbin/nrpe -c /etc/nagios/nrpe.cfg -d Aug 08 12:11:41 pmimta nrpe[31928]: Starting up daemon Aug 08 12:11:41 pmimta nrpe[31928]: Server listening on 0.0.0.0 port 5666. Aug 08 12:11:41 pmimta nrpe[31928]: Server listening on :: port 5666. Aug 08 12:11:41 pmimta nrpe[31928]: Warning: Daemon is configured to accept command arguments from clients! Aug 08 12:11:41 pmimta nrpe[31928]: Listening for connections on port 0 Aug 08 12:11:41 pmimta nrpe[31928]: Allowing connections from: 127.0.0.1, nagiosxiserver ------------- USE: check_klms.sh [ status ] ------------- Reports: All OK: OK - KLMS Running. OK - KLMS AV-DB up to date. OK - KLMS SPAM-DB up to date. OK - KLMS Anti-Phishing-DB up to date. OK - KLMS LDAP Connection is OK. check_klms.sh v1.04 WARNINGS: OK - KLMS Running. WARNING - KLMS AV-DB Outdated. WARNING - KLMS SPAM-DB Outdated. WARNING - KLMS Anti-Phishing-DB Outdated. OK - KLMS LDAP Connection is OK. check_klms.sh v1.04 CRITICALS: CRITICAL - KLMS NOT Running. CRITICAL - KLMS AV-DB Obsolete. CRITICAL - KLMS SPAM-DB Obsolete. CRITICAL - KLMS Anti-Phishing-DB Obsolete. CRITICAL - KLMS LDAP Connection Failed. check_klms.sh v1.04 ------------- Examples: In a machine with KLMS OK: nagios@pmimta05:/usr/local/nagios/libexec# ./check_klms.sh status OK - KLMS Running. OK - KLMS AV-DB up to date. OK - KLMS SPAM-DB up to date. OK - KLMS Anti-Phishing-DB up to date. OK - KLMS LDAP Connection is OK. check_klms.sh v1.04 In a machine with the Anti-SPAM DB not actualized: nagios@pmimta05:~# /usr/local/nagios/libexec/check_klms.sh status OK - KLMS Running. OK - KLMS AV-DB up to date. WARNING - KLMS SPAM-DB Outdated. OK - KLMS Anti-Phishing-DB up to date. OK - KLMS LDAP Connection is OK. check_klms.sh v1.04 In a machine without KLMS installed (or not in the PATH by default): [nagios@nagiosxiserver libexec]# check_klms.sh status CRITICAL - KLMS NOT Running. ERROR - KLMS binaries not found in this machine (review PATH). check_klms.sh v1.04 ------------- NAGIOS Plugin Version Control: After the Nagios Status reported, the script shows the script's name and version, very useful to track nagios services versions and scripts invoked by a service/command.
Reviews (0) Add a Review
Add a Review

You must be logged in to submit a review.

Thank you for your review!

Your review has been submitted and is pending approval.

Recommend

To:


From:


Thank you for your recommendation!

Your recommendation has been sent.

Page Sections
Project Overview Project Files Project Photos Project Notes Reviews
Project Stats
Rating
0 (0)
Favorites
0
Views
6,391