#!/bin/sh # AUTHOR -| # Matt Wells - phanoko@gmail.com # NAME -| # check_VciscoSNMP # SYNOPSIS -| # nagios check for cisco # DESCRIPTION -| # Since Cisco lacks continuity when setting up their OID strings I wrote this check. # This check is written only for SNMP v3 but could be modified easily. # We didn't want to add hundreds of checks for every possible OID as it would simply clutter our Nagios XI setup. # This would cause multiple issues going forward with maintaining the server. # # For this reason I outsourced some of the check data to flat files; as they are easier to maintain and give us # the benefit of an “out of sight, out of mind” setup. # # The check expects a directory called mibcisco, one directory level below the libexec directory. # Within this directory it reads in control files. These files are your IP address or hostname, depending on how # you setup your devices in Nagios. # # With in the file it expects to find two environment variables called # AUTHP = Auth password # PRIVP = Priv password # COMMUNITY = Community/username # # These are the first three lines of the file. It's important that the line count is correct as it's a control # in the service checks themselves. # # Starting on line 5 the configurations start and use pipes as a separator. # DESCRIPTION|OID|EXPECTED-VALUE # See below for a complete example of the file # -------------------------- # AUTHP='123abc' # PRIVP='abc123' # COMMUNITY='public' # ############## # #|GigabitEthernet3/5: Trunk to switch.example.com:fa0/24|IF-MIB::ifOperStatus.2|up(1) # ------------------------- # When entering your description, MIB and code please remember to use a #| to start the line. If not Nagios will attempt # execute the line while reading it in. # Once you've put in your control files add the check into Nagios. The script expects to have $ARG1$. # This first argument is the line number of the check you want to perform. # So in the example file above our service would be created and called something generic like # “Cisco SNMP Check 1” and have $ARG1$ = 1 # # This would pull the 5th line of the file above and check that OID against it's expected value. # The description will always be returned in the results. # If you were checking 4 switches with 7 service checks like below. # “Cisco SNMP Check 1” and have $ARG1$ = 1 # “Cisco SNMP Check 2” and have $ARG1$ = 2 # “Cisco SNMP Check 3” and have $ARG1$ = 3 # “Cisco SNMP Check 4” and have $ARG1$ = 4 # “Cisco SNMP Check 5” and have $ARG1$ = 5 # “Cisco SNMP Check 6” and have $ARG1$ = 6 # “Cisco SNMP Check 7” and have $ARG1$ = 7 # Later if you added another switch with 10 checks you would simply extend these checks associating them as # needed with devices. # Keeping it generic like this creates a cleaner configuration within Nagios and in our deployment an easier way # to manage systems. # REVISIONS -| # 1.0 # 1.1 - Left out argument to capture line number and had to make a change to the flat file system. # - While reading it in some lines were giving an error and Nagios was dropping out. # 1.2 - gggrrr.. Couldn't leave this alone. I made the count add 4 so Check 1 would have an $ARG1$ = 1 PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin STATE_OK=0 STATE_CRITICAL=2 # MIBMAPS="/usr/local/nagios/mibscisco/" NDIR="/usr/local/nagios/libexec/" DEVICE="${MIBMAPS}$2" COUNT=$(($3+4)) . ${DEVICE} DESCRIPTION="`awk -F\| 'NR=='${COUNT}'{print $2}' ${DEVICE}`" MIBB="`awk -F\| 'NR=='${COUNT}'{print $3}' ${DEVICE}`" CODE="`awk -F\| 'NR=='${COUNT}'{print $4}' ${DEVICE}`" #SNMP Check itself, This could of course be modified for SNMPv2. SNMPCHECK=`${NDIR}check_snmp -H $2 -o ${MIBB} -C ${COMMUNITY} -P 3 --seclevel=authPriv --secname=nagios --authproto=SHA --authpasswd=${AUTHP} --privpasswd=${PRIVP}| awk '{print $4}'` # Return Code Logic if [ "${CODE}" == "${SNMPCHECK}" ]; then echo "${DESCRIPTION}" exit ${STATE_OK} else echo "${DESCRIPTION}" exit ${STATE_CRITICAL} fi