mdm-service/monitoring-zabbix
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

mdmcertcheck v1.0 - docker + template

Browse Source
This commit is contained in:
Mike D'Morto 2021-02-15 18:38:08 +07:00
parent 4d82676b63
commit ebbcf6b944
3 changed files with 469 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
mdmcertcheck/README.md
View File

@ -1,2 +1,33 @@
mdmcertcheck.sh - main shell script for check cert status
certlist.cfg - configuration file for cert list
zabbix_3.x_template.xml - zabbix 3.x template
mdmsslcertcheck.docker - docker file
build and run docker file
docker run --name certchecker --restart always -v /your/path/to/zabbix:/etc/zabbix/--privileged -d image:1.0
and place zabbix config with scripts directory and configs
and place sh in script
and certlist.cfg and wtire path into script
remember about zabbix config, enable it!!!
####### USER-DEFINED MONITORED PARAMETERS #######
### Option: UnsafeUserParameters
# Allow all characters to be passed in arguments to user-defined parameters.
# The following characters are not allowed:
# \ ' " ` * ? [ ] { } ~ $ ! & ; ( ) < > | # @
# Additionally, newline characters are not allowed.
# 0 - do not allow
# 1 - allow
#
# Mandatory: no
# Range: 0-1
# Default:
# UnsafeUserParameters=0
UnsafeUserParameters=1
have a lot fun!

24
mdmcertcheck/mdmsslcertcheck.docker Normal file
View File

@ -0,0 +1,24 @@
# Используем centos7 в качестве основы
FROM centos:7
# Сообщаем ОС, что она в докере
ENV container docker
# Включаем systemd
RUN (cd /lib/systemd/system/sysinit.target.wants/; for i in *; do [ $i == \
systemd-tmpfiles-setup.service ] || rm -f $i; done); \
rm -f /lib/systemd/system/multi-user.target.wants/*;\
rm -f /etc/systemd/system/*.wants/*;\
rm -f /lib/systemd/system/local-fs.target.wants/*; \
rm -f /lib/systemd/system/sockets.target.wants/*udev*; \
rm -f /lib/systemd/system/sockets.target.wants/*initctl*; \
rm -f /lib/systemd/system/basic.target.wants/*;\
rm -f /lib/systemd/system/anaconda.target.wants/*;
# Сообщаем, что этот раздел будет монтироваться при включении контейнера
VOLUME [ "/sys/fs/cgroup" ]
# Обновляемся и устанавливаем нужные пакеты для сборки\старта
RUN yum update -y --nogpgcheck
# install soft
RUN yum install -y --nogpgcheck epel-release
RUN yum install -y --nogpgcheck vim git cmake3 openssh-clients boost-devel gcc make gcc-c++ wget fish
RUN yum install -y zabbix30-agent
CMD ["/usr/sbin/init"]

414
mdmcertcheck/zabbix_3.x_template.xml Normal file
View File

@ -0,0 +1,414 @@
<?xml version="1.0" encoding="UTF-8"?>
<zabbix_export>
<version>3.4</version>
<date>2021-02-15T11:33:22Z</date>
<groups>
<group>
<name>TEMPLATES</name>
</group>
<group>
<name>test</name>
</group>
</groups>
<templates>
<template>
<template>mdmcertchek-active-test</template>
<name>mdmcertchek-active-test</name>
<description>this is the test</description>
<groups>
<group>
<name>TEMPLATES</name>
</group>
<group>
<name>test</name>
</group>
</groups>
<applications>
<application>
<name>mdmcertcheck</name>
</application>
<application>
<name>mdmcertcheck-cert</name>
</application>
</applications>
<items>
<item>
<name>script.version</name>
<type>7</type>
<snmp_community/>
<snmp_oid/>
<key>mdmcertcheck[script.version]</key>
<delay>30s</delay>
<history>90d</history>
<trends>0</trends>
<status>0</status>
<value_type>4</value_type>
<allowed_hosts/>
<units/>
<snmpv3_contextname/>
<snmpv3_securityname/>
<snmpv3_securitylevel>0</snmpv3_securitylevel>
<snmpv3_authprotocol>0</snmpv3_authprotocol>
<snmpv3_authpassphrase/>
<snmpv3_privprotocol>0</snmpv3_privprotocol>
<snmpv3_privpassphrase/>
<params/>
<ipmi_sensor/>
<authtype>0</authtype>
<username/>
<password/>
<publickey/>
<privatekey/>
<port/>
<description/>
<inventory_link>0</inventory_link>
<applications>
<application>
<name>mdmcertcheck</name>
</application>
</applications>
<valuemap/>
<logtimefmt/>
<preprocessing/>
<jmx_endpoint/>
<master_item/>
</item>
</items>
<discovery_rules>
<discovery_rule>
<name>mdmcertcheck discovery</name>
<type>7</type>
<snmp_community/>
<snmp_oid/>
<key>mdmcertcheck[discovery]</key>
<delay>30s</delay>
<status>0</status>
<allowed_hosts/>
<snmpv3_contextname/>
<snmpv3_securityname/>
<snmpv3_securitylevel>0</snmpv3_securitylevel>
<snmpv3_authprotocol>0</snmpv3_authprotocol>
<snmpv3_authpassphrase/>
<snmpv3_privprotocol>0</snmpv3_privprotocol>
<snmpv3_privpassphrase/>
<params/>
<ipmi_sensor/>
<authtype>0</authtype>
<username/>
<password/>
<publickey/>
<privatekey/>
<port/>
<filter>
<evaltype>0</evaltype>
<formula/>
<conditions/>
</filter>
<lifetime>1d</lifetime>
<description/>
<item_prototypes>
<item_prototype>
<name>Cert $2 certholder</name>
<type>7</type>
<snmp_community/>
<snmp_oid/>
<key>mdmcertcheck[certholder,{#CERT}]</key>
<delay>30s</delay>
<history>90d</history>
<trends>0</trends>
<status>0</status>
<value_type>4</value_type>
<allowed_hosts/>
<units/>
<snmpv3_contextname/>
<snmpv3_securityname/>
<snmpv3_securitylevel>0</snmpv3_securitylevel>
<snmpv3_authprotocol>0</snmpv3_authprotocol>
<snmpv3_authpassphrase/>
<snmpv3_privprotocol>0</snmpv3_privprotocol>
<snmpv3_privpassphrase/>
<params/>
<ipmi_sensor/>
<authtype>0</authtype>
<username/>
<password/>
<publickey/>
<privatekey/>
<port/>
<description/>
<inventory_link>0</inventory_link>
<applications>
<application>
<name>mdmcertcheck-cert</name>
</application>
</applications>
<valuemap/>
<logtimefmt/>
<preprocessing/>
<jmx_endpoint/>
<application_prototypes/>
<master_item_prototype/>
</item_prototype>
<item_prototype>
<name>Cert $2 expire</name>
<type>7</type>
<snmp_community/>
<snmp_oid/>
<key>mdmcertcheck[expire,{#CERT}]</key>
<delay>30s</delay>
<history>90d</history>
<trends>365d</trends>
<status>0</status>
<value_type>0</value_type>
<allowed_hosts/>
<units/>
<snmpv3_contextname/>
<snmpv3_securityname/>
<snmpv3_securitylevel>0</snmpv3_securitylevel>
<snmpv3_authprotocol>0</snmpv3_authprotocol>
<snmpv3_authpassphrase/>
<snmpv3_privprotocol>0</snmpv3_privprotocol>
<snmpv3_privpassphrase/>
<params/>
<ipmi_sensor/>
<authtype>0</authtype>
<username/>
<password/>
<publickey/>
<privatekey/>
<port/>
<description/>
<inventory_link>0</inventory_link>
<applications>
<application>
<name>mdmcertcheck-cert</name>
</application>
</applications>
<valuemap/>
<logtimefmt/>
<preprocessing/>
<jmx_endpoint/>
<application_prototypes/>
<master_item_prototype/>
</item_prototype>
<item_prototype>
<name>Cert $2 isexist</name>
<type>7</type>
<snmp_community/>
<snmp_oid/>
<key>mdmcertcheck[isexist,{#CERT}]</key>
<delay>30s</delay>
<history>90d</history>
<trends>365d</trends>
<status>0</status>
<value_type>0</value_type>
<allowed_hosts/>
<units/>
<snmpv3_contextname/>
<snmpv3_securityname/>
<snmpv3_securitylevel>0</snmpv3_securitylevel>
<snmpv3_authprotocol>0</snmpv3_authprotocol>
<snmpv3_authpassphrase/>
<snmpv3_privprotocol>0</snmpv3_privprotocol>
<snmpv3_privpassphrase/>
<params/>
<ipmi_sensor/>
<authtype>0</authtype>
<username/>
<password/>
<publickey/>
<privatekey/>
<port/>
<description/>
<inventory_link>0</inventory_link>
<applications>
<application>
<name>mdmcertcheck-cert</name>
</application>
</applications>
<valuemap/>
<logtimefmt/>
<preprocessing/>
<jmx_endpoint/>
<application_prototypes/>
<master_item_prototype/>
</item_prototype>
<item_prototype>
<name>Cert $2 valid</name>
<type>7</type>
<snmp_community/>
<snmp_oid/>
<key>mdmcertcheck[valid,{#CERT}]</key>
<delay>30s</delay>
<history>90d</history>
<trends>365d</trends>
<status>0</status>
<value_type>0</value_type>
<allowed_hosts/>
<units/>
<snmpv3_contextname/>
<snmpv3_securityname/>
<snmpv3_securitylevel>0</snmpv3_securitylevel>
<snmpv3_authprotocol>0</snmpv3_authprotocol>
<snmpv3_authpassphrase/>
<snmpv3_privprotocol>0</snmpv3_privprotocol>
<snmpv3_privpassphrase/>
<params/>
<ipmi_sensor/>
<authtype>0</authtype>
<username/>
<password/>
<publickey/>
<privatekey/>
<port/>
<description/>
<inventory_link>0</inventory_link>
<applications>
<application>
<name>mdmcertcheck-cert</name>
</application>
</applications>
<valuemap/>
<logtimefmt/>
<preprocessing/>
<jmx_endpoint/>
<application_prototypes/>
<master_item_prototype/>
</item_prototype>
<item_prototype>
<name>Cert $2 valid_status</name>
<type>7</type>
<snmp_community/>
<snmp_oid/>
<key>mdmcertcheck[valid_status,{#CERT}]</key>
<delay>30s</delay>
<history>90d</history>
<trends>0</trends>
<status>0</status>
<value_type>4</value_type>
<allowed_hosts/>
<units/>
<snmpv3_contextname/>
<snmpv3_securityname/>
<snmpv3_securitylevel>0</snmpv3_securitylevel>
<snmpv3_authprotocol>0</snmpv3_authprotocol>
<snmpv3_authpassphrase/>
<snmpv3_privprotocol>0</snmpv3_privprotocol>
<snmpv3_privpassphrase/>
<params/>
<ipmi_sensor/>
<authtype>0</authtype>
<username/>
<password/>
<publickey/>
<privatekey/>
<port/>
<description/>
<inventory_link>0</inventory_link>
<applications>
<application>
<name>mdmcertcheck-cert</name>
</application>
</applications>
<valuemap/>
<logtimefmt/>
<preprocessing/>
<jmx_endpoint/>
<application_prototypes/>
<master_item_prototype/>
</item_prototype>
</item_prototypes>
<trigger_prototypes>
<trigger_prototype>
<expression>{mdmcertchek-active-test:mdmcertcheck[expire,{#CERT}].last()}&lt;1</expression>
<recovery_mode>0</recovery_mode>
<recovery_expression/>
<name>Cert {#CERT} expire 1 days</name>
<correlation_mode>0</correlation_mode>
<correlation_tag/>
<url/>
<status>0</status>
<priority>5</priority>
<description/>
<type>0</type>
<manual_close>0</manual_close>
<dependencies/>
<tags/>
</trigger_prototype>
<trigger_prototype>
<expression>{mdmcertchek-active-test:mdmcertcheck[expire,{#CERT}].last()}&lt;3</expression>
<recovery_mode>0</recovery_mode>
<recovery_expression/>
<name>Cert {#CERT} expire 3 days</name>
<correlation_mode>0</correlation_mode>
<correlation_tag/>
<url/>
<status>0</status>
<priority>4</priority>
<description/>
<type>0</type>
<manual_close>0</manual_close>
<dependencies/>
<tags/>
</trigger_prototype>
<trigger_prototype>
<expression>{mdmcertchek-active-test:mdmcertcheck[expire,{#CERT}].last()}&lt;5</expression>
<recovery_mode>0</recovery_mode>
<recovery_expression/>
<name>Cert {#CERT} expire 5 days</name>
<correlation_mode>0</correlation_mode>
<correlation_tag/>
<url/>
<status>0</status>
<priority>3</priority>
<description/>
<type>0</type>
<manual_close>0</manual_close>
<dependencies/>
<tags/>
</trigger_prototype>
<trigger_prototype>
<expression>{mdmcertchek-active-test:mdmcertcheck[valid,{#CERT}].last()}=0</expression>
<recovery_mode>0</recovery_mode>
<recovery_expression/>
<name>Cert {#CERT} is not valid</name>
<correlation_mode>0</correlation_mode>
<correlation_tag/>
<url/>
<status>0</status>
<priority>5</priority>
<description/>
<type>0</type>
<manual_close>0</manual_close>
<dependencies/>
<tags/>
</trigger_prototype>
<trigger_prototype>
<expression>{mdmcertchek-active-test:mdmcertcheck[isexist,{#CERT}].last()}&lt;&gt;1</expression>
<recovery_mode>0</recovery_mode>
<recovery_expression/>
<name>cert {#CERT} not found</name>
<correlation_mode>0</correlation_mode>
<correlation_tag/>
<url/>
<status>0</status>
<priority>4</priority>
<description/>
<type>0</type>
<manual_close>0</manual_close>
<dependencies/>
<tags/>
</trigger_prototype>
</trigger_prototypes>
<graph_prototypes/>
<host_prototypes/>
<jmx_endpoint/>
</discovery_rule>
</discovery_rules>
<httptests/>
<macros/>
<templates/>
<screens/>
</template>
</templates>
</zabbix_export>