2007-08-30 11:46:00
This script was written at the time I was hired by T-Systems.
This script is an evolution of my earlier check_ntp_config. This time it's meant for use with Tivoli, although modifying it for use with Nagios is trivial. The script was written to be usable on at least five different Unices, though i've been having trouble with Darwin/OS X.
The script was tested on Red Hat Linux, Tru64, HP-UX, AIX and Solaris. Only Darwin seems to have problems.
Just like my other recent Nagios scripts, check_ntpconfig.sh comes with a debugging option. Set $DEBUG at the top of the file to anything larger than zero and the script will dump information at various stages of its execution.
#!/usr/bin/ksh
#
# NTP configuration check script for Tivoli.
# Written by Thomas Sluyter (nagiosATkilalaDOTnl)
# By request of T-Systems, CSS-CCTMO, the Netherlands
# Last Modified: 13-09-2007
#
# Usage: ./check_ntp_config
#
# Description:
# Well, there's not much to tell. We have no way of making sure that our
# NTP clients are all configured in the right way, so I thought I'd make
# a Nagios check for it. ^_^ After that came this derivative Tivoli script.
# You can change the NTP config at the top of this script, to match your
# own situation.
#
# Limitations:
# This script should work fine on Solaris, HP-UX, AIX, Tru64 and some
# flavors of Linux. So far Darwin-compatibility has eluded me.
#
# Output:
# If the NTP client config does not match what has been defined at the
# top of this script, the script will echo $STATE_NOK. In this case, the
# STATE variables contain a zero and a one, so you'll need to use a
# "Numeric Script" monitor definition in Tivoli. Anything above zero is bad.
#
# Other notes:
# If you ever run into problems with the script, set the DEBUG variable
# to 1. I'll need the output the script generates to do troubleshooting.
# See below for details.
# I realise that all the debugging commands strewn throughout the script
# may make things a little harder to read. But in the end I'm sure it was
# well worth adding them. It makes troubleshooting so much easier. :3
#
### SETTING THINGS UP ###
PATH="/usr/bin:/usr/sbin:/bin:/sbin"
PROGNAME="./check_ntp_config"
STATE_NOK="1"
STATE_OK="0"
. /opt/Tivoli/lcf/dat/dm_env.sh >/dev/null 2>&1
### DEFINING THE NTP CLIENT CONFIGURATION AS IT SHOULD BE ###
NTPSERVERS="192.168.22.7 192.168.25.7 192.168.16.7"
### DEBUGGING SETUP ###
# Cause you never know when you'll need to squash a bug or two
DEBUG="1"
if [[ $DEBUG -gt 0 ]]
then
DEBUGFILE="/tmp/thomas-debug.txt"
if [[ -f $DEBUGFILE ]]
then
rm $DEBUGFILE >/dev/null 2>&1
[[ $? -gt 0 ]] && echo "Removing old debug file failed."
touch $DEBUGFILE
fi
fi
### REQUISITE COMMAND LINE STUFF ###
print_usage() {
echo ""
echo "Usage: $PROGNAME"
}
print_help() {
echo ""
echo "NTP client configuration monitor plugin for Tivoli."
echo ""
echo "This plugin not developped by IBM."
echo "Please do not e-mail them for support on this plugin, since"
echo "they won't know what you're talking about :P"
echo ""
echo "For contact info, read the plugin itself..."
echo ""
print_usage
echo ""
}
while test -n "$1"
do
case "$1" in
*) print_help; exit $STATE_OK;;
esac
done
### DEFINING SUBROUTINES ###
function SetupEnv
{
case $(uname) in
Linux) CFGFILE="/etc/ntp.conf";
IPCMD="host"
IPMOD="tail -1"
NAMEMOD="tail -1"
IPFIELD="4"
NAMEFIELD="5"
GREP="egrep -e" ;;
SunOS) CFGFILE="/etc/inet/ntp.conf"
IPCMD="getent hosts"
IPMOD=""
NAMEMOD=""
IPFIELD="1"
NAMEFIELD="2"
GREP="egrep -e" ;;
Darwin) CFGFILE="/etc/ntp.conf"
IPCMD="host"
IPMOD=""
NAMEMOD=""
IPFIELD="4"
NAMEFIELD="1"
GREP="egrep -e" ;;
AIX) CFGFILE="/etc/ntp.conf"
IPCMD="host"
IPMOD=""
NAMEMOD=""
IPFIELD="3"
NAMEFIELD="1"
GREP="egrep -e" ;;
HP-UX) CFGFILE="/etc/ntp.conf"
IPCMD="nslookup"
IPMOD="grep ^\"Address\""
NAMEMOD="grep ^\"Name\""
IPFIELD="2"
NAMEFIELD="2"
GREP="egrep -e" ;;
OSF1) CFGFILE="/etc/ntp.conf"
IPCMD="nslookup"
IPMOD="grep ^\"Address\" | tail -1"
NAMEMOD="grep ^\"Name\" |tail -1"
IPFIELD="2"
NAMEFIELD="2"
GREP="egrep -e" ;;
*) echo "Sorry. OS not supported."; exit 1 ;;
esac
FAULT=0
if [[ $DEBUG -gt 0 ]]
then
echo "=== SETUP ===" >> $DEBUGFILE
echo "OS name is $(uname)" >> $DEBUGFILE
echo "CFGFILE is $CFGFILE" >> $DEBUGFILE
echo "IPCMD is $IPCMD" >> $DEBUGFILE
echo "IPMOD is $IPMOD" >> $DEBUGFILE
echo "NAMEMOD is $NAMEMOD" >> $DEBUGFILE
echo "IPFIELD is $IPFIELD" >> $DEBUGFILE
echo "NAMEFIELD is $NAMEFIELD" >> $DEBUGFILE
echo "" >> $DEBUGFILE
echo "NTPSERVERS is $NTPSERVERS" >> $DEBUGFILE
echo "" >> $DEBUGFILE
fi
}
function ListInConf
{
if [[ -z $NTPSERVERS ]]
then
echo "You haven't configured this monitor yet. Set \$NTPSERVERS."; exit 0
[[ $DEBUG -gt 0 ]] && echo "NTPSERVERS variable not set." >> $DEBUGFILE
else
for HOST in $(echo $NTPSERVERS)
do
SKIPIP=0
SKIPNAME=0
if [[ $DEBUG -gt 0 ]]
then
echo "=== LISTINCONF ===" >> $DEBUGFILE
echo "HOST is $HOST" >> $DEBUGFILE
echo "" >> $DEBUGFILE
fi
if [[ -z $(echo $HOST | $GREP [a-z,A-Z]) ]]
then
IPADDRESS="$HOST"
TEST=$($IPCMD $HOST 2>/dev/null)
if [[ ( $? -eq 0 ) && ( -z $(echo $TEST | $GREP NXDOMAIN) ) ]]
then
[[ $DEBUG -gt 0 ]] && echo "TEST is $TEST" >> $DEBUGFILE
HOSTNAME=$($IPCMD $HOST 2>/dev/null | $NAMEMOD | cut -f$NAMEFIELD -d" " | cut -f1 -d.)
else
[[ $DEBUG -gt 0 ]] && echo "TEST is $TEST" >> $DEBUGFILE
HOSTNAME=""
fi
if [[ $HOSTNAME -eq "" ]]
then
QUERY="$IPADDRESS"
[[ $DEBUG -gt 0 ]] && echo "Skipping hostname verification" >> $DEBUGFILE
else
QUERY="$HOSTNAME $IPADDRESS"
[[ $DEBUG -gt 0 ]] && echo "Checking both IP and name." >> $DEBUGFILE
fi
else
HOSTNAME="$HOST"
TEST=$($IPCMD $HOST 2>/dev/null)
if [[ ( $? -eq 0 ) && ( -z $(echo $TEST | $GREP NXDOMAIN) ) ]]
then
[[ $DEBUG -gt 0 ]] && echo "TEST is $TEST" >> $DEBUGFILE
IPADDRESS=$($IPCMD $HOST 2>/dev/null | $IPMOD | cut -f$IPFIELD -d" ")
else
[[ $DEBUG -gt 0 ]] && echo "TEST is $TEST" >> $DEBUGFILE
IPADDRESS=""
fi
if [[ $IPADDRESS -eq "" ]]
then
QUERY="$HOSTNAME"
[[ $DEBUG -gt 0 ]] && echo "Skipping IP address verification" >> $DEBUGFILE
else
QUERY="$HOSTNAME $IPADDRESS"
[[ $DEBUG -gt 0 ]] && echo "Checking both IP and name." >> $DEBUGFILE
fi
fi
if [[ $DEBUG -gt 0 ]]
then
echo "IPADDRESS is $IPADDRESS" >> $DEBUGFILE
echo "HOSTNAME is $HOSTNAME" >> $DEBUGFILE
echo "" >> $DEBUGFILE
fi
for NAME in `echo $QUERY`
do
[[ -z $($GREP $NAME $CFGFILE | $GREP "server") ]] && let FAULT=$FAULT+1
done
done
fi
}
function ConfInList
{
NUMSERVERS=$($GREP ^"server" $CFGFILE | wc -l)
if [[ $DEBUG -gt 0 ]]
then
echo "=== CONFINLIST ===" >> $DEBUGFILE
echo "Number of \"server\" lines in $CFGFILE is $NUMSERVERS" >> $DEBUGFILE
echo "" >> $DEBUGFILE
fi
if [[ $($GREP ^"server" $CFGFILE | wc -l) -gt 0 ]]
then
for HOST in $(cat $CFGFILE | $GREP ^"server" | awk '{print $2}')
do
if [[ $DEBUG -gt 0 ]]
then
echo "HOST is $HOST" >> $DEBUGFILE
echo "" >> $DEBUGFILE
fi
if [[ -z $(echo $HOST | $GREP [a-z,A-Z]) ]]
then
IPADDRESS="$HOST"
TEST=$($IPCMD $HOST 2>/dev/null)
if [[ ( $? -eq 0 ) && ( -z $(echo $TEST | $GREP NXDOMAIN) ) ]]
then
[[ $DEBUG -gt 0 ]] && echo "TEST is $TEST" >> $DEBUGFILE
HOSTNAME=$($IPCMD $HOST 2>/dev/null | $NAMEMOD | cut -f$NAMEFIELD -d" " | cut -f1 -d.)
else
[[ $DEBUG -gt 0 ]] && echo "TEST is $TEST" >> $DEBUGFILE
HOSTNAME=""
fi
if [[ $HOSTNAME -eq "" ]]
then
QUERY="$IPADDRESS"
echo "Skipping hostname verification" >> $DEBUGFILE
else
QUERY="$HOSTNAME $IPADDRESS"
[[ $DEBUG -gt 0 ]] && echo "Checking both IP and name." >> $DEBUGFILE
fi
else
HOSTNAME="$HOST"
TEST=$($IPCMD $HOST 2>/dev/null)
if [[ ( $? -eq 0 ) && ( -z $(echo $TEST | $GREP NXDOMAIN) ) ]]
then
[[ $DEBUG -gt 0 ]] && echo "TEST is $TEST" >> $DEBUGFILE
HOSTNAME=$($IPCMD $HOST 2>/dev/null | $IPMOD | cut -f$IPFIELD -d" ")
else
[[ $DEBUG -gt 0 ]] && echo "TEST is $TEST" >> $DEBUGFILE
IPADDRESS=""
fi
if [[ $IPADDRESS -eq "" ]]
then
QUERY="$HOSTNAME"
echo "Skipping IP address verification" >> $DEBUGFILE
else
QUERY="$HOSTNAME $IPADDRESS"
[[ $DEBUG -gt 0 ]] && echo "Checking both IP and name." >> $DEBUGFILE
fi
fi
if [[ $DEBUG -gt 0 ]]
then
echo "IPADDRESS is $IPADDRESS" >> $DEBUGFILE
echo "HOSTNAME is $HOSTNAME" >> $DEBUGFILE
echo "" >> $DEBUGFILE
fi
for NAME in `echo $QUERY`
do
[[ -z $(echo $NTPSERVERS | $GREP $NAME) ]] && let FAULT=$FAULT+1
done
done
fi
}
### FINALLY, THE MAIN ROUTINE ###
SetupEnv
if [[ $DEBUG -gt 0 ]]
then
echo "=== STARTING MAIN PHASE ===" >> $DEBUGFILE
echo "" >> $DEBUGFILE
echo "=== NTP CONFIG FILE ===" >> $DEBUGFILE
cat $CFGFILE | grep -v ^"\#" >> $DEBUGFILE
echo "" >> $DEBUGFILE
echo "" >> $DEBUGFILE
fi
ListInConf
ConfInList
# Nothing caused us to exit early, so we're okay.
if [[ $FAULT -gt 0 ]]
then
echo "$STATE_NOK"
exit $STATE_NOK
else
echo "$STATE_OK"
exit $STATE_OK
fi
kilala.nl tags: unix, sysadmin, programming,
View or add comments (curr. 0)
All content, with exception of "borrowed" blogpost images, or unless otherwise indicated, is copyright of Tess Sluijter. The character Kilala the cat-demon is copyright of Rumiko Takahashi and used here without permission.