Computer and IT knowledge - things to know
number of matches found: 56
ping 192.168.2.1 | perl -nle 'print scalar(localtime), " ", $_
with file redirect:
ping 192.168.2.1 | perl -nle 'BEGIN {$|++} print scalar(localtime), " ", $_' >/tmp/log makeNagiosLogReadable.pl
#!/usr/bin/perl
$param1=$ARGV[0];
$file='/var/log/nagios/nagios.log';
if ($param1 ne ''){
$file = $param1;
}
open(IN,"$file") or die "kann Nagios Log Datei $file nicht lesen.";
while(<IN>){
$line = $_;
chomp($line);
if ($line =~ /^\[(\d*)\](.*)$/){
($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = localtime($1);
my $datum = sprintf "%02d.%02d.%04d %02d:%02d:$sec" , $mday , $mon+=1 ,$year+=1900 , $hour , $min, $sec ;
print "\[$datum\]$2\n";
}else{
print "$line\n";
}
}
close(IN);
use Fcntl ':flock';
open SELF, '<', $0 or die 'I am already running...';
flock SELF, LOCK_EX | LOCK_NB or exit; Here are the steps that I did to build the rpm:
1. installed Red Hat 5.7 / 64 bit server on our VMWARE test (IP 192.168.172.23 / name rhel5-mw-64)
2. installed the follwing rpm out of the 5.7 image:
rpm-build-4.4.2.3-22.el5
elfutils-0.137-3.el5
elfutils-libs-0.137-3.el5
gcc-4.1.2-51.el5
3. download the tool "checkinstall" .. this is a creat tool to build rpm's
- http://asic-linux.com.mx/~izto/checkinstall/download.php
--> saved to /root/checkinstall-1.6.2.tar.gz
--> extract: tar -xvzf /root/checkinstall-1.6.2.tar.gz
--> cd /root/checkinstall-1.6.2
--> make
--> make install
--> command "checkinstall" is now available
4. download the perl module -> source files from http://search.cpan.org/~mshoyher/TacacsPlus-0.16/TacacsPlus.pm
--> saved to /root/TacacsPlus-0.16.tar.gz
--> extract: tar -xvzf /root/TacacsPlus-0.16.tar.gz
--> cd /root/TacacsPlus-0.16
--> generate the make file: perl Makefile.PL
--> use now the command "checkinstall"
check install parameters:
- Should I create a default set of package docs? [y]: n
- Slackware [S], RPM [R] or Debian [D]? R
- description. TacacsPlus Perl Module
--> done:
Done. The new package has been saved to
/usr/src/redhat/RPMS/x86_64/TacacsPlus-0.16-1.x86_64.rpm
You can install it in your system anytime using:
5. problem / warning when running checkinstall: ERROR: ld.so: object ‘/usr/local/lib64/installwatch.so’ from LD_PRELOAD cannot be preloaded: ignored.
Solution: The problem occurs because the loader can’t find the shared object file. The solution is very simple. Assuming that the installwatch.so is located in /usr/local/lib, just type the following commands:
echo "/usr/local/lib64" >/etc/ld.so.conf.d/installwatch.conf
ldconfig
ln -s /usr/local/lib/installwatch.so /usr/local/lib64/installwatch.so
search in google
perl site:experts-exchange.com
perl exeption hanlding: t
Trap exceptions using eval{ ... }; if($@) { ... }
perl hacks:
print out module version:
perl -MLWP -le'print $LWP::VERSION'
find out which modules are missing:
perl -MLWP::Protocol::https -le'print
> LWP::Protocol::https::Socket->can("new")' want to replace a string with another string in several text files. I tried the following command which I read from a Linux book, but it doesn't work. Can anyone give me some help?
perl -pi -e "s/search/replace/g;" *.txt
perl -pi -e "s/\/usr\/local\/mrtg\/web\//\/usr\/local\/mrtg\/web\/10.0.6.162\//g;" *.cfg
perl -pi -e "s/\/usr\/local\/mrtg\/web\//\/usr\/local\/mrtg\/web\/10.149.158.52\//g;" *.cfg Den TK Perl Debugger findet man bei: http://world.std.com/~aep/ptkdb/ .
Für diesen ist jedoch noch das Perl-TK Modul notwendig (http://www.cpan.org oder http://www.rpmfind.net).
Aufrufen tut man den Debugger so: perl -d:ptkdb rrd_test.pl.
Perl
If you are behind a firewall, you may need to set the following
environment variables so that PPM will operate properly:
set HTTP_proxy=address:port [e.g. 192.0.0.1:8080]
set HTTP_proxy_user=username
set HTTP_proxy_pass=password
set HTTP_proxy_agent=agent [e.g. "Mozilla/5.0"]
Installing Modules:
set HTTP_proxy=http://proxy:80/ #windows
export http_proxy=http://proxy:80/ #unix
-> search tk
-> install "module name"
-> perl -MCPAN -eshell
LINUX
runsocks MCPAN -eshell
-> o conf // see config
-> o conf ftpproxy proxy // modify ftp proxy
-> o conf commit // save config
-> o conf urllist push http://cpan.noris.de/ - man perldebug
- perl -d -e 42
commands in debug mode:
h #help
b [line] [condition] #set breakpoint
b [subname] [condition] #breakpoint to sub name
L #List breakpoints and actions Perl timestamp
open(INFILE,$filename);
($dev,$ino,$mode,undef,undef,undef,undef,undef,
$atime,$mtime,$ctime )= stat INFILE ;
$mdate = &ctime($mtime);
$adate = &ctime($atime);
$cdate = &ctime($ctime);
print "${filename}:mtime:$mtime:$mdate";
print "${filename}:atime:$atime:$adate";
print "${filename}:ctime:$ctime:$cdate";
comp.dcom.net-analysis
comp.dcom.net-management
comp.dcom.lans.ethernet
comp.dcom.fax
comp.dcom.servers
comp.dcom.sys.cisco
comp.dcom.vpn
comp.doc.management
comp.groupware.lotus-notes.programmer
comp.groupware.lotus-notes.admin
comp.groupware.lotus-notes.misc
comp.groupware.lotus-notes.apps
comp.os.linux.networking
comp.protocols.snmp
comp.unix.aix
comp.unix.shell
comp.lang.perl.tk
MRTG Latency script
> I'm looking for scripts to measure latency in my IP network. Can someone
> help ?
Well, since you didn't specify an operating system, I'll assume
that you're following in my footsteps and doing battle with NT4
as a server. Note that the following requires that you use the
ping.exe supplied with Windoze 95/98 instead of the useless ping
supplies with NT4. See the MRTG stuff somewhere on:
http://www.lns.com
which is from where I stole the script. I also have a somewhat
different version for Linux (RH 7.1) but which I can't get to
as I managed to break SSH and can't grab it.
------------
# MRTGPING.PL
# Plagerized by Jeff Liebermann from original by Tim Pozar.
# 09/14/00 First hack for NT4.
$ipaddr = "NULL";
$ipaddr = $ARGV[0];
$numpings = 3;
if ($ipaddr eq "NULL"){
print "Usage mrtgping.pl [ipaddress]\n";
exit;
}
# Note that "ping95.exe" is the Windoze 95/98 version
# and not the useless ping supplied with NT4.
#
# Windoze ping will return...
# Minimum = 494ms, Maximum = 574ms, Average = 520ms
$result = `ping95 -n $numpings $ipaddr | find /i "average" `;
# Break result apart at the commas.
chop($result);
($Mins,$Maxs,$Avgs) = split(/,/,$result);
# Break each value apart at the = sign.
($Mint,$min) = split(/=/,$Mins);
($Maxt,$max) = split(/=/,$Maxs);
($Avgt,$avg) = split(/=/,$Avgs);
# Remove the "ms" at the end.
$min1 = substr($min,0,-2);
$max1 = substr($max,0,-2);
$avg1 = substr($avg,0,-2);
$min1 =~ s/ //g;
$max1 =~ s/ //g;
$avg1 =~ s/ //g;
# Belch results in 4 lines.
print "$avg1\n";
print "$max1\n";
print "0\n";
print "$ipaddr\n";
------------
If Perl is a bit of a heavy hammer, the following is what
I use on my SCO Unix OSR5 3.2v5.0.5 machines. The use of
the first ping return is intentional as I'm trying to plot
the latency of the Starband satellite flying cache, which
caches everything exept the first packet.
#!/bin/sh
# by Jeff Liebermann 04/15/98
#
# Record ping times.
#
# Results of:
# ping -c 1 -s 1024 bloat
#
# PING bloat (192.168.111.30): 1024 data bytes
# 1032 bytes from bloat (192.168.111.30): icmp_seq=0 ttl=128 time=10 ms
#
# --- bloat ping statistics ---
# 1 packets transmitted, 1 packets received, 0% packet loss
# round-trip min/avg/max = 10/10/10 ms
# Really disgusting way to get rid of extra leading spaces
# by feeding it to a shell variable. Ugly at best.
#
# usage: whatever machine_name_or_ip
# i.e. whatever bloat.comix.santa-cruz.ca.us
#
retch=`ping -c 1 -s 1025 $1 | grep "time"` # extract line with ping time.
set $retch # break apart into fields using IFS seperators
ping=`echo $8 | cut -c 6-` # extract ping time.
echo $ping # ping time=xxx
echo $ping # ping time=xxx
echo "0" # Filler
echo "0" # Filler
# CPAN & AIX
enter CPAN shell: perl -MCPAN -eshell
use -> wget to grep data
grep ftp data, from website:
wget -r ftp://user:password@hostname
o conf init #-> regenerate CPAN init
http_proxy=http://proxy:80
-> urlist:
http://cpan.noris.de
http://perl.org
reload index #reload index if url has changed ...
cpan> i /TK/ #searches after TK
install modulename
install module in spezial directory:
perl Makefile.PL PREFIX=/home/user/test/lib_v5.8 (lib_v5.8 is directory name - specifiy full directory name)
make
make install
Perl - Activestate
ppm #CPAN pakete installieren
search mail
install Mail-Sender charts using: http://www.caida.org/tools/utilities/graphing/
-> Graph.pm
$i =~ s/^\s+//; #remove leading whitespaces
$i =~ s/\s+$//; #remove ending whitespaces
use Storable qw(store retrieve );
print "write data to disk:";
store(\%typeHash, $file)or die "can't store hash\n";
print "\n\n open datastructure";
$href = retrieve($file);
#!/usr/bin/perl
###############################################################################
#
# check-hugo-daily-export.pl
#
###############################################################################
use strict;
print "starting\n";
my $mailto='hugo1@gmail.com,hugo2@gmail.com';
my $default_fage=60*25; #fileage in minutes
my %files2check=(); # filename | fileage in minutes
$files2check{'/var/customers/webs/xyz/export/google_rss_feed_daily.xml'}= $default_fage;
$files2check{'/var/customers/webs/xyz/export/google_rss_feed_daily.error'}= $default_fage;
$files2check{'/var/customers/webs/xyzz/shop/export/google_rss_feed_daily.xml'}= $default_fage;
$files2check{'/var/customers/webs/xyzz/shop/export/google_rss_feed_daily.error'}= $default_fage;
$files2check{'/var/customers/webs/xyzz/shop/export/preisroboter.txt'}= $default_fage;
my $date =`date`;
chomp($date);
my $now = time(); # get current time
my $failed=0;
my $failedstr='';
print "---------------------------------------------------------\n";
print "date: $date - starting\n";
foreach my $fname( keys %files2check) {
print "checking file: $fname\n";
my @stats = stat($fname);
my $fage = int (($now-$stats[9]) / 60 ); #get fage minutes
#print "fage=$fage\n";
if ( $fage > $files2check{$fname} ){
$failedstr.="file $fname is too old ($fage min)\n";
$failed++;
}else{
print "file $fname was generated recently ($fage min) - everything is ok\n";
}
}
if ($failed > 0){
print "$failedstr\n";
system("echo \"$failedstr\" \| mailx -s \"Server Alarm - daily export not updated!\" $mailto ");
print "email was send to $mailto!!\n";
}else{
print "everything is fine\n";
}
if you have the $ dollar sign in a string and want to process it further in some cases you need to escape the dollar sign:
$pwd =~ s/\$/\\\$/g;
Bash script:
cat squidLogReadable.sh
#!/bin/bash
tail -f /var/log/squid/access.log | perl -p -e 's/^([0-9]*)/"[".localtime($1)."]"/e'
-----
if you want to get the logs in color, ccze could be interesting:
ccze - A robust, modular log coloriser
on debian:
apt-get install ccze
tail -f /var/log/squid/access.loc | ccze -CA
perl - get year-month-day string
my($day, $month, $year)=(localtime)[3,4,5];
my $ymd = sprintf "%.4d-%.2d-%.2d", $year+1900, $month+1, $day;
output example: 2017-01-24
origin:
http://hawk.cis.vutbr.cz/~tpoder/GN3/HPCookBook/upload-hp
copy:
#!/usr/bin/perl
use Expect;
use IO::Tty;
$MORE = "-- MORE --, next page: Space, next line: Enter, quit: Control-C";
$EOF = "-- End of configuration file --";
# $DEBUG = 1;
($hostname,$username,$password) = @ARGV;
if ( ! length ($hostname) ) {
printf ("usage: upload-hp hostname [login [passwd]]\n");
exit;
}
$username = length ($username) ? $usernane : "admin";
$password = length ($password) ? $password : "admin";
$| = 0;
$ENV{'TERM'} = "xterm";
#&show_config (); exit;
open (config, "-|") || &show_config ();
#open (config, "smaz.mne");
# Konfigurace prepinace:
$begin = $end = 0;
$name = "unknown";
$image = "unknown";
while (<config>) {
# print if $DEBUG;
s/[\n\r]//g;
$begin = 1 if /^Startup configuration:/;
last if $begin;
}
$_ = <config>;
while (<config>) {
s/[\r\n]//g;
s/\33\[[0-9]+\;[0-9]+[a-zA-Z]//g;
s/\33\[[0-9][A-Z]//g;
# s/\33\[\?[0-9]+[a-zA-Z]//g;
s/\33E//g;
printf ("LINE: \"%s\"\n", $_) if $DEBUG;
s/$MORE//;
$end = 1 if /^Press any key when done.../;
$end = 1 if /$EOF/;
printf ("BYLO END %d!!!\n", $end) if $DEBUG;
last if $end;
if ( length == 0 ) {
$n++;
$end = 1 if $n > 1;
last if $end;
} else {
$n = 0;
}
if ( length == 80 ) {
$last = $_;
} else {
$oline = $last . $_;
$last = "";
# preskoceni pravedil acces listu 20000 az 30000
if (! ($oline =~ / + (\d+) (deny|permit) ip [\d\.]{7,15} [\d\.]{7,15} [\d\.]{7,15} [\d\.]{7,15}/ && $1 > 20000 && $1 < 50000)) {
printf ("%s\n", $oline);
}
}
}
printf ("; End of configuration file for %s\n", $hostname) if $begin and $end;
while (<config>) {
print if $DEBUG;
}
sub show_config () {
$exp = new Expect;
# $exp->raw_pty(1);
# $exp->log_stdout(10);
$exp->spawn("ssh $username\@$hostname") or die "Cannot spawn $command: $!\n";
$exp->expect(30, [ qr/login:/i, sub { $exp->send ("$username\n"); exp_continue; } ],
[ qr/name:/i, sub { $exp->send ("$username\n"); exp_continue; } ],
[ qr/password:/i, sub { $exp->send ("$password\n"); exp_continue; } ],
[ qr/to continue/i, sub { sleep(1); $exp->send(" "); exp_continue; } ],
[ qr/\> /i, sub { $exp->send("enable\n"); exp_continue; } ],
[ qr/# /i, sub { $ok = 1; } ]);
if ( $ok ) {
# $exp->send ("print \"show config\"\n");
$exp->send ("terminal length 1000\n");
$exp->expect ( 3, [ qr/# /i, sub { $exp->send("show config\n"); } ] );
$exp->expect (20, [ qr/Press any key when done.../i, sub { sleep(1); $exp->send(" "); exp_continue; } ],
[ qr/$MORE/i, sub { sleep(1); $exp->send(" "); exp_continue; } ],
[ qr/# /i, sub { printf ("%s\n", $EOF); $exp->send("\n logout\n"); } ] );
$exp->expect ( 5, [ qr/log out \[y\/n\]\?/i, sub { $exp->send ("y"); exp_continue; } ],
[ qr/configuration \[y\/n\/\^C\]?/i, sub { $exp->send ("n"); exp_continue; } ],
[ qr/connection closed/i, sub { $ok = 2; } ]);
}
$exp->soft_close();
exit;
}
on windows, use dhcploc.exe
>> https://gallery.technet.microsoft.com/DHCPLOC-Utility-34262d82
-----------------------------
on linux, you can use:
1.)
perl script https://sourceforge.net/projects/roguedetect/files/roguedetect/0.3/
(march 2017 >> problems getting it running on centos 7 >> error (tap) Can't get interface IP address at /usr/lib64/perl5/Net/RawIP.pm line 223.
2.) nmap script
https://nmap.org/nsedoc/scripts/broadcast-dhcp-discover.html
#!/usr/bin/perl
###################################################################
#
# turnLightsOnbeforeSunset.pl
#
# uses module: install Astro::Sunrise
#
# get Latitude and Longitude from
# http://www.latlong.net/
# 72555, de:
# - latitude: 48.534733
# - longitude: 9.295337
#
# run as cron:
# 1,31 16,17,18,19,20,21,22,23,0 * * * /root/bin/turnLightsOnbeforeSunset.pl >>/var/log/turnLightsOnbeforeSunset.log 2>&1
#
#
###################################################################
use Astro::Sunrise;
use strict;
my $minbefore = 35;
my $cmd_on = '/root/bin/steckdose1on.sh';
my $cmd_off = '/root/bin/steckdose1off.sh';
my $date = `date`;
chomp($date);
my $sunset = sun_set(9.295337,48.534733); #long, lat
$sunset =~ s/://g;
my @curtime = localtime();
my $curtime = join '', @curtime[2,1];
my $curhour = $curtime[2];
print "$date sunset=$sunset, curtime=$curtime, curhour=$curhour\n";
if (( $curtime + $minbefore) > $sunset){
print "$date turn on the light\n";
system($cmd_on);
}
if ($curhour < 1){
print "$date turn off the light\n";
system($cmd_off);
}
#####################################################
#
# checkDomainAdmins.pl
#
# check_mk local check that uses net use command to validate number of users found in group
#
# needs perl .. recommendation is: http://strawberryperl.com/
#
# tested on a windows 2012 server
#
# (c) by m.wendig v2017-08
#
#####################################################
use Data::Dumper;
use strict;
my %group2check;
$group2check{'Domänen-Admins'}=28;
#$group2check{'other-group'}=20;
#print Dumper(%group2check);
foreach my $group ( keys %group2check ){
my $startline=0;
my $usercount=0;
my $userline='';
my $numberOfUsers=$group2check{$group};
#print "checking group: $group\n";
#choose the right character set because of german special character
open(IN,"chcp 1252 & net group /dom $group 2>nul |");
while(<IN>){
chomp($_);
my $line =$_;
$line =~ s/^\s*//;
$line =~ s/\s*$//;
next if $line eq "";
next if $line =~ /^Der Befehl wurde erfolgreich/;
next if $line =~ /^The command completed successfully/;
if ($startline){
#print "$line\n";
my @larr = split /\s\s*/,$line;
#print Dumper(@larr);
foreach my $elem (@larr){
$usercount++;
$userline.="$elem,";
}
}
$startline = 1 if $line =~ /^-------------------------------------------------/;
}
close(IN);
$group =~ s/ä/ae/g;
if ($numberOfUsers == $usercount){
print "0 group_$group member=$usercount number of found users: $usercount, names $userline\n";
}else{
print "2 group_$group member=$usercount number of found users: $usercount, error number should be $numberOfUsers!! $userline\n";
}
}
1: yum install cpan
2: cpan install Net::SSH::Perl
see also: https://stackoverflow.com/questions/7011160/whats-does-the-perl-error-cant-locate-net-ssh-perl-pm-mean #!/usr/bin/perl
my $wg = '192.168.1.1';
my $community = 'public';
my $date = `date`;
chomp($date);
my $OID_sysUpTime = '1.3.6.1.2.1.1.3.0';
my $OID_sysName = '1.3.6.1.2.1.1.5.0';
open(IN,"snmpget -v 2c -c $community $wg $OID_sysUpTime |");
while(<IN>){ if ($_ =~ /= (.*)$/){ print "$date $1\n"; } }
close(IN);
open(IN,"snmpget -v 2c -c $community $wg $OID_sysName |");
while(<IN>){ if ($_ =~ /= (.*)$/){ print "$date $1\n"; } }
close(IN);
#!/usr/bin/perl
###############################################################################
#
# cleanUpPostfixQueue.pl
#
# (c) s4c 2018-08
#
###############################################################################
$now=` date "+%H:%M:%S"`;
chomp($now);
$now_s = getSeconds($now);
#print "now: $now, $now_s\n";
open(IN, "/usr/sbin/sendmail -bp |");
$counter=0;
$deleted=0;
while(<IN>){
$line=$_;
chomp($line);
#print "$line\n";
#match line:
#3A3E16DC39CD 5474 Fri Aug 24 09:34:34 MAILER-DAEMON
$format = '%a %b %d %H:%M:%S %Y';
if ($line=~/^([\d|\w]*)\s*(\d*).*(\d\d:\d\d:\d\d)\s*MAILER-DAEMON$/ ){
$counter++;
$id=$1;
$size=$2;
$date=$3;
$date_s = getSeconds($date);
$diff = $now_s - $date_s;
print "id=$id, size=$size, date=$date. diff=$diff.";
if ($diff > 3600){
print "deleting id $id.";
system("/usr/sbin/postsuper -d $id >dev/null");
$deleted++;
};
print "\n";
}
}
close(IN);
print "total: $counter, deleted: $deleted\n";
sub getSeconds($){
$ret=-1;
if ($_[0]=~/(\d\d):(\d\d):(\d\d)$/){
$ret = $3 + ($2*60) + ($1 * 60 * 60);
}
return $ret;
}
#!/usr/bin/perl
######################################################################
# getMacAddress.pl
#
# see also:
# - https://www.cisco.com/c/en/us/support/docs/ip/simple-network-management-protocol-snmp/44800-mactoport44800.html
#
# version 2021-04-07
#
# example:
# getMacAddress.pl -ip=10.20.49.250 -type=hpe -community=mypub
# result:
# switch;10.20.49.250;vlan;VLAN27;mac;7c:5a:1c:11:3d:d8;ip;192.168.1.10
# switch;10.20.49.250;vlan;VLAN27;mac;7c:5a:1c:11:2f:3c;ip;192.168.1.11
# switch;10.20.49.250;vlan;VLAN27;mac;7c:5a:1c:11:3f:e0;ip;192.168.1.12
# switch;10.20.49.250;vlan;VLAN27;mac;7c:5a:1c:11:44:b8;ip;192.168.1.13
# switch;10.20.49.250;vlan;VLAN30;mac;94:40:c9:4a:31:1c;ip;192.168.1.14
# switch;10.20.49.250;vlan;VLAN30;mac;52:54:00:4e:cd:c4;ip;192.168.1.15
#
#
# (c) m.wendig
#
######################################################################
use Data::Dumper;
use strict;
use DBI;
my $num_args = $#ARGV;
if ($#ARGV == -1 ){
usage();
}
#my $ip="172.20.12.50";
my $ip='';
if ($ARGV[0]=~/-ip=(.*)$/){
$ip=$1;
}
print usage() if $ip eq '';
my $updatedb=0;
if (($ARGV[2]=~/-db/) || ($ARGV[3]=~/-db/)){
$updatedb=1;
}
my $type= "";
if ($ARGV[1]=~/-type=(.*)$/){
$type=$1;
}
if (($type eq 'hpe') || ($type eq 'cisco') || ($type eq 'watchguard')){
}else{usage();}
my $community = "public";
if ($ARGV[2]=~/-community=(.*)$/){
$community=$1;
}
my $dbname="mactable";
my $dbuser="root",
my $dbpwd="";
my $dbhost="localhost";
my $debug=0;
my $snmpwalk = '/usr/bin/snmpwalk';
my $line;
my @vlans=();
my $dbh;
if ($updatedb){
$dbh = DBI->connect("DBI:mysql:$dbname;host=$dbhost", "$dbuser", "$dbpwd") || die "Could not connect to database: $DBI::errstr";
}
#######################################
#1 retrieve vlan
#######################################
my $cmd ='';
if ($type eq "cisco"){
$cmd= "$snmpwalk -v 2c -c $community $ip .1.3.6.1.4.1.9.9.46.1.3.1.1.2";
open(IN, "$cmd |");
while(<IN>){
$line=$_;
chomp($line);
print "$line\n" if $debug;
#we expect someting like: SNMPv2-SMI::enterprises.9.9.46.1.3.1.1.2.1.41 = INTEGER: 1
if ($line =~ /(\d*)\s\=/){
my $vlan = $1;
print "vlan=$vlan.\n" if $debug;
#print "$line\n";
push @vlans,$vlan;
}
}
close(IN);
}
if ($type eq "hpe"){
#get all interface type 53 = vlan
$cmd= "$snmpwalk -v 2c -c $community $ip iso.3.6.1.2.1.2.2.1.3";
print "$cmd\n" if $debug;
open(IN, "$cmd |");
while(<IN>){
$line=$_;
chomp($line);
print "$line\n" if $debug;
#we expect something like: iso.3.6.1.2.1.2.2.1.3.2249 = INTEGER: 53
if ($line =~ /(\d*)\s\=\sINTEGER: 53/){
my $vlan = $1;
print "vlan=$vlan.\n" if $debug;
$cmd= "$snmpwalk -v 2c -c $community $ip iso.3.6.1.2.1.2.2.1.2.$vlan";
open(IN2, "$cmd |");
my $vlanname='';
while(<IN2>){
my $line2=$_;
chomp($line2);
#we expect something like: iso.3.6.1.2.1.2.2.1.2.2249 = STRING: "VLAN1000"
if ($line2 =~ /STRING:\s\"(.*)\"$/){
$vlanname=$1;
}
print ">>$line2: vlanname=$vlanname\n" if $debug;
}
close(IN2);
#print "$line\n";
push @vlans,[$vlan,$vlanname];
}
}
close(IN);
}
if ($type eq "watchguard"){
#get all interface type 6 = vlan
$cmd= "$snmpwalk -v 2c -c $community $ip iso.3.6.1.2.1.2.2.1.3";
print "$cmd\n" if $debug;
open(IN, "$cmd |");
while(<IN>){
$line=$_;
chomp($line);
print "$line\n" if $debug;
#we expect something like: iso.3.6.1.2.1.2.2.1.3.2249 = INTEGER: 6
if ($line =~ /(\d*)\s\=\sINTEGER: 6/){
my $vlan = $1;
print "vlan=$vlan.\n" if $debug;
$cmd= "$snmpwalk -v 2c -c $community $ip iso.3.6.1.2.1.2.2.1.2.$vlan";
open(IN2, "$cmd |");
my $vlanname='';
while(<IN2>){
my $line2=$_;
chomp($line2);
#we expect something like: iso.3.6.1.2.1.2.2.1.2.2249 = STRING: "VLAN1000"
if ($line2 =~ /STRING:\s\"(.*)\"$/){
$vlanname=$1;
}
print ">>$line2: vlanname=$vlanname\n" if $debug;
}
close(IN2);
#print "$line\n";
push @vlans,[$vlan,$vlanname];
}
}
close(IN);
}
#we should have a datastructure like the following now:
#$VAR46 = [
# '2249',
# 'VLAN1000'
# ];
#$VAR47 = [
# '3249',
# 'VLAN2000'
# ];
#print Dumper(@vlans);
####################################
#2 foreach vlan do something
####################################
if ($type eq "cisco"){
foreach my $vlanelem (@vlans){
my $vlan = @$vlanelem[0];
my $vlanname = @$vlanelem[1];
#print "check vlan $vlan.\n";
next if $vlan > 1000;
my $cmd = "$snmpwalk -v 2c -c $community\@$vlan $ip .1.3.6.1.2.1.17.4.3.1.1";
open(IN, "$cmd |");
while(<IN>){
$line=$_;
chomp($line);
print "$line\n" if $debug;
#we expect someting like: SNMPv2-SMI::mib-2.17.4.3.1.1.254.175.11.155.132.164 = Hex-STRING: FE AF 0B 9B 84 A4
if ($line =~ /\.(\d*\.\d*.\d*\.\d*) = Hex-STRING: (.*)$/){
my $macip = $1;
my $mac = $2;
$mac =~s/\s*$//g;
$mac =~s/\s/:/g;
$mac =lc($mac);
print "switch;$ip;vlan;$vlanname;mac;$mac;ip;$macip\n";
updateDatabase($ip,$vlanname,$mac,$macip)if $updatedb;
}
}
close(IN);
}
}
####################################
if (($type eq "hpe") || ($type eq "watchguard")) {
foreach my $vlanelem (@vlans){
my $vlan = @$vlanelem[0];
my $vlanname = @$vlanelem[1];
#print "check vlan $vlan.\n";
#next if $vlan > 1000;
my $cmd = "$snmpwalk -v 2c -c $community $ip .1.3.6.1.2.1.4.22.1.2.$vlan ";
open(IN, "$cmd |");
while(<IN>){
$line=$_;
chomp($line);
print "$line\n" if $debug;
#we expect someting like: SNMPv2-SMI::mib-2.17.4.3.1.1.254.175.11.155.132.164 = Hex-STRING: FE AF 0B 9B 84 A4
if ($line =~ /\.(\d*\.\d*.\d*\.\d*) = Hex-STRING: (.*)$/){
my $macip = $1;
my $mac = $2;
$mac =~s/\s*$//g;
$mac =~s/\s/:/g;
$mac =lc($mac);
print "switch;$ip;vlan;$vlanname;mac;$mac;ip;$macip\n";
updateDatabase($ip,$vlanname,$mac,$macip)if $updatedb;
}
}
close(IN);
}
}
if ($updatedb){
$dbh->disconnect();
}
########
# updateDatabase(switch,vlan,mac)
########
sub updateDatabase($$$){
my $switch=$_[0];
my $vlan=$_[1];
my $mac=$_[2];
my $ip=$_[3];
print "run db update for vlan $vlan and mac $mac and ip $ip.\n" if $debug;
#my $sth = $dbh->prepare('select id, count from macs where vlan like \''.$vlan.'\' and mac like \''.$mac.'\' and switch like \''.$switch.'\'');
my $sth = $dbh->prepare('select id, count from macs where vlan like \''.$vlan.'\' and mac like \''.$mac.'\' and ip like \''.$ip.'\'');
$sth->execute();
my $result =$sth->fetchrow_hashref();
my $rows = $sth->rows;
#print "Value returned: $result->{id}. rows: $rows.\n";
if ($rows > 0){
#update
my $count = $result->{count} + 1;
my $sqlstr = 'update macs set count='.$count.' where id='.$result->{id}.' ';
print "sqlstr=$sqlstr\n" if $debug;
$dbh->do($sqlstr);
}else{
#insert
$dbh->do('insert into macs (switch,vlan,mac,ip,count,firstseen) values (\''.$switch.'\',\''.$vlan.'\',\''.$mac.'\',\''.$ip.'\',1,now() )');
}
}
sub usage(){
print "usage:\n";
print "\n";
print "getMacAddress -ip=<IP-Address> -type=<hpe|cisco|watchguard> -community=<SNMP-community> <-db>\n";
print "\n";
print " -ip: IP Address of switch to query\n";
print " -type: supported type = hpe or cisco or watchguard\n";
print " -community: SNMP community if unspecified default is public\n";
print " -db: if specified update database\n";
print "\n";
exit(1);
}
#########################################
##### needed database schema
#########################################
=sqlschema
CREATE TABLE IF NOT EXISTS `macs` (
`id` int(10) unsigned NOT NULL AUTO_INCREMENT,
`switch` char(50) NOT NULL,
`vlan` char(50) NOT NULL,
`mac` char(50) NOT NULL,
`ip` char(50) NOT NULL,
`count` int(11) NOT NULL DEFAULT '0',
`firstseen` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
`lastseen` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4;
=END
#!/usr/bin/perl
######################################################################
# changeMacinDB.pl
#
# get mac-addresses from database and change format from
# xx:xx:xx:xx:xx:xx >> to >> xxxxxxxxxxxx
#
# version 2021-05-18
#
# (c) computer2know
######################################################################
use Data::Dumper;
use strict;
use DBI;
my $dbname="mactable";
my $dbuser="root",
my $dbpwd="";
my $dbhost="localhost";
my $dbh;
$dbh = DBI->connect("DBI:mysql:$dbname;host=$dbhost", "$dbuser", "$dbpwd") || die "Could not connect to database: $DBI::errstr";
my $sth = $dbh->prepare('select id, mac from macs');
$sth->execute();
my ($id,$mac)='';
my $i=0;
my $j=0;
while(($id,$mac) = $sth->fetchrow()){
$i++;
print "$id,$mac\n";
if ($mac=~/^(..):(..):(..):(..):(..):(..)$/){
my $newmac = "$1$2$3$4$5$6";
print "new mac: $newmac\n";
my $sqlstr = 'update macs set mac=\''.$newmac.'\' where id='.$id.' ';
#print "sqlstr=$sqlstr\n";
$dbh->do($sqlstr);
$j++;
}
}
print "Summary: Number of all macs = $i. Changed mac-adresses = $j\n"; problem:
--------------------------------------
command: cmk-update-config -v
shows errors
solution
---------------------------------------
in ....../etc/check_mk/conf.d/wato there are invalid characters, find them using:
grep -r "\xa0" *
replace this character through nothing:
>>> perl -pi -e "s/\\\xa0//g;" * : ....../etc/check_mk/conf.d/wato
check again: cmk-update-config -v
remove invalid mkp packages:
- to find them: mkp list
- remove them using mkp rm <package-name>
some other errors in rules.mk:
rules.mk
....../etc/check_mk/conf.d/wato$ grep -r "\\Optimiz" *
ERROR: Invalid regular expression in service condition detected: (Ruleset: ignored_services, Folder: , Rule nr: 3, Condition: Task.*\Optimiz.*, Exception: bad escape \O at position 6)
grep -r "\\Optimiz" *
> replace \\ trough a .* to get it fixed
Note
When possible use modifications that can be removed so the device can be returned for service in the same condition that it was provided as at time of purchase.
Otherwise it is likely the warranty would be void.
If a customer makes a decision that it is acceptable to void the warranty and chooses to paint the device anyway, here are some guidelines when painting RF (Access Point) devices.
Tip
Use a paint that has no conductive properties (i.e. metal colored flakes etc.)
Here are some paints that were tested that displayed good RF characteristics.
Brand Name Product Line Color Spray Can Part Number Gallons Part Number
Rust-Oleum Professional Gray Primer 7582 7769 (Aluminum Primer)
Rust-Oleum Professional Light Machine Gray 7581 7781
Rust-Oleum Professional Dark Machine Gray 7587 7786 (Smoke Gray)
Rust-Oleum Professional Hunter Green 7538 7738
Rust-Oleum Professional Dark Brown 7548 7748
Rust-Oleum Professional Gloss Black 7579 7779
Rust-Oleum brand can be found at https:/?/?www.rustoleum.com/?product-catalog/?consumer-brands/?rocksolid
Figure 5. When painting do not get paint into any of the connectors (tape them properly)
links: https://www.cisco.com/c/en/us/td/docs/wireless/controller/technotes/8-4/b_painting_of_access_points.html
#!/usr/bin/perl
###############################################################################
#
# checkWatchguardVPNTunnel.pl
#
# reads out watchguard snmp ipsec table and check if tunnel to specified subnet exists
#
# OMD[romina]:~/local/bin$ snmpwalk -v 2c -c rompub 10.163.10.1 .1.3.6.1.4.1.3097.6.5.1.2.1.20
# SNMPv2-SMI::enterprises.3097.6.5.1.2.1.20.0 = IpAddress: 192.168.104.0
# SNMPv2-SMI::enterprises.3097.6.5.1.2.1.20.1 = IpAddress: 172.22.0.0
# SNMPv2-SMI::enterprises.3097.6.5.1.2.1.20.2 = IpAddress: 172.22.0.0
# SNMPv2-SMI::enterprises.3097.6.5.1.2.1.20.3 = IpAddress: 172.16.0.0
# SNMPv2-SMI::enterprises.3097.6.5.1.2.1.20.4 = IpAddress: 172.16.0.0
# SNMPv2-SMI::enterprises.3097.6.5.1.2.1.20.5 = IpAddress: 172.16.0.0
# SNMPv2-SMI::enterprises.3097.6.5.1.2.1.20.6 = IpAddress: 172.16.0.0
#
# usage:
# ./checkWatchguardVPNTunnel.pl 10.0.0.1 public 172.99.0.0 vpnname
#
# example:
# ./checkWatchguardVPNTunnel.pl <hostname> <community> <vpn-tunnel-ip> <display-name>
#
# output:
# 0 VPNTunnel-vpnname-172.99.0.0 - Tunnels found for IP 172.99.0.0 = 2.
#
# version 2021-09-23, mw
#
###############################################################################
$watchguard=$ARGV[0];
$community=$ARGV[1];
$searchForIP=$ARGV[2];
$name=$ARGV[3];
$debug=0; #1=on
if (($watchguard eq '') || ($community eq '') || ($searchForIP eq '') || ($name eq '') ){
print "usage: checkWatchguardVPNTunnel.pl <hostname> <community> <vpn-tunnel-ip> <display-name> \n";
print "\n";
exit 1;
}
$found=0;
open(IN,"snmpwalk -v 2c -c $community $watchguard 1.3.6.1.4.1.3097.6.5.1.2.1.20 2>/dev/null |");
while(<IN>){
$line = $_;
chomp($line);
print "$line\n" if $debug;
if ($line =~ /$searchForIP$/){
print "found!!\n" if $debug;
$found++;
}
}
close(IN);
print "<<<check_mk>>>\n";
print "Version:v2021-03-23\n";
print "<<<local>>>\n";
if ($found == 0){
print "1 VPNTunnel-$name-$searchForIP - No tunnels found for IP $searchForIP\n";
exit(0);
#exit(1);
}
print "0 VPNTunnel-$name-$searchForIP - Tunnels found for IP $searchForIP = $found.\n";
exit(0);
#!/usr/bin/perl
###############################################################################
#
# checkWebdavDirectory.pl
# check webdav as checkmk local check
#
# need to be executed in directory: /usr/lib/check_mk_agent/local
#
###############################################################################
use strict;
my $critical=95;
my $warning=90;
#get data using df-k: df -k |grep directory
#https://myurl/webdav1 3 100000 55000 45000 45% /mnt/webdav1directoryname
my $usage=-1;
open(IN,"df -k \|grep webdav1directoryname | ");
while(<IN>){
my $line=$_;
chomp($line);
# print "$line\n";
if ($line =~ /\s(\d*)%\s/){
$usage=$1;
}
}
close(IN);
if ($usage > $critical ){
print "2 webdav-directory1 usage=$usage Critical! The usage is $usage\n";
exit 0;
}
if ($usage > $warning ){
print "1 webdav-directory1 usage=$usage Warning! The usage is $usage\n";
exit 0;
}
print "0 webdav-directory1 usage=$usage Ok. The usage is $usage\n";
go to directory of the cpan bin, for example:
/root/.cpan/build/Net-SSH-Expect-1.09-dIBvM1
Net-SSH-Expect-1.09-dIBvM1]# perl Makefile.PL INSTALL_BASE=/opt/mydir/bin/perl-lib
make
Skip blib/lib/Net/SSH/Expect.pod (unchanged)
Skip blib/lib/Net/SSH/Expect.pm (unchanged)
Manifying 1 pod document
[root@mysystem Net-SSH-Expect-1.09-dIBvM1]# make install
Manifying 1 pod document
Installing /opt/mydir/bin/perl-lib/lib/perl5/Net/SSH/Expect.pod
Installing /opt/mydir/bin/perl-lib/lib/perl5/Net/SSH/Expect.pm
Installing /opt/mydir/bin/perl-lib/man/man3/Net::SSH::Expect.3pm
Appending installation info to /opt/mydir/bin/perl-lib/lib/perl5/x86_64-linux-thread-multi/perllocal.pod
in your perl script you need to add the lib a the beginning:
use lib "/opt/mydir/bin/perl-lib/lib/perl5";
#!/usr/bin/perl
################################################################################
# poeOffOnSwitch.pl
#
# (c) s4c
#
# v2021-10-22
#
# get it running,install necessary perl libs:
# - open CPAN eshell: perl -MCPAN -eshell
# - run command in CPAN shell: install Net::SSH::Expect
#
# Changes
# -2020-10-22: version 1
#
################################################################################
use strict;
use Net::SSH::Expect;
my $timeout_login =3;
my $usage = "usage: poeOffOnSwitch.pl \"<switch-user;switch-pwd;switch-ip;switch-port>\"\n";
my $user='';
my $pwd='';
my $ip='';
my $port='';
if ($ARGV[0] eq ''){
print "$usage\n";
exit(1);
}else{
my $input=$ARGV[0];
#print "$input\n";
$input=~s/^\s*//;
$input=~s/\s*$//;
if ($input=~/^(.*);(.*);(.*);(.*)$/){
$user=$1;
$pwd=$2;
$ip=$3;
$port=$4;
}else{
print "$usage\n";
exit(1);
}
}
my $ts=`date '+%m-%d'`;
chomp($ts);
write2log("turn poe off -on for ip:$ip, port=$port.");
my ($ret,$retmsg)=setPoe($user,$pwd,$ip,$port);
if ($ret == 0){
write2log("Poe off / on for ip:$ip, port=$port success.");
}else{
write2log("Poe off / on for ip:$ip, port=$port failed.");
}
sub setPoe($$$$){
my $user=$_[0];
my $pwd=$_[1];
my $ip=$_[2];
my $port=$_[3];
my $type="procurve";
my $debug=0;
print "getConfig for: $user,$pwd,$ip,$port\n" if $debug;
my $ssh = Net::SSH::Expect->new ( host => $ip,
user => $user,
password=> $pwd,
raw_pty => 1,
no_terminal => 0,
timeout => $timeout_login,
ssh_option => '-o StrictHostKeyChecking=no'
);
my $login_output;
eval { $login_output = $ssh->login(); };
return(1,"Login has failed: $login_output") if($@);
my $out= $ssh->exec(" ");
#use enable mode when we don't see the # in the prompt
if( $out !~ /\>\s*\z|\#\s*/ ){
$ssh->close();
return(2,"Login has failed. No prompt as expected");
}
if ($type =~ /procurve/i){
my $paging= $ssh->exec("terminal length 1000"); #wo don't like prompts when showing the config
if ( $paging =~ /\s?%\s/ ){
$ssh->close();
return( 3, "Unable to set terminal to length 1000");
}
my $cmd=$ssh->exec("configure");
#write2log("cmd=$cmd.");
sleep(1);
$cmd=$ssh->exec("interface $port");
#write2log("cmd=$cmd.");
sleep(1);
write2log("poe off - port $port");
$cmd=$ssh->exec("no power-over-ethernet");
#write2log("cmd=$cmd.");
sleep(5);
write2log("poe on - port $port");
$cmd=$ssh->exec("power-over-ethernet");
#write2log("cmd=$cmd.");
sleep(5);
$ssh->close();
}else{
$ssh->close();
return (6, "unknown switch type");
}
return(0,'success');
}
sub error($){
print "Error: $_[0]\n";
exit;
}
sub write2log($){
my $dt = `date`;
chomp($dt);
print "$dt $_[0]\n";
}
perl ssh automation libs for deployment
3 libs are needed to run lib: use Net::SSH::Expect;
[root@system1 Expect-1.35-5jN4zk]# perl Makefile.PL INSTALL_BASE=/root/deploy
[root@system1 IO-Tty-1.16-76YMxG]# perl Makefile.PL INSTALL_BASE=/root/deploy
[root@system1 Net-SSH-Expect-1.09-dIBvM1]# perl Makefile.PL INSTALL_BASE=/root/deploy/
cd /root/deploy
tar -cvf ../perl_deploy.tar lib/ man/
>> the perl_deploy.tar file contains the necessary libs
>> copy perl_deploy.tar to destination system >> and extract the tar file in a lib directory,
now the new lib directory contains directory man + lib
>> to make use of the deployed libs just add the "use lib" definition to your perl script:
use lib "<path to your lib directory>/lib/perl5";
use strict;
use Net::SSH::Expect;
before the "show running" command is executed the two commands are setup:
my $paging= $ssh->exec("terminal length 1000"); #we don't like prompts when showing the config
my $paging= $ssh->exec("no page"); #we don't like prompts when showing the config
Message when script backups, every 1000 lines or so we see the following characters:
^[[232;1H^[[2K^[[1000;1H^[[1;1000r^[[1000;1H
we need to have a look on the hex values of the charactes, to build a valid perl regular expression
. [ 2 3 2 ; 1 H . [ 2 K . [ 1 0 0 0 ; 1 H . [ 1 ; 1 0 0 0 r . [ 1 0 0 0 ; 1 H
HEX: 1B 5B 32 33 32 3B 31 48 1B 5B 32 4B 1B 5B 31 30 30 30 3B 31 48 1B 5B 31 3B 31 30 30 30 72 1B 5B 31 30 30 30 3B 31 48 20 20 20
------------------------------
regular expression solution:
------------------------------
if ($line=~/^(.*)\x1b\x5b232\x3b1H\x1b\x5b2K\x1b\x5b1000\x3b1H\x1b\x5b1\x3b1000r\x1b\x5b1000\x3b1H(.*)$/){
------------------------------
in the code it looks like this:
------------------------------
#filter out strange line: ^[[232;1H^[[2K^[[1000;1H^[[1;1000r^[[1000;1H
# . [ 2 3 2 ; 1 H . [ 2 K . [ 1 0 0 0 ; 1 H . [ 1 ; 1 0 0 0 r . [ 1 0 0 0 ; 1 H
#in hex it is: 1B 5B 32 33 32 3B 31 48 1B 5B 32 4B 1B 5B 31 30 30 30 3B 31 48 1B 5B 31 3B 31 30 30 30 72 1B 5B 31 30 30 30 3B 31 48 20 20 20
#print "$lc $line\n";
if ($line=~/^(.*)\x1b\x5b232\x3b1H\x1b\x5b2K\x1b\x5b1000\x3b1H\x1b\x5b1\x3b1000r\x1b\x5b1000\x3b1H(.*)$/){
#print "match found in line $lc: $line!\n";print "1=$1\n";print "2=$2\n";exit;
push @config, ($1.$2);
}else{
push @config, $line;
}
checkNetman.pl - script to get usv load and power in watts from a riello usv in checkmk agent format
#!/bin/perl
use strict;
######################################################################################
#
# checkNetman.pl
#
# get data from a netman snmp component, that is for example build in, in a riello usv
#
# base snmpwalk call:
# snmpwalk -v 2c -c public 10.10.10.10 SNMPv2-SMI::mib-2.33
#
######################################################################################
if ($ARGV[0] eq '' ){
print "Usage: checkNetman.pl <hostname or ip-address> <snmp-community> <load-warning> <load-critical>\n";
print " example checkNetman.pl 192.168.2.1 public 80 90\n";
print "\n";
exit(1);
}
my $ip= $ARGV[0];
my $community = $ARGV[1];
my $warning = $ARGV[2];
my $critical= $ARGV[3];
$warning=80 if $warning eq '';
$critical=90 if $critical eq '';
$community='public' if $community eq '';
my $debug=0; #1=on
my %foundHash={};
my $name='';
my $line='';
my $status='';
my $statustxt='';
my $alarm='';
print "<<<check_mk>>>\n";
print "Version: pn-v2022-03-14\n";
print "<<<local>>>\n";
open(IN,"snmpwalk -v 2c -c $community $ip SNMPv2-SMI::mib-2.33.1.6.1.0 2>/dev/null |");
while(<IN>){
$line = $_;
chomp($line);
print "$line\n" if $debug;
#SNMPv2-SMI::mib-2.33.1.6.1.0 = Gauge32: 0
if ($line =~ /33.1.6.1.0 = .*:\s(\d)$/){
print "alarm=$1\n" if $debug;
$alarm=$1;
}
}
close(IN);
open(IN,"snmpwalk -v 2c -c $community $ip SNMPv2-SMI::mib-2.33.1.4.4 2>/dev/null |");
while(<IN>){
$line = $_;
chomp($line);
print "$line\n" if $debug;
#Real Power in Watt
if ($line =~ /33.1.4.4.1.4.1 = INTEGER:\s(\d*)$/){
$foundHash{'pL1'}=$1/1000;
}
if ($line =~ /33.1.4.4.1.4.2 = INTEGER:\s(\d*)$/){
$foundHash{'pL2'}=$1/1000;
}
if ($line =~ /33.1.4.4.1.4.3 = INTEGER:\s(\d*)$/){
$foundHash{'pL3'}=$1/1000;
}
#load
if ($line =~ /33.1.4.4.1.5.1 = INTEGER:\s(\d*)$/){
$foundHash{'loadL1'}=$1;
}
if ($line =~ /33.1.4.4.1.5.2 = INTEGER:\s(\d*)$/){
$foundHash{'loadL2'}=$1;
}
if ($line =~ /33.1.4.4.1.5.3 = INTEGER:\s(\d*)$/){
$foundHash{'loadL3'}=$1;
}
}
close(IN);
if (exists $foundHash{'loadL1'}){
$status=0;
$statustxt=">> Warning/Critical: $warning".'/'.$critical.'. ';
if ($foundHash{'loadL1'} > $critical){$status=2;$statustxt.="L1 has critical value! ";}
if (($foundHash{'loadL1'} > $warning) and ($foundHash{'loadL1'}<= $critical)){$status=1;$statustxt.="L1 has warning value! ";}
if ($foundHash{'loadL2'} > $critical){$status=2;$statustxt.="L2 has critical value! ";}
if (($foundHash{'loadL2'} > $warning) and ($foundHash{'loadL2'}<= $critical)){
$status=1 if $status < 1;
$statustxt.="L2 has warning value! ";}
if ($foundHash{'loadL3'} > $critical){$status=2;$statustxt.="L3 has critical value! ";}
if (($foundHash{'loadL3'} > $warning) and ($foundHash{'loadL3'}<= $critical)){$status=1;$statustxt.="L3 has warning value! ";}
print "$status ups-load L1=$foundHash{'loadL1'}|L2=$foundHash{'loadL2'}|L3=$foundHash{'loadL3'} upsOutputPercentLoad L1=$foundHash{'loadL1'}%, L2=$foundHash{'loadL2'}% ,L3=$foundHash{'loadL3'}%. $statustxt\n";
}else{
print "1 ups-load L1=|L2=|L3= no values found!\n";
}
if (exists $foundHash{'pL1'}){
my $summary=$foundHash{'pL1'} + $foundHash{'pL2'} + $foundHash{'pL3'};
print "0 ups-power Sum=$summary|L1=$foundHash{'pL1'}|L2=$foundHash{'pL2'}|L3=$foundHash{'pL3'} Power L1-L3 and Summary in Kilo-Watts: Summary=".$summary."KW, L1=$foundHash{'pL1'}KW, L2=$foundHash{'pL2'}KW ,L3=$foundHash{'pL3'}KW.\n";
}else{
print "1 ups-power Sum=|L1=|L2=|L3= no values found!\n";
}
if ($alarm==0){
print "0 ups-alarm - No alarm present!\n";
}else{
print "2 ups-alarm - UPS alarm found! Please check your USV!!\n";
}
Monitoring Riello USV with NetMan 204 adapter using snmp
NetMan 204 Network Adapter
> users manual: https://www.riello-ups.com/uploads/file/768/2768/0MNACCSA4ENUL__MAN_ACC_NETMAN_204_EN_.pdf
> mib files can be found, also on riello-ups website: https://www.riello-ups.com/uploads/file/136/1136/MIBs.zip
>> important mib: RFC1628A.MIB
>> short solution:
(1):
use a simple perl script to get data in checkmk format:
https://computer2know.de/checknetman.pl-script-to-get-usv-load-and-power-in-watts-from-a-riello-usv-in-checkmk-agent-format:::656.html
(2):
use a Nagios script
https://exchange.nagios.org/directory/Plugins/Hardware/UPS/SNMP-UPS-Check/details
run it like:
./check_ups_snmp -H 10.115.0.82 -C pnpub -t status
OK: Battery Status Normal.
or
./check_ups_snmp -H 10.115.0.82 -C pnpub -t alarm
OK: 0 alarms present.|'alarms'=0
=====================================================================================================
my detail analysis ....
Doing a snmpwalk on the device:
------------------------------------
snmpwalk -c my-community -v 2c usv-ip-address
SNMPv2-MIB::sysDescr.0 = STRING: NetMan 204
SNMPv2-MIB::sysObjectID.0 = OID: SNMPv2-SMI::enterprises.5491.6
DISMAN-EVENT-MIB::sysUpTimeInstance = Timeticks: (2761455986) 319 days, 14:42:39.86
SNMPv2-MIB::sysContact.0 = STRING: my-organisation
SNMPv2-MIB::sysName.0 = STRING: my-usv-name
SNMPv2-MIB::sysLocation.0 = STRING: my-localtion
SNMPv2-MIB::sysServices.0 = INTEGER: 0
IF-MIB::ifNumber.0 = INTEGER: 1
IF-MIB::ifPhysAddress = STRING: 0:0:0:5:22:99
SNMPv2-SMI::mib-2.33.1.1.1.0 = STRING: "RPS SpA"
SNMPv2-SMI::mib-2.33.1.1.2.0 = STRING: "T2MK20 "
SNMPv2-SMI::mib-2.33.1.1.3.0 = STRING: "SWM022-02-21"
SNMPv2-SMI::mib-2.33.1.1.4.0 = STRING: "AppVer. 01.03.010"
SNMPv2-SMI::mib-2.33.1.1.5.0 = STRING: "FT-H 20 kVA "
SNMPv2-SMI::mib-2.33.1.1.6.0 = STRING: "??? "
SNMPv2-SMI::mib-2.33.1.2.1.0 = INTEGER: 2 !!#upsBatteryStatus 2 = should be on batteryNormal
SNMPv2-SMI::mib-2.33.1.2.2.0 = INTEGER: 0 #upsSecondsOnBattery
SNMPv2-SMI::mib-2.33.1.2.3.0 = INTEGER: 60 #upsEstimatedMinutesRemaining
SNMPv2-SMI::mib-2.33.1.2.4.0 = INTEGER: 100 #upsEstimatedChargeRemaining
SNMPv2-SMI::mib-2.33.1.2.5.0 = INTEGER: 2726 #upsBatteryVoltage
SNMPv2-SMI::mib-2.33.1.2.6.0 = INTEGER: 0 #upsBatteryCurrent
SNMPv2-SMI::mib-2.33.1.2.7.0 = INTEGER: 23 !!#upsBatteryTemperature - The ambient temperature at or near the UPS Battery casing.
SNMPv2-SMI::mib-2.33.1.3.1.0 = Counter32: 0
SNMPv2-SMI::mib-2.33.1.3.2.0 = INTEGER: 3
SNMPv2-SMI::mib-2.33.1.3.3.1.1.1 = INTEGER: 1 #upsInputLineBads
SNMPv2-SMI::mib-2.33.1.3.3.1.1.2 = INTEGER: 2 #upsInputNumLines
SNMPv2-SMI::mib-2.33.1.3.3.1.1.3 = INTEGER: 3 #upsInputTable
SNMPv2-SMI::mib-2.33.1.3.3.1.2.1 = INTEGER: 500 #upsInputFrequency -- UNITS 0.1 Hertz
SNMPv2-SMI::mib-2.33.1.3.3.1.2.2 = INTEGER: 500 #upsInputFrequency -- UNITS 0.1 Hertz
SNMPv2-SMI::mib-2.33.1.3.3.1.2.3 = INTEGER: 500 #upsInputFrequency -- UNITS 0.1 Hertz
SNMPv2-SMI::mib-2.33.1.3.3.1.3.1 = INTEGER: 232 #upsInputVoltage
SNMPv2-SMI::mib-2.33.1.3.3.1.3.2 = INTEGER: 233 #upsInputVoltage
SNMPv2-SMI::mib-2.33.1.3.3.1.3.3 = INTEGER: 232 #upsInputVoltage
SNMPv2-SMI::mib-2.33.1.3.3.1.4.1 = INTEGER: -1 #upsInputCurrent
SNMPv2-SMI::mib-2.33.1.3.3.1.4.2 = INTEGER: -1 #upsInputCurrent
SNMPv2-SMI::mib-2.33.1.3.3.1.4.3 = INTEGER: -1 #upsInputCurrent
SNMPv2-SMI::mib-2.33.1.3.3.1.5.1 = INTEGER: 0 #upsInputTruePower
SNMPv2-SMI::mib-2.33.1.3.3.1.5.2 = INTEGER: 0 #upsInputTruePower
SNMPv2-SMI::mib-2.33.1.3.3.1.5.3 = INTEGER: 0 #upsInputTruePower
SNMPv2-SMI::mib-2.33.1.4.1.0 = INTEGER: 3 !!#upsOutputSource 3 = normal
SNMPv2-SMI::mib-2.33.1.4.2.0 = INTEGER: 500 #upsOutputFrequency -- UNITS 0.1 Hertz
SNMPv2-SMI::mib-2.33.1.4.3.0 = INTEGER: 3 #upsOutputNumLines
SNMPv2-SMI::mib-2.33.1.4.4.1.1.1 = INTEGER: 1 #upsOutputLineIndex >> 3 out put lines!
SNMPv2-SMI::mib-2.33.1.4.4.1.1.2 = INTEGER: 2 #upsOutputLineIndex
SNMPv2-SMI::mib-2.33.1.4.4.1.1.3 = INTEGER: 3 #upsOutputLineIndex
SNMPv2-SMI::mib-2.33.1.4.4.1.2.1 = INTEGER: 230 #upsOutputVoltage
SNMPv2-SMI::mib-2.33.1.4.4.1.2.2 = INTEGER: 230 #upsOutputVoltage
SNMPv2-SMI::mib-2.33.1.4.4.1.2.3 = INTEGER: 230 #upsOutputVoltage
SNMPv2-SMI::mib-2.33.1.4.4.1.3.1 = INTEGER: 110 #upsOutputCurrent -- UNITS 0.1 RMS Amp
SNMPv2-SMI::mib-2.33.1.4.4.1.3.2 = INTEGER: 75 #upsOutputCurrent -- UNITS 0.1 RMS Amp
SNMPv2-SMI::mib-2.33.1.4.4.1.3.3 = INTEGER: 23 #upsOutputCurrent -- UNITS 0.1 RMS Amp
SNMPv2-SMI::mib-2.33.1.4.4.1.4.1 = INTEGER: 2290 !!#upsOutputPower -- UNITS Watts
SNMPv2-SMI::mib-2.33.1.4.4.1.4.2 = INTEGER: 1590 !!#upsOutputPower -- UNITS Watts
SNMPv2-SMI::mib-2.33.1.4.4.1.4.3 = INTEGER: 432 !!#upsOutputPower -- UNITS Watts
SNMPv2-SMI::mib-2.33.1.4.4.1.5.1 = INTEGER: 38 !!#upsOutputPercentLoad
SNMPv2-SMI::mib-2.33.1.4.4.1.5.2 = INTEGER: 26 !!#upsOutputPercentLoad
SNMPv2-SMI::mib-2.33.1.4.4.1.5.3 = INTEGER: 7 !!#upsOutputPercentLoad
SNMPv2-SMI::mib-2.33.1.5.1.0 = INTEGER: 500 #upsBypassFrequency
SNMPv2-SMI::mib-2.33.1.5.2.0 = INTEGER: 3 #upsBypassNumLines
SNMPv2-SMI::mib-2.33.1.5.3.1.1.1 = INTEGER: 1
SNMPv2-SMI::mib-2.33.1.5.3.1.1.2 = INTEGER: 2
SNMPv2-SMI::mib-2.33.1.5.3.1.1.3 = INTEGER: 3
SNMPv2-SMI::mib-2.33.1.5.3.1.2.1 = INTEGER: 232
SNMPv2-SMI::mib-2.33.1.5.3.1.2.2 = INTEGER: 231
SNMPv2-SMI::mib-2.33.1.5.3.1.2.3 = INTEGER: 233
SNMPv2-SMI::mib-2.33.1.5.3.1.3.1 = INTEGER: 0
SNMPv2-SMI::mib-2.33.1.5.3.1.3.2 = INTEGER: 0
SNMPv2-SMI::mib-2.33.1.5.3.1.3.3 = INTEGER: 0
SNMPv2-SMI::mib-2.33.1.5.3.1.4.1 = INTEGER: 0
SNMPv2-SMI::mib-2.33.1.5.3.1.4.2 = INTEGER: 0
SNMPv2-SMI::mib-2.33.1.5.3.1.4.3 = INTEGER: 0
SNMPv2-SMI::mib-2.33.1.6.1.0 = Gauge32: 0 #upsALARM : The present number of active alarm conditions. >> if 0 == No alarms present.
SNMPv2-SMI::mib-2.33.1.6.2.1.1.1 = INTEGER: 1
SNMPv2-SMI::mib-2.33.1.6.2.1.1.2 = INTEGER: 2
SNMPv2-SMI::mib-2.33.1.6.2.1.1.3 = INTEGER: 3
SNMPv2-SMI::mib-2.33.1.6.2.1.1.4 = INTEGER: 4
SNMPv2-SMI::mib-2.33.1.6.2.1.1.5 = INTEGER: 5
SNMPv2-SMI::mib-2.33.1.6.2.1.1.6 = INTEGER: 6
SNMPv2-SMI::mib-2.33.1.6.2.1.1.7 = INTEGER: 7
SNMPv2-SMI::mib-2.33.1.6.2.1.1.8 = INTEGER: 8
SNMPv2-SMI::mib-2.33.1.6.2.1.1.9 = INTEGER: 9
SNMPv2-SMI::mib-2.33.1.6.2.1.1.10 = INTEGER: 10
SNMPv2-SMI::mib-2.33.1.6.2.1.2.1 = OID: SNMPv2-SMI::zeroDotZero.0.0.0.0.0.0.0.0.0
SNMPv2-SMI::mib-2.33.1.6.2.1.2.2 = OID: SNMPv2-SMI::zeroDotZero.0.0.0.0.0.0.0.0.0
SNMPv2-SMI::mib-2.33.1.6.2.1.2.3 = OID: SNMPv2-SMI::zeroDotZero.0.0.0.0.0.0.0.0.0
SNMPv2-SMI::mib-2.33.1.6.2.1.2.4 = OID: SNMPv2-SMI::zeroDotZero.0.0.0.0.0.0.0.0.0
SNMPv2-SMI::mib-2.33.1.6.2.1.2.5 = OID: SNMPv2-SMI::zeroDotZero.0.0.0.0.0.0.0.0.0
SNMPv2-SMI::mib-2.33.1.6.2.1.2.6 = OID: SNMPv2-SMI::zeroDotZero.0.0.0.0.0.0.0.0.0
SNMPv2-SMI::mib-2.33.1.6.2.1.2.7 = OID: SNMPv2-SMI::zeroDotZero.0.0.0.0.0.0.0.0.0
SNMPv2-SMI::mib-2.33.1.6.2.1.2.8 = OID: SNMPv2-SMI::zeroDotZero.0.0.0.0.0.0.0.0.0
SNMPv2-SMI::mib-2.33.1.6.2.1.2.9 = OID: SNMPv2-SMI::zeroDotZero.0.0.0.0.0.0.0.0.0
SNMPv2-SMI::mib-2.33.1.6.2.1.2.10 = OID: SNMPv2-SMI::zeroDotZero.0.0.0.0.0.0.0.0.0
SNMPv2-SMI::mib-2.33.1.6.2.1.3.1 = Timeticks: (0) 0:00:00.00
SNMPv2-SMI::mib-2.33.1.6.2.1.3.2 = Timeticks: (0) 0:00:00.00
SNMPv2-SMI::mib-2.33.1.6.2.1.3.3 = Timeticks: (0) 0:00:00.00
SNMPv2-SMI::mib-2.33.1.6.2.1.3.4 = Timeticks: (0) 0:00:00.00
SNMPv2-SMI::mib-2.33.1.6.2.1.3.5 = Timeticks: (0) 0:00:00.00
SNMPv2-SMI::mib-2.33.1.6.2.1.3.6 = Timeticks: (0) 0:00:00.00
SNMPv2-SMI::mib-2.33.1.6.2.1.3.7 = Timeticks: (0) 0:00:00.00
SNMPv2-SMI::mib-2.33.1.6.2.1.3.8 = Timeticks: (0) 0:00:00.00
SNMPv2-SMI::mib-2.33.1.6.2.1.3.9 = Timeticks: (0) 0:00:00.00
SNMPv2-SMI::mib-2.33.1.6.2.1.3.10 = Timeticks: (0) 0:00:00.00
SNMPv2-SMI::mib-2.33.1.8.1.0 = INTEGER: -1
SNMPv2-SMI::mib-2.33.1.8.2.0 = INTEGER: -1
SNMPv2-SMI::mib-2.33.1.8.3.0 = INTEGER: -1
SNMPv2-SMI::mib-2.33.1.8.4.0 = INTEGER: -1
SNMPv2-SMI::mib-2.33.1.8.5.0 = INTEGER: -1
SNMPv2-SMI::mib-2.33.1.9.1.0 = INTEGER: 0
SNMPv2-SMI::mib-2.33.1.9.2.0 = INTEGER: 0
SNMPv2-SMI::mib-2.33.1.9.3.0 = INTEGER: 0
SNMPv2-SMI::mib-2.33.1.9.4.0 = INTEGER: 0
SNMPv2-SMI::mib-2.33.1.9.5.0 = INTEGER: 20000
SNMPv2-SMI::mib-2.33.1.9.6.0 = INTEGER: 18000
SNMPv2-SMI::mib-2.33.1.9.7.0 = INTEGER: 3
SNMPv2-SMI::mib-2.33.1.9.8.0 = INTEGER: 0
SNMPv2-SMI::mib-2.33.1.9.9.0 = INTEGER: 0
SNMPv2-SMI::mib-2.33.1.9.10.0 = INTEGER: 0
---------------------------------------------------------------------------
- if you want to react on snmp traps
---------------------------------------------------------------------------
SensorTrap.mib:
-- IRMS-MIB { iso org(3) dod(6) internet(1) private(4)
-- enterprises(1) riello(5491) }
SENSORTRAP-MIB DEFINITIONS ::= BEGIN
-- Title: SENSOR TRAP MIB
-- Version: 1.0 by Michele Marcon
-- Date: 02.11.2009
IMPORTS
enterprises
FROM RFC1155-SMI
OBJECT-TYPE
FROM RFC-1212
TRAP-TYPE
FROM RFC-1215;
rielloMIB OBJECT IDENTIFIER ::= { enterprises 5491 }
sensorgroup OBJECT IDENTIFIER ::= { rielloMIB 9 }
sensor OBJECT IDENTIFIER ::= { sensorgroup 1 }
sensorId OBJECT-TYPE
SYNTAX INTEGER
ACCESS read-only
STATUS mandatory
DESCRIPTION
"The number of the sensor."
::= { sensor 1 }
sensorTrapGroup OBJECT IDENTIFIER ::= { sensor 2 }
sensorAlarmTMax TRAP-TYPE
ENTERPRISE sensorTrapGroup
VARIABLES { sensorId }
DESCRIPTION "This trap is sent each minute when temperature reaches maximum level"
::= 1
sensorAlarmTMaxRemoved TRAP-TYPE
ENTERPRISE sensorTrapGroup
VARIABLES { sensorId }
DESCRIPTION "This trap is sent when temperature returns to standard level"
::= 2
sensorAlarmTMin TRAP-TYPE
ENTERPRISE sensorTrapGroup
VARIABLES { sensorId }
DESCRIPTION "This trap is sent each minute when temperature reaches minimum level"
::= 3
sensorAlarmTMinRemoved TRAP-TYPE
ENTERPRISE sensorTrapGroup
VARIABLES { sensorId }
DESCRIPTION "This trap is sent when temperature returns to standard level"
::= 4
sensorIOAlarm TRAP-TYPE
ENTERPRISE sensorTrapGroup
VARIABLES { sensorId }
DESCRIPTION "This trap is sent each minute when input contact is in alarm"
::= 5
sensorIOAlarmRemoved TRAP-TYPE
ENTERPRISE sensorTrapGroup
VARIABLES { sensorId }
DESCRIPTION "This trap is sent when input contact is normal"
::= 6
sensorHumidityAlarm TRAP-TYPE
ENTERPRISE sensorTrapGroup
VARIABLES { sensorId }
DESCRIPTION "This trap is sent each minute when humidity reaches maximum level"
::= 7
sensorHumidityAlarmRemoved TRAP-TYPE
ENTERPRISE sensorTrapGroup
VARIABLES { sensorId }
DESCRIPTION "This trap is sent when humidity returns to normal level"
::= 8
sensorHumidityLowAlarm TRAP-TYPE
ENTERPRISE sensorTrapGroup
VARIABLES { sensorId }
DESCRIPTION "This trap is sent each minute when humidity reaches minimum level"
::= 9
sensorHumidityLowAlarmRemoved TRAP-TYPE
ENTERPRISE sensorTrapGroup
VARIABLES { sensorId }
DESCRIPTION "This trap is sent when humidity returns to normal level"
::= 10
END
sample snmpwalk command to get out, some information from the vsa:
#default community string ist public
snmpwalk -v 2c -c public <vsa-ip-address> .1.3.6.1.4.1.9804.3.1.1.2.12.46.1.19
some interesting snmp mib variables can be found in the file "LEFTHAND-NETWORKS-NSM-CLUSTERING-MIB.mib", which can be found on the internet
for example:
clusModuleStorageStatus storage status of a module .1.3.6.1.4.1.9804.3.1.1.2.12.46.1.19
clusModuleRaidStatus RAID status of a module .1.3.6.1.4.1.9804.3.1.1.2.12.46.1.10
clusModuleName hostname of module .1.3.6.1.4.1.9804.3.1.1.2.12.46.1.4
.1.3.6.1.4.1.9804.3.1.1.2.12.46.1.2
>> have this knowledge, you can easily build a simple perl script that queries the information from the VSA and formats to "checkmk" format, so that it can be used as an "individual script":
--------------------------------------------------------------------------------------
checkVSACluster.pl
--------------------------------------------------------------------------------------
#!/bin/perl
######################################################################################
#
# VSA Cluster Monitor
#
#
#
#[root@pnrtnagios01 ~]# snmpwalk -c public -v 2c 10.10.10.10 .1.3.6.1.4.1.9804.3.1.1.2.12.48.1
#SNMPv2-SMI::enterprises.9804.3.1.1.2.12.48.1.2.1 = STRING: "MyCluster" #Clustername
#SNMPv2-SMI::enterprises.9804.3.1.1.2.12.48.1.3.1 = Gauge32: 2
#SNMPv2-SMI::enterprises.9804.3.1.1.2.12.48.1.4.1 = Gauge32: 3
#SNMPv2-SMI::enterprises.9804.3.1.1.2.12.48.1.7.1 = Counter64: 0
#SNMPv2-SMI::enterprises.9804.3.1.1.2.12.48.1.8.1 = Gauge32: 0
#SNMPv2-SMI::enterprises.9804.3.1.1.2.12.48.1.15.1 = Gauge32: 1
#SNMPv2-SMI::enterprises.9804.3.1.1.2.12.48.1.16.1 = INTEGER: 1
#SNMPv2-SMI::enterprises.9804.3.1.1.2.12.48.1.17.1 = Counter64: 13773420544 #clusClusterAvailableSpace /Space available to create volumes (assuming one replica) in the cluster.
# Divide by the number of replicas to obtain the true number.
#SNMPv2-SMI::enterprises.9804.3.1.1.2.12.48.1.20.1 = Counter64: 322388095 #clusClusterStatsIOsRead /A counter of IO read operations in the cluster.
#SNMPv2-SMI::enterprises.9804.3.1.1.2.12.48.1.21.1 = Counter64: 605929634 #clusClusterStatsIOsWrite /A counter of IO write operations in the cluster.
#SNMPv2-SMI::enterprises.9804.3.1.1.2.12.48.1.22.1 = Counter64: 26001669629952 # clusClusterStatsBytesRead /The number of bytes read from the cluster.
#SNMPv2-SMI::enterprises.9804.3.1.1.2.12.48.1.23.1 = Counter64: 15787429566976 # clusClusterStatsBytesWrite /The number of bytes written to the cluster.
#SNMPv2-SMI::enterprises.9804.3.1.1.2.12.48.1.24.1 = Gauge32: 0
#SNMPv2-SMI::enterprises.9804.3.1.1.2.12.48.1.25.1 = Gauge32: 0
#SNMPv2-SMI::enterprises.9804.3.1.1.2.12.48.1.26.1 = Counter64: 882064504 #clusClusterStatsIoLatencyRead /The total time spent waiting for read operations to complete in the cluster.
#SNMPv2-SMI::enterprises.9804.3.1.1.2.12.48.1.27.1 = Counter64: 4432349402 #clusClusterStatsIoLatencyWrite /The total time spent waiting for write operations to complete in the cluster.
#SNMPv2-SMI::enterprises.9804.3.1.1.2.12.48.1.28.1 = Counter64: 221403500 #clusClusterStatsCacheHits /The number of read cache hits and read ahead hits in the cluster.
#SNMPv2-SMI::enterprises.9804.3.1.1.2.12.48.1.29.1 = Counter64: 20930038784 #clusClusterTotalSpace /The total space for data storage in the cluster.
#SNMPv2-SMI::enterprises.9804.3.1.1.2.12.48.1.30.1 = Counter64: 7156618240 #clusClusterProvisionedSpace /The amount of storage space that has been provisioned in the cluster.
#SNMPv2-SMI::enterprises.9804.3.1.1.2.12.48.1.31.1 = Counter64: 7154634240 #clusClusterUsedSpace /The amount of storage space that has been used in the cluster.
#SNMPv2-SMI::enterprises.9804.3.1.1.2.12.48.1.32.1 = Gauge32: 34 #ClusterUtilization /The percentage of storage space that has been used in the cluster.
#
# sample nagios check output
# OK - www.google.de: rta 33,341ms, lost 0%|rta=33,341ms;200,000;500,000;0; pl=0%;40;80;; rtmax=33,362ms;;;; rtmin=33,309ms;;;;
#
# see also: http://community.hpe.com/t5/HPE-StoreVirtual-Storage/SNMP-Monitoring/td-p/4390990
# 4. PNP Templates for local checks
# https://mathias-kettner.de/checkmk_localchecks.html#PNP%20Templates%20for%20local%20checks
# All those files are expected to be in the same directory as check_mk-local.php.
#
######################################################################################
if ($ARGV[0] eq '' ){
print "Usage: checkVSACluster.pl <hostname or ip-address> <snmp community - if not specified public is used> <80 - warning> <90 - critical>\n";
print " example checkVSACluster.pl 192.168.2.1 public 80 90\n";
print "\n";
exit(1);
}
$clusterip = $ARGV[0];
$community = $ARGV[1];
$warning = $ARGV[2];
$critical= $ARGV[3];
$warning=80 if $warning eq '';
$critical=87 if $critical eq '';
#$clusterip='10.125.30.15';
$community='public' if $community eq '';
$debug=0; #1=on
%foundHash={};
$clustername = '';
print "<<<check_mk>>>\n";
print "Version: pn-v2016-07-22\n";
print "<<<local>>>\n";
open(IN,"snmpwalk -v 2c -c $community $clusterip .1.3.6.1.4.1.9804.3.1.1.2.12.48.1 2>/dev/null |");
while(<IN>){
$line = $_;
chomp($line);
print "$line\n" if $debug;
if ($line =~ /9804.3.1.1.2.12.48.1.2.1.*\"(.*)\"$/){
print "clustername = $1\n" if $debug;
$clustername=$1;
}
#read write information
if ($line =~ /9804.3.1.1.2.12.48.1.20.1.*Counter64:\s(\d*)$/){
print "0 VSA-ClusterStatsIOsRead count=$1c $clustername: counter of IO read operations in the cluster $1.\n";
$foundHash{'VSA-ClusterStatsIOsRead'}=1;
}
if ($line =~ /9804.3.1.1.2.12.48.1.21.1.*Counter64:\s(\d*)$/){
print "0 VSA-ClusterStatsIOsWrite count=$1c $clustername: counter of IO write operations in the cluster $1.\n";
$foundHash{'VSA-ClusterStatsIOsWrite'}=1;
}
if ($line =~ /9804.3.1.1.2.12.48.1.22.1.*Counter64:\s(\d*)$/){
print "0 VSA-ClusterStatsBytesRead count=$1c $clustername: The number of bytes read from the cluster $1.\n";
$foundHash{'VSA-ClusterStatsBytesRead'}=1;
}
if ($line =~ /9804.3.1.1.2.12.48.1.23.1.*Counter64:\s(\d*)$/){
print "0 VSA-ClusterStatsBytesWrite count=$1c $clustername: The number of bytes written to the cluster $1.\n";
$foundHash{'VSA-ClusterStatsBytesWrite'}=1;
}
#Io Latency
if ($line =~ /9804.3.1.1.2.12.48.1.26.1.*Counter64:\s(\d*)$/){
print "0 VSA-ClusterStatsIoLatencyRead count=$1c $clustername: The total time spent waiting for read operations to complete in the cluster $1.\n";
$foundHash{'VSA-ClusterStatsIoLatencyRead'}=1;
}
if ($line =~ /9804.3.1.1.2.12.48.1.27.1.*Counter64:\s(\d*)$/){
print "0 VSA-ClusterStatsIoLatencyWrite count=$1c $clustername: The total time spent waiting for write operations to complete in the cluster $1.\n";
$foundHash{'VSA-ClusterStatsIoLatencyWrite'}=1;
}
#space used
#print "$line\n";
#SNMPv2-SMI::enterprises.9804.3.1.1.2.12.48.1.32.1 = Gauge32: 80
if ($line =~ /9804.3.1.1.2.12.48.1.32.1.*Gauge32:\s(\d*)$/){
if ($1 >= $critical){
print "2 VSA-ClusterUtilization count=$1 $clustername: percentage of storage space used = $1.\n";
}else{
if ($1 >= $warning ){
print "1 VSA-ClusterUtilization count=$1 $clustername: percentage of storage space used = $1.\n";
}else{
print "0 VSA-ClusterUtilization count=$1 $clustername: percentage of storage space used = $1.\n";
}
}
$foundHash{'VSA-ClusterUtilization'}=1;
}
}
close(IN);
if (! exists $foundHash{'VSA-ClusterStatsIOsRead'}){print "1 VSA-ClusterStatsIOsRead count=c $clustername: no values found!\n";}
if (! exists $foundHash{'VSA-ClusterStatsIOsWrite'}){print "1 VSA-ClusterStatsIOsWrite count=c $clustername: no values found!\n";}
if (! exists $foundHash{'VSA-ClusterStatsBytesRead'}){print "1 VSA-ClusterStatsBytesRead count=c $clustername: no values found!\n";}
if (! exists $foundHash{'VSA-ClusterStatsBytesWrite'}){print "1 VSA-ClusterStatsBytesWrite count=c $clustername: no values found!\n";}
if (! exists $foundHash{'VSA-ClusterStatsIoLatencyRead'}){print "1 VSA-ClusterStatsIoLatencyRead count=c $clustername: no values found!\n";}
if (! exists $foundHash{'VSA-ClusterStatsIoLatencyWrite'}){print "1 VSA-ClusterStatsIoLatencyWrite count=c $clustername: no values found!\n";}
if (! exists $foundHash{'VSA-ClusterUtilization'}){print "1 VSA-ClusterUtilization count=c $clustername: no values found!\n";}
--------------------
the script make use of:
https://secure.asteas.com/docu/interfacing/batch_access.html
-------------------
#!/usr/bin/perl
use strict;
use Data::Dumper;
use JSON;
###############################################################################
#
# checkIACBox
#
# see also: https://secure.asteas.com/docu/interfacing/batch_access.html
#
# use IACBOX api, to get some data out of the IACBOX, return results back in check syntax
#
# usage:
#
# ./checkIACBOX.pl <hostname or ip-address> <iac-user> <iac-pwd> <warning-online>
#
###############################################################################
my $version='v2022-30-03';
my $user='';
my $pwd='';
my $url='';
my $warning_online = 90; #warning if more users are online, than this percentage number
my $debug=0;
my %retHash = {};
if ($ARGV[0] eq '' ){
print "Usage: checkIACBox.pl <hostname or ip-address> <iac-user> <iac-pwd> <warning-online>\n";
print "\n";
exit(1);
}
my $ip=$ARGV[0];
$user=$ARGV[1];
$pwd=$ARGV[2];
$warning_online==$ARGV[3];
my $url='https://'.$ip.'/batch.php';
print "<<<check_mk>>>\n";
print "Version: pn-$version\n";
print "<<<local>>>\n";
getUserInfo();
##################
# Sub-Routines
##################
#get User Info
#curl --insecure --data "username=xyz&password=xyz&action=json&want=userinfo" https://192.168.2.33/batch.php
#{"users_online":1,"lic_users":"25","max_users":"25","percent_onl":4,"percent_free":96,"reg_number":"2018070502"}
sub getUserInfo(){
my $cmd = 'curl --insecure --data "username='.$user.'&password='.$pwd.'&action=json&want=userinfo" '.$url;
my $users_online=0;
my $max_users=-1;
my $percent_online=0;
my $i=0;
my $servicename = "IACBOX-Users";
my $line='';
print "cmd=$cmd\n" if $debug;
open(IN, "$cmd 2>/dev/null |");
while(<IN>){
$i++;
$line = $_;
chomp($line);
print "$i: $line\n" if $debug;
#line is something like:
# 1: {"users_online":4,"lic_users":"25","max_users":"25","percent_onl":16,"percent_free":84,"reg_number":"2022033001"}
#
my $ret = decode_json($line);
%retHash = %$ret;
print Dumper(%retHash) if $debug;
if ($retHash{'users_online'}){
$users_online=$retHash{'users_online'};
}
if ($retHash{'max_users'}){
$max_users=$retHash{'max_users'};
}
if ($retHash{'percent_onl'}){
$percent_online=$retHash{'percent_onl'};
}
#print Dumper($users_online) if $debug;
}
#$max_users=0;
if ($max_users <= 0){
print "1 $servicename users=$users_online warning - max_users value should be > 0! Maybe problem with getting values from IACBOX! (Last result from query was >> $line << ).\n";
return;
}
if ($percent_online > $warning_online ){
print "1 $servicename users=$users_online warning - more than $warning_online% of users are online! $users_online / max: $max_users are online. Percent online = $perce nt_online.\n";
return;
}
print "0 $servicename users=$users_online ok - $users_online / max: $max_users are online. Percent online = $percent_online. Warning if > than $warning_online%.\n";
}
rsnapsht is showing warning: could not lchown() symlink "path-to-file"
problem:
rsnapshot is getting errors / warning, the exit could is not "success":
example:
[2022-07-01T08:40:01] WARNING: Could not lchown() symlink "/opt/backup_rsnapshot/daily.1/localhost/etc/ssl/certs/SecureSign_RootCA11.pem"
[2022-07-01T08:40:01] WARNING: Could not lchown() symlink "/opt/backup_rsnapshot/daily.1/localhost/etc/ssl/certs/ISRG_Root_X1.pem"
[2022-07-01T08:40:01] WARNING: Could not lchown() symlink "/opt/backup_rsnapshot/daily.1/localhost/etc/ssl/certs/Certigna_Root_CA.pem"
[2022-07-01T08:40:01] WARNING: Could not lchown() symlink "/opt/backup_rsnapshot/daily.1/localhost/etc/ssl/certs/DigiCert_High_Assurance_EV_Root_CA.pem"
[2022-07-01T08:40:01] WARNING: Could not lchown() symlink "/opt/backup_rsnapshot/daily.1/localhost/etc/ssl/certs/TWCA_Global_Root_CA.pem"
[2022-07-01T08:40:01] WARNING: Could not lchown() symlink "/opt/backup_rsnapshot/daily.1/localhost/etc/ssl/certs/QuoVadis_Root_CA_2_G3.pem"
[2022-07-01T08:40:01] WARNING: Could not lchown() symlink "/opt/backup_rsnapshot/daily.1/localhost/etc/systemd/system/bind9.service"
[2022-07-01T08:40:01] WARNING: Could not lchown() symlink "/opt/backup_rsnapshot/daily.1/localhost/etc/systemd/system/multi-user.target.wants/cron.service"
[2022-07-01T08:40:01] WARNING: Could not lchown() symlink "/opt/backup_rsnapshot/daily.1/localhost/etc/systemd/system/mult
solution:
>>> install the necessary perl library!!
>>>>>>> apt-get install liblchown-perl checkmk - increase limit for open files
<home-directory of your site>/etc/init.d/cmc
here you find under start:
>> # Try to raise the soft limit for open files. The Microcore needs a *lot* of open
>> # files when you have a large number of helper processes and/or Livestatus threads
>> # configured. Setting the soft limit to "unlimited" (i.e. the hard limit) is not a
>> # good idea, this limit can be very high (1 M), which negatively impacts closefrom().
>> for i in 8192 6144 4096 2048; do # find a sane soft limit below the hard one
>> ulimit -S -n $i 2> /dev/null && break
>> done
>> add a 16384 before 8192 and restart your site
>> if you update to a new version, you need to check if the setting is still there ;-((
how to make sure which are the real values?
>> create a script and use it as individual check, in the script dump the limit parameters, using the command ulimit -a
>> here is such sample script, that writes the values to /tmp/ulimit.log
#!/bin/perl
system("ulimit -a >> /tmp/ulimit.log");
print "<<<check_mk>>>\n";
print "Version: pn-v2022-09-13\n";
print "<<<local>>>\n";
print "0 ulimit-openfiles - just for debug, write values to /tmp/ulimit.log\n"; call the shelly using a script:
root@lnx02:~/bin# ./getShelly1pmTemperature4checkmk.pl 192.168.2.170
<<<checkmk>>>
version: 2023-04-01
<<<local>>>
0 Shelly1pm-Temperature temp=30.6 30.6 C
0 Shelly1pm--t1 temp=42.12 Temperature from Sensor 1: 42.12
0 Shelly1pm--t2 temp=54.38 Temperature from Sensor 2: 54.38
0 Shelly1pm--t3 temp=41.12 Temperature from Sensor 3: 41.12
-------------------------------------------------------------------------------------
>> here is the script
-------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------
#!/usr/bin/perl
################################################################################
#
# getShelly1pmTemperature4checkmk.pl
#
# checkmk local check to get temperature from shelly device
#
# (c> by m.wendig v2023-04
#
################################################################################
use LWP::UserAgent;
use JSON qw( decode_json );
use Data::Dumper;
my $version='2023-04-01';
my $cname='Shelly1pm';
my $debug=0;
my $shelly_ip = shift;
my $ext_temp_name_1 = shift;
my $ext_temp_name_2 = shift;
my $ext_temp_name_3 = shift;
my $ext_temp_name_4 = shift;
my $ext_temp_name_5 = shift;
if (!defined $shelly_ip) {
print "usage:\n";
print "getShelly1pmTemperature4checkmk.pl <Shelly IPy> [ext_temp_name_1] [ext_temp_name_2] [ext_temp_name_3] [ext_temp_name_4] [ext_temp_name_5]\n";
print "Example: getShelly1pmTemperature4checkmk.pl 192.168.1.10 temp-top temp-middle temp-buttom\n";
exit;
}
my $ua = LWP::UserAgent->new;
my $url = "http://$shelly_ip/status";
my $req = HTTP::Request->new(GET => $url);
my $res = $ua->request($req);
print "<<<checkmk>>>\n";
print "version: $version\n";
print "<<<local>>>\n";
if ($res->is_success) {
my $content = $res->content;
# Decode JSON response
my $json = decode_json($content);
print Dumper($json) if $debug;
# Print temperature in Celsius
my $temp = $json->{tmp}{tC};
my $temp_unit = $json->{ext_sensors}{temperature_unit};
my $ext_temp_1 = $json->{ext_temperature}{0}{tC};
my $ext_temp_2 = $json->{ext_temperature}{1}{tC};
my $ext_temp_3 = $json->{ext_temperature}{2}{tC};
my $ext_temp_4 = $json->{ext_temperature}{3}{tC};
my $ext_temp_5 = $json->{ext_temperature}{4}{tC};
print "0 $cname-Temperature temp=$temp $temp $temp_unit\n";
print "0 $cname-$ext_temp_name_1"."-t1 temp=$ext_temp_1 Temperature from Sensor 1: $ext_temp_1\n" if defined $ext_temp_1;
print "0 $cname-$ext_temp_name_2"."-t2 temp=$ext_temp_2 Temperature from Sensor 2: $ext_temp_2\n" if defined $ext_temp_2;
print "0 $cname-$ext_temp_name_3"."-t3 temp=$ext_temp_3 Temperature from Sensor 3: $ext_temp_3\n" if defined $ext_temp_3;
print "0 $cname-$ext_temp_name_4"."-t4 temp=$ext_temp_4 Temperature from Sensor 4: $ext_temp_4\n" if defined $ext_temp_4;
print "0 $cname-$ext_temp_name_5"."-t5 temp=$ext_temp_5 Temperature from Sensor 5: $ext_temp_5\n" if defined $ext_temp_5;
} else {
print "2 $cname-Temperature temp=- Failed to fetch temperature data from Shelly\n";
} solution: a script called "getArpFromRouter.pl"
--------------------------------------------------------------------------------------------------
#!/usr/bin/perl
##############################################################################
#
# This script is designed to retrieve the ARP table entries for a router using
# the Simple Network Management Protocol (SNMP) and display them in a
# human-readable format.
#
# The script first sets SNMP credentials and the target router IP address,
# then retrieves VLAN names from the IF-MIB::ifName table using the snmpwalk
# command. The VLAN names are stored in an associative array called vlannames.
# The script then walks the IP-MIB::ipNetToMediaPhysAddress table to retrieve
# ARP table entries, which contain IP addresses, MAC addresses, and VLAN IDs.
# The script uses the VLAN IDs to look up the corresponding VLAN names in the
# vlannames array, and then prints out the IP address, MAC address, VLAN name,
# and VLAN ID in a formatted table.
#
# Overall, this script provides a quick and easy way to retrieve and view ARP
# table entries for a router, which can be useful for troubleshooting network
# issues or monitoring network activity.
#
# usage: ./getArpFromRouter.pl
#
# output sample:
#
# 10.20.30.141 aa:bb:cc:1f:a5:75 vlantest 1712.
# 10.20.30.142 aa:bb:cc:1f:a5:7a vlantest 1712.
#
#
##############################################################################
use strict;
use warnings;
# Set SNMP credentials and target router IP address
my $community = "public";
my $router_ip = "192.168.2.1";
# OID for IP-MIB::ipNetToMediaPhysAddress table
my $ip_oid = "IP-MIB::ipNetToMediaPhysAddress";
# OID for IF-MIB::ifName table
my $vlan_oid = "IF-MIB::ifName";
# Set debug flag
my $debug = 1;
my %vlannames;
sub main {
# Walk the IF-MIB::ifName table and store VLAN names in an associative array
if ($debug) {
print "DEBUG: Retrieving VLAN names from $vlan_oid\n";
}
open(my $SNMPWALK, "-|", "snmpwalk -c $community -v 2c $router_ip $vlan_oid") or die "Could not run snmpwalk: $!";
while (my $line = <$SNMPWALK>) {
chomp($line);
# Extract VLAN ID and name from line
my ($vlan_id, $vlan_name) = ($line =~ /.*\.(\d+)\s+=\s+STRING:\s+(.+)/);
$vlannames{$vlan_id} = $vlan_name;
# Print VLAN name if debug flag is set
if ($debug) {
print "DEBUG: Received VLAN name: $vlan_name (VLAN ID: $vlan_id)\n";
}
}
close($SNMPWALK);
print "---- VLAN Names ----\n";
foreach my $vlan_id (keys %vlannames) {
my $vlan_name = $vlannames{$vlan_id};
print "VLAN ID: $vlan_id, VLAN name: $vlan_name\n";
}
# Walk the IP-MIB::ipNetToMediaPhysAddress table and print out VLAN name, IP, and MAC
if ($debug) {
print "DEBUG: Retrieving IP-MIB::ipNetToMediaPhysAddress table from $router_ip\n";
}
open(my $SNMPWALK, "-|", "snmpwalk -c $community -v 2c $router_ip $ip_oid") or die "Could not run snmpwalk: $!";
while (my $line = <$SNMPWALK>) {
chomp($line);
#print "$line\n" if $debug;
# Extract VLAN ID, IP, and MAC from line
my ($vlan_id) = $line =~ /IP-MIB::ipNetToMediaPhysAddress\.(\d+)/;
my ($ip) = $line =~ /IP-MIB::ipNetToMediaPhysAddress\.\d+\.(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})/;
my ($mac) = $line =~ /STRING: (.+)$/;
#print " vlan_id=$vlan_id\n" if $debug;
#print " ip=$ip\n" if $debug;
#print " mac=$mac\n" if $debug;
# Look up VLAN name in associative array
my $vlan_name = $vlannames{$vlan_id};
# Print VLAN name, IP, and MAC in the desired format
printf("%-15s %-20s %-20s %-10s\n", $ip, $mac, $vlan_name, "$vlan_id.");
#exit;
}
close($SNMPWALK);
}
# Call main function
main(); deye 600 or 800w microinverter (for example for balkonkraftwerk), how to read out data using a script? in my case a perl script?
##########################################################################################
# >> here is a solution: getDeyePowergenerationData.pl
##########################################################################################
#!/usr/bin/perl
use LWP::UserAgent;
use HTTP::Request::Common;
use Getopt::Long;
use strict;
##########################################################################
#
# getDeyePowergenerationData.pl
#
# get some data from a deye inverter like the current power, firmware, serial, wlan quality / information
#
# use the parameter --checkmk if you want to get the output in checkmk output format,
# then you can use the script as an individual script in checkmk!
# (Individual program call instead of agent access)
#
# usage:
# ./getDeyePowergenerationData.pl [--checkmk] [--debug] <ip_address> <name> <username> <password>
#
# needs some libraries:
# install them with this command: cpan DateTime::Event::Sunrise,
# or: apt-get install libdatetime-event-sunrise-per,
# apt-get install liblist-moreutils-perl
#
# (c) sys4com 2023
#
##########################################################################
my $version='s4c-2023-08-09';
use DateTime;
use DateTime::Event::Sunrise;
my ($ip_address, $name, $checkmk, $debug, $username, $password);
# Parse command line options
GetOptions(
'checkmk' => \$checkmk,
'debug' => \$debug
) or die "Usage: $0 [--checkmk] [--debug] <ip_address> <name> <username> <password>\n";
# Get the IP address and name from remaining command line arguments
($ip_address, $name, $username, $password) = @ARGV;
# Check if arguments were provided
unless (defined $ip_address && defined $name && defined $username && defined $password) {
print "Usage: $0 [--checkmk] [--debug] <ip_address> <name> <username> <password>\n";
exit;
}
# Set the URL of the page to fetch
my $url = "http://$ip_address/status.html";
my $current_power=0;
my $yield_today=0;
my $yield_total=0;
my $serial_device='';
my $serial_inverter='';
my $firmware='';
my $control=0;
my $sta_ssid=''; #wlan
my $sta_rssi=0; #wlan signal connection strength
my $sta_ip=''; #wlan ip
my $sta_mac=''; #wlan mac
# Funktion mit Breitengrad und Längengrad für Stuttgart
my $latitude = 48.7758; # Breitengrad von Stuttgart
my $longitude = 9.1829; # Längengrad von Stuttgart
my $isDaytime = is_it_daytime($latitude, $longitude);
#if ($isDaytime) {
# print "Es ist noch hell in Stuttgart.\n";
#} else {
# print "Es ist dunkel in Stuttgart.\n";
#}
#
if ($isDaytime){
# Create a new LWP::UserAgent object
my $ua = LWP::UserAgent->new();
# Create a new HTTP::Request object with authentication credentials
my $request = GET $url;
$request->authorization_basic($username, $password);
# Make the HTTP request and get the response
my $response = $ua->request($request);
# Check if the request was successful
if ($response->is_success) {
my $content = $response->content;
my @carray = split /\n/,$content;
my $i=0;
foreach my $line (@carray){
$i++;
print "$i: $line\n" if $debug;
if ($line=~ /var webdata_now_p.*\"(.*)\"/) { $current_power = $1; $control++; }
if ($line=~ /var webdata_today_e .*\"(.*)\"/) { $yield_today = $1; $control++; }
if ($line=~ /var webdata_total_e .*\"(.*)\"/) { $yield_total = $1; $control++; }
if ($line=~ /var webdata_sn.*\"(.*)\"/) { $serial_inverter = $1; $control++; $serial_inverter=~s/\s//g; }
if ($line=~ /var cover_mid.*\"(.*)\"/) { $serial_device = $1; $control++; }
if ($line=~ /var cover_ver.*\"(.*)\"/) { $firmware = $1; $control++; }
if ($line=~ /var cover_sta_ssid.*\"(.*)\"/) { $sta_ssid = $1; $control++; }
if ($line=~ /var cover_sta_rssi.*\"(.*)%\"/) { $sta_rssi = $1; $control++; }
if ($line=~ /var cover_sta_ip.*\"(.*)\"/) { $sta_ip = $1; $control++; }
if ($line=~ /var cover_sta_mac.*\"(.*)\"/) { $sta_mac = $1; $control++; }
}
} else {
print "HTTP request failed: " . $response->status_line . "\n";
}
}else{
$current_power=0;
$yield_today=0;
$yield_total=0;
$serial_inverter = 'na';
$serial_device = 'na';
$firmware = 'na';
$sta_ssid = 'na';
$sta_rssi = 0;
$sta_ip = 'na';
$sta_mac = 'na';
$control = 10;
}
if ($checkmk){
my $status=0;
my $txt_warn="";
print "<<<check_mk>>>\n";
print "version: $version\n";
print "<<<local>>>\n";
my $str_perf = "current-power=$current_power|production-today=$yield_today|production-total=$yield_total";
my $str_txt = "current-power=$current_power W, today=$yield_today kWH, total=$yield_total kWH, ".
"serial-inverter=$serial_inverter, serial-device=$serial_device, firmware=$firmware, name=$name.";
if ($control != 10){
$status = 1;
$txt_warn = " WARNING - could not get all values! ";
}
print "$status power power=$current_power current-power=$current_power W\n";
print "$status today today=$yield_today today=$yield_today kWH\n";
print "$status total total=$yield_total total=$yield_total kWH\n";
print "$status info - $txt_warn $str_txt\n";
print "$status wlan wlansignal=$sta_rssi Connected with WLAN $sta_ssid, Signalstrength=$sta_rssi%, ip=$sta_ip, mac=$sta_mac\n";
}else{
print "current power=$current_power.\n";
print "production today=$yield_today.\n";
print "production total=$yield_total.\n";
print "serial inverter=$serial_inverter.\n";
print "serial device=$serial_device.\n";
print "firmware=$firmware.\n";
print "wlan info: with WLAN $sta_ssid, Signalstrength=$sta_rssi%, ip=$sta_ip, mac=$sta_mac\n";
}
sub is_it_daytime {
my ($latitude, $longitude) = @_;
my $dt = DateTime->now(time_zone => 'local');
my $sunrise = DateTime::Event::Sunrise->new(
longitude => $longitude,
latitude => $latitude,
precise => 1,
)->sunrise_datetime($dt);
my $sunset = DateTime::Event::Sunrise->new(
longitude => $longitude,
latitude => $latitude,
precise => 1,
)->sunset_datetime($dt);
my $tolerance = 30; # Tolerance in minutes
my $sunrise_plus_tolerance = $sunrise->clone->add(minutes => $tolerance);
my $sunset_minus_tolerance = $sunset->clone->subtract(minutes => $tolerance);
if ($dt >= $sunrise_plus_tolerance && $dt <= $sunset_minus_tolerance) {
return 1; # It's daytime within the tolerance
} else {
return 0; # It's not yet daytime within the tolerance
}
} >> use this individual script:
#!/usr/bin/perl
######################################################################################
#
# checkMimosa.pl
#
# Mib Reference - see also
# http://backhaul.help.mimosa.co/snmp-usage-examples-snmpget
#
# Examples (Rx signal strength)
# snmpget -v 1 -c public 192.168.1.20 1.3.6.1.4.1.43356.2.1.2.6.6.0
# MIMOSA-NETWORKS-BFIVE-MIB::mimosaTotalRxPower.0 = INTEGER: -42.7 dBm
#
# update log:
# -----------
# - 2023-04-26: first version
#
######################################################################################
$hostname=$ARGV[0];
$community=$ARGV[1];
$param=$ARGV[2];
$debug=0; #1=on
$error=0;
$errmsg='';
if (($hostname eq '') || ($community eq '')){
print "usage: checkMimosa.pl <hostname> <community> <-p=xxx>\n";
print " -p port number for snmp query is optional\n";
exit 1;
}
if ($param =~ /^-p=(\d*)$/){
$hostname="$hostname:$1";
}
print "<<<check_mk>>>\n";
print "Version: pn-v2023-04-26\n";
print "<<<local>>>\n";
#Rx signal strength
my $name="rx_signal_strength";
open(IN,"snmpget -v 2c -c $community $hostname .1.3.6.1.4.1.43356.2.1.2.6.6.0 | ");
if ($? != 0){
print "1 $name dbm=- Cannot get value for rx signal strength\n";
}else{
while(<IN>){
$line=$_;
chomp($line);
#print ">>>> $line\n";
if ($line =~ /= Integer:\s(.*)$/i){
$value=$1 / 10;
print "0 $name dbm=$value Rx signal strength is: $value dbm\n";
}
}
close(IN);
}
If you encounter a problem with the bandwidth limit on aruba's access points the fritzbox might be the problem.
To solve the bandwdith limit not working properly you have to go to:
Fritz!Box >> home-network >> network >> remove (to remove all inactive devices)
For all active devices go to:
device >> pencil >> reset
This was tested with the firmware (fritzbox): 161.07.29 ##### Tested with ArubaOS version 10.11 on a CX 6100 switch in 2023, by mw
#!/usr/bin/perl
use strict;
use warnings;
use LWP::UserAgent;
use HTTP::Request;
use URI::Escape;
use Data::Dumper;
# ArubaOS-CX switch details
my $switch_ip = '192.168.2.99';
my $username = 'admin';
my $password = 'bla#bla';
# URL-encode the password
my $encoded_password = uri_escape($password);
# API endpoints
my $login_url = "https://$switch_ip/rest/v10.11/login?username=$username&password=$encoded_password";
my $system_url = "https://$switch_ip/rest/v10.11/system?attributes=hostname";
my $logout_url = "https://$switch_ip/rest/v10.11/logout";
# Create a user agent
my $ua = LWP::UserAgent->new;
$ua->ssl_opts(verify_hostname => 0, SSL_verify_mode => 0); # Disable SSL certificate verification
# Set the headers
my $headers = [
'accept' => 'application/json',
'x-use-csrf-token' => 'true',
];
# Perform login
my $login_request = HTTP::Request->new('POST', $login_url, $headers);
my $login_response = $ua->request($login_request);
#print Dumper $login_response;
# Check the login response status
if ($login_response->is_success) {
my $session_cookie = $login_response->header('Set-Cookie');
my $x_csrf_token = $login_response->header('x-csrf-token');
print "session_cookie=$session_cookie\n";
print "x_csrf_token = $x_csrf_token\n";
# Retrieve system information
my $system_request = HTTP::Request->new('GET', $system_url, $headers);
$system_request->header('Cookie' => $session_cookie, 'x-csrf-token' => $x_csrf_token, );
#$system_request->header('x-csrf-token' => $x_csrf_token, );
my $system_response = $ua->request($system_request);
# Check the system response status
if ($system_response->is_success) {
my $system_data = $system_response->decoded_content;
# Process the system data as needed
print "System Information:\n";
print $system_data;
print "\n";
} else {
print "Error retrieving system information: " . $system_response->status_line . "\n";
}
# Perform logout
my $logout_request = HTTP::Request->new('POST', $logout_url, $headers);
#$logout_request->header('Cookie' => $session_cookie);
$logout_request->header('Cookie' => $session_cookie, 'x-csrf-token' => $x_csrf_token, );
my $logout_response = $ua->request($logout_request);
# Check the logout response status
if ($logout_response->is_success) {
print "Logged out.\n";
} else {
print "Error logging out: " . $logout_response->status_line . "\n";
}
} else {
print "Error logging in: " . $login_response->status_line . "\n";
}
#!/bin/perl
######################################################################################
#
# checkArubaOScx.pl
#
# checkmk Individual program call instead of agent access
#
# script queries parameters from Aruba CX Switches and deliveres output for checkmk
# individual program call ...
#
# Monitores Health Parameters like
# - VsxKeepAliveOperState
# - VsxDeviceRole
# - VsxConfigSync
# - VsxIslOperSate
# - PowerSupply
# - Temperature
#
# - see also: https://www.circitor.fr/Mibs/Html/A/ARUBAWIRED-VSX-MIB.php#arubaWiredVsxKeepAliveOperState
#
# sample output:
# <<<check_mk>>>
# Version: pn-v2023-07-08
# <<<local>>>
# 0 arubaOScx-VsxKeepAliveStatus - OK: vsx KeepAliveOperState: inSyncEstablished.
# 0 arubaOScx-VsxDeviceRole - OK: vsx device role: secondary.
# 0 arubaOScx-VsxConfigSync - OK: vsx config sync: enabled.
# 0 arubaOScx-VsxIslOperState - OK: vsx isl operating state: inSync.
# 0 arubaOScx-PowerSupply-1/1 - OK: 1/1 power supply state is ok
# 0 arubaOScx-PowerSupply-1/2 - OK: 1/2 power supply state is ok
# 0 arubaOScx-Temp-1/1-1 temp=23 OK Temp=23, State=normal, TempMin=19.5, TempMax=34
# 0 arubaOScx-Temp-1/1-2 temp=22 OK Temp=22, State=normal, TempMin=18.5, TempMax=33
# 0 arubaOScx-Temp-1/1-3 temp=20.5 OK Temp=20.5, State=normal, TempMin=17, TempMax=31.5
#
# (c) s4c
#
######################################################################################
my $version= '2023-07-08';
use Data::Dumper;
use strict;
my $debug=0; #1=on
if ($ARGV[0] eq '' ){
print "Usage: checkArubaOScx.pl <hostname or ip-address> <snmp community> --vsx\n";
print " example checkArubaOScx.pl 192.168.2.1 public \n";
print " or\n";
print " example checkArubaOScx.pl 192.168.2.1 public --vsx\n";
print "\n";
exit(1);
}
my $argument_count = scalar @ARGV;
my $ip= $ARGV[0];
my $community = $ARGV[1];
my $vsxmode = 0;
if ($argument_count == 3){
$vsxmode = 1 if $ARGV[2] eq '--vsx';
print "vsxmode is on" if $debug;
}
my $debug=0; #1=on
my %foundHash={};
my $line='';
print "<<<check_mk>>>\n";
print "Version: pn-v$version\n";
print "<<<local>>>\n";
if ($vsxmode){
#arubaWiredVsxKeepAliveOperState
my %matrix=();
$matrix{1}='init';
$matrix{2}='configured';
$matrix{3}='inSyncEstablished';
$matrix{4}='outofSyncEstablished';
$matrix{5}='initEstablished';
$matrix{6}='failed';
$matrix{7}='stopped';
my $service="arubaOScx-VsxKeepAliveStatus";
my $value = getSNMPInt(".1.3.6.1.4.1.47196.4.1.1.3.7.2.2.1");
if (($value >= 1) && ($value <=2)){
print "1 $service - Warning: vsx KeepAliveOperState: $matrix{$value}.\n";
}elsif ($value==3){
print "0 $service - OK: vsx KeepAliveOperState: $matrix{$value}.\n";
}elsif (($value >= 4) && ($value <=7)){
print "1 $service - Warning: vsx KeepAliveOperState: $matrix{$value}.\n";
}else{
print "3 $service - Unknown value\n";
}
}
if ($vsxmode){
#arubaWiredVsxDeviceRole
my %matrix=();
$matrix{1}='primary';
$matrix{2}='secondary';
$matrix{3}='notConfigured';
my $service="arubaOScx-VsxDeviceRole";
my $value = getSNMPInt(".1.3.6.1.4.1.47196.4.1.1.3.7.1.4.1");
if (($value >= 1) && ($value <=3)){
print "0 $service - OK: vsx device role: $matrix{$value}.\n";
}else{
print "3 $service - Unknown value\n";
}
}
if ($vsxmode){
#arubaWiredVsxConfigSync
my %matrix=();
$matrix{1}='enabled';
$matrix{2}='disabled';
my $service="arubaOScx-VsxConfigSync";
my $value = getSNMPInt(".1.3.6.1.4.1.47196.4.1.1.3.7.1.4.2");
if (($value >= 1) && ($value <=2)){
print "0 $service - OK: vsx config sync: $matrix{$value}.\n";
}else{
print "3 $service - Unknown value\n";
}
}
if ($vsxmode){
#arubaWiredVsxIslOperState
my %matrix=();
$matrix{1}='init';
$matrix{2}='outSync';
$matrix{3}='inSync';
my $service="arubaOScx-VsxIslOperState";
my $value = getSNMPInt(".1.3.6.1.4.1.47196.4.1.1.3.7.2.1.1");
if ($value == 1){
print "1 $service - Warning: vsx isl operating state: $matrix{$value}.\n";
}elsif ($value==2){
print "2 $service - Critical: vsx isl operating state: $matrix{$value}.\n";
}elsif ($value==3){
print "0 $service - OK: vsx isl operating state: $matrix{$value}.\n";
}else{
print "3 $service - Unknown value\n";
}
}
#psu
#name: .1.3.6.1.4.1.47196.4.1.1.3.11.2.1.1.3
#state: .1.3.6.1.4.1.47196.4.1.1.3.11.2.1.1.4
#$debug=1;
#psu 1) get names
my $service="arubaOScx-PowerSupply";
my %psuname=();
my $i=0;
open(IN,"snmpwalk -v 2c -c $community $ip .1.3.6.1.4.1.47196.4.1.1.3.11.2.1.1.3 2>/dev/null |");
while(<IN>){
$line = $_;
chomp($line);
$i++;
print "[$i] $line\n" if $debug;
if ($line =~ /STRING: \"(.*)\"$/){
$psuname{$i}=$1;
}
}
close(IN);
print Dumper(\%psuname) if $debug;
#psu 1) get state
my $i=0;
my $psustate='';
open(IN,"snmpwalk -v 2c -c $community $ip .1.3.6.1.4.1.47196.4.1.1.3.11.2.1.1.4 2>/dev/null |");
while(<IN>){
$line = $_;
chomp($line);
$i++;
print "[$i] $line\n" if $debug;
if ($line =~ /STRING: \"(.*)\"$/){
$psustate=$1;
if ($psustate =~ /ok/i){
print "0 $service-$psuname{$i} - OK: $psuname{$i} power supply state is ok\n";
}else{
print "1 $service-$psuname{$i} - Warning: $psuname{$i} power supply state is warning!\n";
}
}
}
close(IN);
#ARUBAWIRED-TEMPSENSOR-MIB get temperature
#we have something like that:
#1] .1.3.6.1.4.1.47196.4.1.1.3.11.3.1.1.5.1.3.1.1 = STRING: "1/1-1"
#[2] .1.3.6.1.4.1.47196.4.1.1.3.11.3.1.1.5.1.3.1.2 = STRING: "1/1-2"
#[3] .1.3.6.1.4.1.47196.4.1.1.3.11.3.1.1.5.1.3.1.3 = STRING: "1/1-3"
#[4] .1.3.6.1.4.1.47196.4.1.1.3.11.3.1.1.6.1.3.1.1 = STRING: "normal"
#[5] .1.3.6.1.4.1.47196.4.1.1.3.11.3.1.1.6.1.3.1.2 = STRING: "normal"
#[6] .1.3.6.1.4.1.47196.4.1.1.3.11.3.1.1.6.1.3.1.3 = STRING: "normal"
#[7] .1.3.6.1.4.1.47196.4.1.1.3.11.3.1.1.7.1.3.1.1 = INTEGER: 27000
#[8] .1.3.6.1.4.1.47196.4.1.1.3.11.3.1.1.7.1.3.1.2 = INTEGER: 26500
#[9] .1.3.6.1.4.1.47196.4.1.1.3.11.3.1.1.7.1.3.1.3 = INTEGER: 25500
#[10] .1.3.6.1.4.1.47196.4.1.1.3.11.3.1.1.8.1.3.1.1 = INTEGER: 19500
#[11] .1.3.6.1.4.1.47196.4.1.1.3.11.3.1.1.8.1.3.1.2 = INTEGER: 18500
#[12] .1.3.6.1.4.1.47196.4.1.1.3.11.3.1.1.8.1.3.1.3 = INTEGER: 17000
#[13] .1.3.6.1.4.1.47196.4.1.1.3.11.3.1.1.9.1.3.1.1 = INTEGER: 34000
#[14] .1.3.6.1.4.1.47196.4.1.1.3.11.3.1.1.9.1.3.1.2 = INTEGER: 33000
#[15] .1.3.6.1.4.1.47196.4.1.1.3.11.3.1.1.9.1.3.1.3 = INTEGER: 31500
my $service="arubaOScx-Temp";
my $i=0;
$debug=0;
my $tempname; #5.1.3.1.1
my $tempstate; #6.1.3.1.1
my $temp; #7.1.3.1.1
my $tempmin; #8.1.3.1.1
my $tempmax; #9.1.3.1.1
my %tempHash;
my $numOfTemp=0;
open(IN,"snmpwalk -v 2c -On -c $community $ip .1.3.6.1.4.1.47196.4.1.1.3.11.3.1.1 2>/dev/null |");
while(<IN>){
$line = $_;
chomp($line);
$i++;
print "[$i] $line\n" if $debug;
#grep the oid before the string
if ($line =~ /(\d\.\d\.\d\.\d\.\d*) = STRING: \"(.*)\"$/){
print "val1=$1, val2=$2\n" if $debug;
$tempHash{$1}=$2;
$numOfTemp++ if ($1 =~ /^5\.1\.3\.1\./);
}
if ($line =~ /(\d\.\d\.\d\.\d\.\d*) = INTEGER: (.*)$/){
print "val1=$1, val2=$2\n" if $debug;
$tempHash{$1}=$2/1000;
}
}
close(IN);
print "i=$i / number of Temp=$numOfTemp.\n" if $debug;
print Dumper(\%tempHash) if $debug;
for (my $i=1;$i<=$numOfTemp;$i++){
$tempname=$tempHash{"5.1.3.1.$i"};
$tempstate=$tempHash{"6.1.3.1.$i"};
$temp=$tempHash{"7.1.3.1.$i"};
$tempmin=$tempHash{"8.1.3.1.$i"};
$tempmax=$tempHash{"9.1.3.1.$i"};
if ($tempstate =~ /^normal$/i){
print "0 $service-$tempname temp=$temp OK Temp=$temp, State=$tempstate, TempMin=$tempmin, TempMax=$tempmax\n";
}else{
print "1 $service-$tempname temp=$temp Warning Temp=$temp, State=$tempstate, TempMin=$tempmin, TempMax=$tempmax\n";
}
}
###########################
#other sub routines
###########################
sub getSNMPStr($){
my $mib=$_[0];
my $found="not found";
open(IN,"snmpwalk -v 2c -c $community $ip $mib 2>/dev/null |");
while(<IN>){
$line = $_;
chomp($line);
#print "$line\n" if $debug;
if ($line =~ /STRING: \"(.*)\"$/){
$found=$1;
#print "found=$found!!\n";
}
}
close(IN);
return $found;
}
sub getSNMPInt($){
my $mib=$_[0];
my $found="not found";
open(IN,"snmpwalk -v 2c -c $community $ip $mib 2>/dev/null |");
while(<IN>){
$line = $_;
chomp($line);
print "$line\n" if $debug;
if ($line =~ /INTEGER: (.*)$/){
$found=$1;
#print "found=$found!!\n";
}
}
close(IN);
return $found;
} start with:
=for comment
end with:
=cut
---------
sample
---------
$i=1;
$j=2;
=for comment
my $k=4;
while(true){
print "test\n";
}
=cut Cloud provider mail - security audit -> issues: Portmapper service is running > how to protect port 111 udp / tcp on a linux system?
>> Portmapper servers
Portmapper is a service usually used with NFS. When this is not properly firewalled, it can be abused to conduct DDOS attacks. We recommend that all portmapper services be behind a firewall, and restricted to only IPs that need to contact them.
For Linux machines, please add firewall rules to block port 111 on both UDP and TCP:
iptables -I INPUT 1 -m tcp -p tcp --dport 111 -j DROP
iptables -I INPUT 1 -m udp -p udp --dport 111 -j DROP
-------------------------------------------------------------------
How to enable persistant blocking on Debian 10?
=====================================
To add a firewall rule in Debian 10 that persists after a system reboot, you can use the iptables-persistent package. Here's how to do it:
First, make sure you have the iptables-persistent package installed. If not, you can install it using the following command:
sudo apt-get update
sudo apt-get install iptables-persistent
After installation, you can add your firewall rules using the iptables command as you did in your example:
sudo iptables -I INPUT 1 -m tcp -p tcp --dport 111 -j DROP
sudo iptables -I INPUT 1 -m udp -p udp --dport 111 -j DROP
Once you've added your rules and tested them to make sure they're working as expected, you can save them to be persistent across reboots using the iptables-save command:
sudo iptables-save > /etc/iptables/rules.v4
This command saves the current iptables rules to the specified file (/etc/iptables/rules.v4 in this case).
>> you can check the saved file, if there are the rules that you expected, my files look like:
rules.v4:
-----------
cat /etc/iptables/rules.v4
# Generated by xtables-save v1.8.2 on Mon Mar 4 11:41:03 2024
*filter
:INPUT ACCEPT [423811499:394356840419]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [465873471:475296529519]
-A INPUT -p udp -m udp --dport 111 -j DROP
-A INPUT -p tcp -m tcp --dport 111 -j DROP
COMMIT
# Completed on Mon Mar 4 11:41:03 2024
After saving the rules, you can ensure that they are loaded at boot time by enabling the netfilter-persistent service:
sudo systemctl enable netfilter-persistent
>>> now you can reboot your server and the rules from rules.v4 file should be loaded
#scriptname
/root/bin/allowHostsForSomeServices.pl
#!/usr/bin/perl
##########################################################
#
# set firewall rules, for specific ip addresses
#
# run via root cron:
# #update dns
# */5 6-21 * * * /root/bin/allowHostsForSomeServices.pl updateDNS >>/var/log/allowHostsForSomeServices.log
# 58 23 * * * /root/bin/allowHostsForSomeServices.pl >/dev/null
# 59 23 * * * gzip -f /var/log/allowHostsForSomeServices.log >/dev/null
#
#
##########################################################
use strict;
use Socket;
my $param = $ARGV[0];
my $mode=0; # 0 = default
# 1 = update only modus
my @host = ("computer2know.de","sys4com.de" );
my $ipt= '/sbin/iptables';
#get actual rules
my %actualIPHash={};
open(IN,"$ipt -L -n \|awk \{\'print \$4\'\} \|sort -u |");
while(<IN>){
my $line = $_;
chomp($line);
#print "$line.\n";
$actualIPHash{$line}=1;
}
close(IN);
if ($param eq "updateDNS"){
print "mode set to 1";
$mode=1;
}
if ($mode == 0){
print "Flush ipTables Rules\n";
system ("$ipt -F");
}
#check if addresses already exist
my $notexist=0;
if ($mode == 1){
foreach my $hostname (@host){
print "now checking hostname $hostname: ";
if (inet_aton($hostname)){
my $address = inet_ntoa(inet_aton($hostname));
print ("address of hostname ($hostname) is: $address\n");
if (exists $actualIPHash{$address}){
print "IP: $address already exists in FW rule.\n";
}else{
print "IP: $address does not exist in FW rule.\n";
$notexist++;
}
}else{
print "skipping hostname $hostname - since there is no ip for the name!\n";
}
}
}
my $i=0;
foreach my $hostname (@host){
if (! inet_aton($hostname)){
print "skipping hostname $hostname - since there is no ip for the name!\n";
next;
}
my $address = inet_ntoa(inet_aton($hostname));
if ($mode == 1){
if ($notexist > 0){
print "Allow checkmk from source IP $address ($hostname) - update only\n";
$i++; system ("$ipt -D INPUT $i; $ipt -I INPUT $i -p tcp --dport 6556 -s $address -j ACCEPT");
}
}else{
print "Allow checkmk from source IP $address ($hostname)\n";
system ("$ipt -A INPUT -p tcp --dport 6556 -s $address -j ACCEPT");
}
}
system("$ipt -L -n");
exit if $mode == 1;
#allow
#system ("$ipt -A INPUT -p tcp --dport 22 -j ACCEPT");
print "block all others\n";
# Deny all other DNS requests
system("$ipt -A INPUT -p tcp --dport 6556 -j LOG -m limit --limit 12/min --log-level 4 --log-prefix \'IP 6556 INPUT drop: \'");
system("$ipt -A INPUT -p tcp --dport 6556 -j DROP");
how to monitor > use snmp > you need to enable snmp:
The SNMP configuration on Netscaler can restrict SNMP access to specific operations, such as GET (snmpget) and GET NEXT (snmpwalk). For Checkmk to function properly, both snmpget and snmpwalk capabilities are necessary. To ensure compatibility, the Netscaler SNMP configuration must be set to ALL. Therefore, it is advisable to verify that this setting is correctly configured in the Netscaler.
see also:
https://forum.checkmk.com/t/how-to-monitor-a-citrix-adc-netscaler/20440/11 computer2know :: thank you for your visit :: have a nice day :: © 2025