From f544b5d5fa6d7ad941332bbc787fc97e78a658b6 Mon Sep 17 00:00:00 2001 From: varac Date: Fri, 7 Feb 2014 15:41:09 +0100 Subject: added custom $datasource_programs check_mk variable to call the agent via ssh --- puppet/modules/site_check_mk/files/use_ssh.mk | 5 +++++ 1 file changed, 5 insertions(+) create mode 100644 puppet/modules/site_check_mk/files/use_ssh.mk (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/use_ssh.mk b/puppet/modules/site_check_mk/files/use_ssh.mk new file mode 100644 index 00000000..dbdcd4b5 --- /dev/null +++ b/puppet/modules/site_check_mk/files/use_ssh.mk @@ -0,0 +1,5 @@ +# http://mathias-kettner.de/checkmk_datasource_programs.html +datasource_programs = [ + ( "ssh -l root -i /etc/check_mk/.ssh/id_rsa check_mk_agent", ALL_HOSTS ), +] + -- cgit v1.2.3 From 27cd293b4ed3f3632044e914375a45a5345e8cee Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 11 Feb 2014 14:00:45 +0100 Subject: use instead of , because we cannot use public ips in DC --- puppet/modules/site_check_mk/files/use_ssh.mk | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/use_ssh.mk b/puppet/modules/site_check_mk/files/use_ssh.mk index dbdcd4b5..a10e67a3 100644 --- a/puppet/modules/site_check_mk/files/use_ssh.mk +++ b/puppet/modules/site_check_mk/files/use_ssh.mk @@ -1,5 +1,5 @@ # http://mathias-kettner.de/checkmk_datasource_programs.html datasource_programs = [ - ( "ssh -l root -i /etc/check_mk/.ssh/id_rsa check_mk_agent", ALL_HOSTS ), + ( "ssh -l root -i /etc/check_mk/.ssh/id_rsa check_mk_agent", ALL_HOSTS ), ] -- cgit v1.2.3 From 9a13819dbe7c8e8a51f802356e6fbebe32a7a11f Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 11 Feb 2014 17:39:12 +0100 Subject: use use_ssh.mk as template, include ssh port --- puppet/modules/site_check_mk/files/use_ssh.mk | 5 ----- puppet/modules/site_check_mk/templates/use_ssh.mk | 5 +++++ 2 files changed, 5 insertions(+), 5 deletions(-) delete mode 100644 puppet/modules/site_check_mk/files/use_ssh.mk create mode 100644 puppet/modules/site_check_mk/templates/use_ssh.mk (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/use_ssh.mk b/puppet/modules/site_check_mk/files/use_ssh.mk deleted file mode 100644 index a10e67a3..00000000 --- a/puppet/modules/site_check_mk/files/use_ssh.mk +++ /dev/null @@ -1,5 +0,0 @@ -# http://mathias-kettner.de/checkmk_datasource_programs.html -datasource_programs = [ - ( "ssh -l root -i /etc/check_mk/.ssh/id_rsa check_mk_agent", ALL_HOSTS ), -] - diff --git a/puppet/modules/site_check_mk/templates/use_ssh.mk b/puppet/modules/site_check_mk/templates/use_ssh.mk new file mode 100644 index 00000000..4c5523db --- /dev/null +++ b/puppet/modules/site_check_mk/templates/use_ssh.mk @@ -0,0 +1,5 @@ +# http://mathias-kettner.de/checkmk_datasource_programs.html +datasource_programs = [ + ( "ssh -l root -i /etc/check_mk/.ssh/id_rsa -p <%= @ssh_port %> check_mk_agent", ALL_HOSTS ), +] + -- cgit v1.2.3 From efc3e3eaa0788271cf61155d7e9be4d46e6e9d47 Mon Sep 17 00:00:00 2001 From: varac Date: Wed, 12 Feb 2014 16:26:59 +0100 Subject: moved check_mk server and client class to site_check_mk module --- puppet/modules/site_check_mk/manifests/client.pp | 24 ++++++++++++ puppet/modules/site_check_mk/manifests/server.pp | 48 ++++++++++++++++++++++++ 2 files changed, 72 insertions(+) create mode 100644 puppet/modules/site_check_mk/manifests/client.pp create mode 100644 puppet/modules/site_check_mk/manifests/server.pp (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/manifests/client.pp b/puppet/modules/site_check_mk/manifests/client.pp new file mode 100644 index 00000000..ae269168 --- /dev/null +++ b/puppet/modules/site_check_mk/manifests/client.pp @@ -0,0 +1,24 @@ +class site_check_mk::client { + + $ssh_hash = hiera('ssh') + $pubkey = $ssh_hash['authorized_keys']['monitor']['key'] + $type = $ssh_hash['authorized_keys']['monitor']['type'] + + include site_apt::preferences::check_mk + + class { 'check_mk::agent': + agent_package_name => 'check-mk-agent', + agent_logwatch_package_name => 'check-mk-agent-logwatch', + method => 'ssh', + homedir => '/etc/nagios/check_mk', + register_agent => false + } + + file { '/root/.ssh/authorized_keys2': + owner => 'root', + group => 'root', + mode => '0600', + content => "command=\"/usr/bin/check_mk_agent\",no-port-forwarding,no-x11-forwarding,no-agent-forwarding,no-pty,no-user-rc, ${type} ${pubkey} monitor" + } + +} diff --git a/puppet/modules/site_check_mk/manifests/server.pp b/puppet/modules/site_check_mk/manifests/server.pp new file mode 100644 index 00000000..625fc688 --- /dev/null +++ b/puppet/modules/site_check_mk/manifests/server.pp @@ -0,0 +1,48 @@ +class site_check_mk::server { + + $ssh_hash = hiera('ssh') + $pubkey = $ssh_hash['authorized_keys']['monitor']['key'] + $type = $ssh_hash['authorized_keys']['monitor']['type'] + $seckey = $ssh_hash['monitor']['private_key'] + $ssh_port = $ssh_hash['port'] + + $nagios_hiera = hiera_hash('nagios') + $hosts = $nagios_hiera['hosts'] + $all_hosts = inline_template("<% @hosts.keys.sort.each do |key| -%>\"<%= key %>\", <% end -%>") + + package { 'check-mk-server': + ensure => installed, + } + + # override paths to use the system check_mk rather than OMD + class { 'check_mk::config': + site => '', + etc_dir => '/etc', + nagios_subdir => 'nagios3', + bin_dir => '/usr/bin', + host_groups => undef, + require => Package['check-mk-server'] + } + + Exec['check_mk-reload'] -> Service['nagios'] + + file { + '/etc/check_mk/conf.d/use_ssh.mk': + content => template('site_check_mk/use_ssh.mk'), + notify => Exec['check_mk-refresh']; + '/etc/check_mk/all_hosts_static': + content => $all_hosts, + notify => Exec['check_mk-refresh']; + '/etc/check_mk/.ssh': + ensure => directory; + '/etc/check_mk/.ssh/id_rsa': + content => $seckey, + owner => 'nagios', + mode => '0600'; + '/etc/check_mk/.ssh/id_rsa.pub': + content => "${type} ${pubkey} monitor", + owner => 'nagios', + mode => '0644'; + } + include check_mk::agent::local_checks +} -- cgit v1.2.3 From 060124b047ac44f9f54573a389fea6c5b6ab18ea Mon Sep 17 00:00:00 2001 From: varac Date: Wed, 12 Feb 2014 18:14:19 +0100 Subject: renamed site_check_mk::client to site_check_mk::agent --- puppet/modules/site_check_mk/manifests/agent.pp | 24 ++++++++++++++++++++++++ puppet/modules/site_check_mk/manifests/client.pp | 24 ------------------------ 2 files changed, 24 insertions(+), 24 deletions(-) create mode 100644 puppet/modules/site_check_mk/manifests/agent.pp delete mode 100644 puppet/modules/site_check_mk/manifests/client.pp (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/manifests/agent.pp b/puppet/modules/site_check_mk/manifests/agent.pp new file mode 100644 index 00000000..bb0cb167 --- /dev/null +++ b/puppet/modules/site_check_mk/manifests/agent.pp @@ -0,0 +1,24 @@ +class site_check_mk::agent { + + $ssh_hash = hiera('ssh') + $pubkey = $ssh_hash['authorized_keys']['monitor']['key'] + $type = $ssh_hash['authorized_keys']['monitor']['type'] + + include site_apt::preferences::check_mk + + class { 'check_mk::agent': + agent_package_name => 'check-mk-agent', + agent_logwatch_package_name => 'check-mk-agent-logwatch', + method => 'ssh', + homedir => '/etc/nagios/check_mk', + register_agent => false + } + + file { '/root/.ssh/authorized_keys2': + owner => 'root', + group => 'root', + mode => '0600', + content => "command=\"/usr/bin/check_mk_agent\",no-port-forwarding,no-x11-forwarding,no-agent-forwarding,no-pty,no-user-rc, ${type} ${pubkey} monitor" + } + +} diff --git a/puppet/modules/site_check_mk/manifests/client.pp b/puppet/modules/site_check_mk/manifests/client.pp deleted file mode 100644 index ae269168..00000000 --- a/puppet/modules/site_check_mk/manifests/client.pp +++ /dev/null @@ -1,24 +0,0 @@ -class site_check_mk::client { - - $ssh_hash = hiera('ssh') - $pubkey = $ssh_hash['authorized_keys']['monitor']['key'] - $type = $ssh_hash['authorized_keys']['monitor']['type'] - - include site_apt::preferences::check_mk - - class { 'check_mk::agent': - agent_package_name => 'check-mk-agent', - agent_logwatch_package_name => 'check-mk-agent-logwatch', - method => 'ssh', - homedir => '/etc/nagios/check_mk', - register_agent => false - } - - file { '/root/.ssh/authorized_keys2': - owner => 'root', - group => 'root', - mode => '0600', - content => "command=\"/usr/bin/check_mk_agent\",no-port-forwarding,no-x11-forwarding,no-agent-forwarding,no-pty,no-user-rc, ${type} ${pubkey} monitor" - } - -} -- cgit v1.2.3 From 1c8c4f6f3b68ba1da13e6b6374c6c55fe8214789 Mon Sep 17 00:00:00 2001 From: varac Date: Wed, 12 Feb 2014 18:45:17 +0100 Subject: execute nagios plugins locally with mrpe --- puppet/modules/site_check_mk/manifests/agent.pp | 1 + puppet/modules/site_check_mk/manifests/agent/mrpe.pp | 17 +++++++++++++++++ 2 files changed, 18 insertions(+) create mode 100644 puppet/modules/site_check_mk/manifests/agent/mrpe.pp (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/manifests/agent.pp b/puppet/modules/site_check_mk/manifests/agent.pp index bb0cb167..ac5a7ebd 100644 --- a/puppet/modules/site_check_mk/manifests/agent.pp +++ b/puppet/modules/site_check_mk/manifests/agent.pp @@ -21,4 +21,5 @@ class site_check_mk::agent { content => "command=\"/usr/bin/check_mk_agent\",no-port-forwarding,no-x11-forwarding,no-agent-forwarding,no-pty,no-user-rc, ${type} ${pubkey} monitor" } + include site_check_mk::agent::mrpe } diff --git a/puppet/modules/site_check_mk/manifests/agent/mrpe.pp b/puppet/modules/site_check_mk/manifests/agent/mrpe.pp new file mode 100644 index 00000000..37df7f74 --- /dev/null +++ b/puppet/modules/site_check_mk/manifests/agent/mrpe.pp @@ -0,0 +1,17 @@ +class site_check_mk::agent::mrpe { + # check_mk can use standard nagios plugins using + # a wrapper called mrpe + # see http://mathias-kettner.de/checkmk_mrpe.html + + package { 'nagios-plugins-basic': + ensure => latest, + } + + file { '/etc/check_mk/mrpe.cfg': + ensure => present + } -> + file_line { 'Apt': + line => 'APT /usr/lib/nagios/plugins/check_apt', + path => '/etc/check_mk/mrpe.cfg', + } +} -- cgit v1.2.3 From 12cea40d5dffe5aa6e269c05773ed49d9f00a9ea Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 13 Feb 2014 00:10:09 +0100 Subject: added site_check_mk::agent::couchdb and site_check_mk::agent::soledad for local checks --- puppet/modules/site_check_mk/manifests/agent/couchdb.pp | 17 +++++++++++++++++ puppet/modules/site_check_mk/manifests/agent/soledad.pp | 10 ++++++++++ 2 files changed, 27 insertions(+) create mode 100644 puppet/modules/site_check_mk/manifests/agent/couchdb.pp create mode 100644 puppet/modules/site_check_mk/manifests/agent/soledad.pp (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/manifests/agent/couchdb.pp b/puppet/modules/site_check_mk/manifests/agent/couchdb.pp new file mode 100644 index 00000000..5b50e5a9 --- /dev/null +++ b/puppet/modules/site_check_mk/manifests/agent/couchdb.pp @@ -0,0 +1,17 @@ +class site_check_mk::agent::couchdb { + + # local custom checks + file { '/usr/lib/check_mk_agent/local/check_bigcouch_errors.sh': + ensure => link, + target => '/srv/leap/couchdb/scripts/tests/check_bigcouch_errors.sh', + require => Vcsrepo['/srv/leap/couchdb/scripts'] + } + + # local nagios plugin checks via mrpe + file_line { + 'Tapicero_Procs': + line => 'Tapicero_Procs /usr/lib/nagios/plugins/check_procs -w 1:1 -c 1:1 -a tapicero', + path => '/etc/check_mk/mrpe.cfg'; + } + +} diff --git a/puppet/modules/site_check_mk/manifests/agent/soledad.pp b/puppet/modules/site_check_mk/manifests/agent/soledad.pp new file mode 100644 index 00000000..d75ae732 --- /dev/null +++ b/puppet/modules/site_check_mk/manifests/agent/soledad.pp @@ -0,0 +1,10 @@ +class site_check_mk::agent::soledad { + + # local nagios plugin checks via mrpe + file_line { + 'Soledad_Procs': + line => 'Soledad_Procs /usr/lib/nagios/plugins/check_procs -w 1:1 -c 1:1 -a soledad', + path => '/etc/check_mk/mrpe.cfg'; + } + +} -- cgit v1.2.3 From d0eea33d88a6ffcbe01544678372d80e8c8de51f Mon Sep 17 00:00:00 2001 From: varac Date: Fri, 14 Feb 2014 17:38:02 +0100 Subject: Include check_mk monitor pubkey in /root/.ssh/authorized_keys instead of creating a /root/.ssh/authorized_keys2 see https://review.leap.se/r/148/#comment153 --- puppet/modules/site_check_mk/manifests/agent.pp | 7 ------- 1 file changed, 7 deletions(-) (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/manifests/agent.pp b/puppet/modules/site_check_mk/manifests/agent.pp index ac5a7ebd..75188c7b 100644 --- a/puppet/modules/site_check_mk/manifests/agent.pp +++ b/puppet/modules/site_check_mk/manifests/agent.pp @@ -14,12 +14,5 @@ class site_check_mk::agent { register_agent => false } - file { '/root/.ssh/authorized_keys2': - owner => 'root', - group => 'root', - mode => '0600', - content => "command=\"/usr/bin/check_mk_agent\",no-port-forwarding,no-x11-forwarding,no-agent-forwarding,no-pty,no-user-rc, ${type} ${pubkey} monitor" - } - include site_check_mk::agent::mrpe } -- cgit v1.2.3 From 2436fddb4a63075f74f295bacd23128c766beb4c Mon Sep 17 00:00:00 2001 From: varac Date: Mon, 17 Feb 2014 13:50:42 +0100 Subject: Remove adding of hosts from site_nagios::server (Feature #5132) because now, check_mk will add the hosts --- puppet/modules/site_check_mk/manifests/server.pp | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/manifests/server.pp b/puppet/modules/site_check_mk/manifests/server.pp index 625fc688..e77862e5 100644 --- a/puppet/modules/site_check_mk/manifests/server.pp +++ b/puppet/modules/site_check_mk/manifests/server.pp @@ -8,7 +8,7 @@ class site_check_mk::server { $nagios_hiera = hiera_hash('nagios') $hosts = $nagios_hiera['hosts'] - $all_hosts = inline_template("<% @hosts.keys.sort.each do |key| -%>\"<%= key %>\", <% end -%>") + $all_hosts = inline_template ('<% @hosts.keys.sort.each do |key| -%>"<%= @hosts[key]["domain_internal"] %>", <% end -%>') package { 'check-mk-server': ensure => installed, -- cgit v1.2.3 From 91bee3e81439cca0536856094edc7ceee7da60ff Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 13 Feb 2014 08:32:14 +0100 Subject: set up logwatch.d directory, added for soledad logwatch config --- puppet/modules/site_check_mk/files/agent/logwatch/soledad.cfg | 4 ++++ puppet/modules/site_check_mk/manifests/agent/soledad.pp | 4 ++++ 2 files changed, 8 insertions(+) create mode 100644 puppet/modules/site_check_mk/files/agent/logwatch/soledad.cfg (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/soledad.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/soledad.cfg new file mode 100644 index 00000000..54b782d3 --- /dev/null +++ b/puppet/modules/site_check_mk/files/agent/logwatch/soledad.cfg @@ -0,0 +1,4 @@ +/var/log/soledad.log + C WSGI application error + C error + diff --git a/puppet/modules/site_check_mk/manifests/agent/soledad.pp b/puppet/modules/site_check_mk/manifests/agent/soledad.pp index d75ae732..cbae81fe 100644 --- a/puppet/modules/site_check_mk/manifests/agent/soledad.pp +++ b/puppet/modules/site_check_mk/manifests/agent/soledad.pp @@ -1,5 +1,9 @@ class site_check_mk::agent::soledad { + file { '/etc/check_mk/logwatch.d/soledad.cfg': + source => 'puppet:///modules/site_check_mk/agent/logwatch/soledad.cfg', + } + # local nagios plugin checks via mrpe file_line { 'Soledad_Procs': -- cgit v1.2.3 From 6007c2e5b8556460471d4cae9206a950dd184fec Mon Sep 17 00:00:00 2001 From: varac Date: Wed, 19 Feb 2014 15:14:04 +0100 Subject: added mk_logwatch.1.2.4 (#5135) --- .../files/agent/plugins/mk_logwatch.1.2.4 | 374 +++++++++++++++++++++ puppet/modules/site_check_mk/manifests/agent.pp | 1 + .../site_check_mk/manifests/agent/logwatch.pp | 11 + 3 files changed, 386 insertions(+) create mode 100755 puppet/modules/site_check_mk/files/agent/plugins/mk_logwatch.1.2.4 create mode 100644 puppet/modules/site_check_mk/manifests/agent/logwatch.pp (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/agent/plugins/mk_logwatch.1.2.4 b/puppet/modules/site_check_mk/files/agent/plugins/mk_logwatch.1.2.4 new file mode 100755 index 00000000..3dbca322 --- /dev/null +++ b/puppet/modules/site_check_mk/files/agent/plugins/mk_logwatch.1.2.4 @@ -0,0 +1,374 @@ +#!/usr/bin/python +# -*- encoding: utf-8; py-indent-offset: 4 -*- +# +------------------------------------------------------------------+ +# | ____ _ _ __ __ _ __ | +# | / ___| |__ ___ ___| | __ | \/ | |/ / | +# | | | | '_ \ / _ \/ __| |/ / | |\/| | ' / | +# | | |___| | | | __/ (__| < | | | | . \ | +# | \____|_| |_|\___|\___|_|\_\___|_| |_|_|\_\ | +# | | +# | Copyright Mathias Kettner 2010 mk@mathias-kettner.de | +# +------------------------------------------------------------------+ +# +# This file is part of Check_MK. +# The official homepage is at http://mathias-kettner.de/check_mk. +# +# check_mk is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by +# the Free Software Foundation in version 2. check_mk is distributed +# in the hope that it will be useful, but WITHOUT ANY WARRANTY; with- +# out even the implied warranty of MERCHANTABILITY or FITNESS FOR A +# PARTICULAR PURPOSE. See the GNU General Public License for more de- +# ails. You should have received a copy of the GNU General Public +# License along with GNU Make; see the file COPYING. If not, write +# to the Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, +# Boston, MA 02110-1301 USA. + +# Call with -d for debug mode: colored output, no saving of status + +import sys, os, re, time +import glob + +if '-d' in sys.argv[1:] or '--debug' in sys.argv[1:]: + tty_red = '\033[1;31m' + tty_green = '\033[1;32m' + tty_yellow = '\033[1;33m' + tty_blue = '\033[1;34m' + tty_normal = '\033[0m' + debug = True +else: + tty_red = '' + tty_green = '' + tty_yellow = '' + tty_blue = '' + tty_normal = '' + debug = False + +# The configuration file and status file are searched +# in the directory named by the environment variable +# LOGWATCH_DIR. If that is not set, MK_CONFDIR is used. +# If that is not set either, the current directory ist +# used. +logwatch_dir = os.getenv("LOGWATCH_DIR") +if not logwatch_dir: + logwatch_dir = os.getenv("MK_CONFDIR") + if not logwatch_dir: + logwatch_dir = "." + +print "<<>>" + +config_filename = logwatch_dir + "/logwatch.cfg" +status_filename = logwatch_dir + "/logwatch.state" +config_dir = logwatch_dir + "/logwatch.d/*.cfg" + +def is_not_comment(line): + if line.lstrip().startswith('#') or \ + line.strip() == '': + return False + return True + +def parse_filenames(line): + return line.split() + +def parse_pattern(level, pattern): + if level not in [ 'C', 'W', 'I', 'O' ]: + raise(Exception("Invalid pattern line '%s'" % line)) + try: + compiled = re.compile(pattern) + except: + raise(Exception("Invalid regular expression in line '%s'" % line)) + return (level, compiled) + +def read_config(): + config_lines = [ line.rstrip() for line in filter(is_not_comment, file(config_filename).readlines()) ] + # Add config from a logwatch.d folder + for config_file in glob.glob(config_dir): + config_lines += [ line.rstrip() for line in filter(is_not_comment, file(config_file).readlines()) ] + + have_filenames = False + config = [] + + for line in config_lines: + rewrite = False + if line[0].isspace(): # pattern line + if not have_filenames: + raise Exception("Missing logfile names") + level, pattern = line.split(None, 1) + if level == 'A': + cont_list.append(parse_cont_pattern(pattern)) + elif level == 'R': + rewrite_list.append(pattern) + else: + level, compiled = parse_pattern(level, pattern) + cont_list = [] # List of continuation patterns + rewrite_list = [] # List of rewrite patterns + patterns.append((level, compiled, cont_list, rewrite_list)) + else: # filename line + patterns = [] + config.append((parse_filenames(line), patterns)) + have_filenames = True + return config + +def parse_cont_pattern(pattern): + try: + return int(pattern) + except: + try: + return re.compile(pattern) + except: + if debug: + raise + raise Exception("Invalid regular expression in line '%s'" % pattern) + +# structure of statusfile +# # LOGFILE OFFSET INODE +# /var/log/messages|7767698|32455445 +# /var/test/x12134.log|12345|32444355 +def read_status(): + if debug: + return {} + + status = {} + for line in file(status_filename): + # TODO: Remove variants with spaces. rsplit is + # not portable. split fails if logfilename contains + # spaces + inode = -1 + try: + parts = line.split('|') + filename = parts[0] + offset = parts[1] + if len(parts) >= 3: + inode = parts[2] + + except: + try: + filename, offset = line.rsplit(None, 1) + except: + filename, offset = line.split(None, 1) + status[filename] = int(offset), int(inode) + return status + +def save_status(status): + f = file(status_filename, "w") + for filename, (offset, inode) in status.items(): + f.write("%s|%d|%d\n" % (filename, offset, inode)) + +pushed_back_line = None +def next_line(f): + global pushed_back_line + if pushed_back_line != None: + line = pushed_back_line + pushed_back_line = None + return line + else: + try: + line = f.next() + return line + except: + return None + + +def process_logfile(logfile, patterns): + global pushed_back_line + + # Look at which file offset we have finished scanning + # the logfile last time. If we have never seen this file + # before, we set the offset to -1 + offset, prev_inode = status.get(logfile, (-1, -1)) + try: + fl = os.open(logfile, os.O_RDONLY) + inode = os.fstat(fl)[1] # 1 = st_ino + except: + if debug: + raise + print "[[[%s:cannotopen]]]" % logfile + return + + print "[[[%s]]]" % logfile + + # Seek to the current end in order to determine file size + current_end = os.lseek(fl, 0, 2) # os.SEEK_END not available in Python 2.4 + status[logfile] = current_end, inode + + # If we have never seen this file before, we just set the + # current pointer to the file end. We do not want to make + # a fuss about ancient log messages... + if offset == -1: + if not debug: + return + else: + offset = 0 + + + # If the inode of the logfile has changed it has appearently + # been started from new (logfile rotation). At least we must + # assume that. In some rare cases (restore of a backup, etc) + # we are wrong and resend old log messages + if prev_inode >= 0 and inode != prev_inode: + offset = 0 + + # Our previously stored offset is the current end -> + # no new lines in this file + if offset == current_end: + return # nothing new + + # If our offset is beyond the current end, the logfile has been + # truncated or wrapped while keeping the same inode. We assume + # that it contains all new data in that case and restart from + # offset 0. + if offset > current_end: + offset = 0 + + # now seek to offset where interesting data begins + os.lseek(fl, offset, 0) # os.SEEK_SET not available in Python 2.4 + f = os.fdopen(fl) + worst = -1 + outputtxt = "" + lines_parsed = 0 + start_time = time.time() + + while True: + line = next_line(f) + if line == None: + break # End of file + + lines_parsed += 1 + # Check if maximum number of new log messages is exceeded + if opt_maxlines != None and lines_parsed > opt_maxlines: + outputtxt += "%s Maximum number (%d) of new log messages exceeded.\n" % ( + opt_overflow, opt_maxlines) + worst = max(worst, opt_overflow_level) + os.lseek(fl, 0, 2) # Seek to end of file, skip all other messages + break + + # Check if maximum processing time (per file) is exceeded. Check only + # every 100'th line in order to save system calls + if opt_maxtime != None and lines_parsed % 100 == 10 \ + and time.time() - start_time > opt_maxtime: + outputtxt += "%s Maximum parsing time (%.1f sec) of this log file exceeded.\n" % ( + opt_overflow, opt_maxtime) + worst = max(worst, opt_overflow_level) + os.lseek(fl, 0, 2) # Seek to end of file, skip all other messages + break + + level = "." + for lev, pattern, cont_patterns, replacements in patterns: + matches = pattern.search(line[:-1]) + if matches: + level = lev + levelint = {'C': 2, 'W': 1, 'O': 0, 'I': -1, '.': -1}[lev] + worst = max(levelint, worst) + + # Check for continuation lines + for cont_pattern in cont_patterns: + if type(cont_pattern) == int: # add that many lines + for x in range(cont_pattern): + cont_line = next_line(f) + if cont_line == None: # end of file + break + line = line[:-1] + "\1" + cont_line + + else: # pattern is regex + while True: + cont_line = next_line(f) + if cont_line == None: # end of file + break + elif cont_pattern.search(cont_line[:-1]): + line = line[:-1] + "\1" + cont_line + else: + pushed_back_line = cont_line # sorry for stealing this line + break + + # Replacement + for replace in replacements: + line = replace.replace('\\0', line) + "\n" + for nr, group in enumerate(matches.groups()): + line = line.replace('\\%d' % (nr+1), group) + + break # matching rule found and executed + + color = {'C': tty_red, 'W': tty_yellow, 'O': tty_green, 'I': tty_blue, '.': ''}[level] + if debug: + line = line.replace("\1", "\nCONT:") + if level == "I": + level = "." + if opt_nocontext and level == '.': + continue + outputtxt += "%s%s %s%s\n" % (color, level, line[:-1], tty_normal) + + new_offset = os.lseek(fl, 0, 1) # os.SEEK_CUR not available in Python 2.4 + status[logfile] = new_offset, inode + + # output all lines if at least one warning, error or ok has been found + if worst > -1: + sys.stdout.write(outputtxt) + sys.stdout.flush() + +try: + config = read_config() +except Exception, e: + if debug: + raise + print "CANNOT READ CONFIG FILE: %s" % e + sys.exit(1) + +# Simply ignore errors in the status file. In case of a corrupted status file we simply begin +# with an empty status. That keeps the monitoring up and running - even if we might loose a +# message in the extreme case of a corrupted status file. +try: + status = read_status() +except Exception, e: + status = {} + + +# The filename line may contain options like 'maxlines=100' or 'maxtime=10' +for filenames, patterns in config: + # Initialize options with default values + opt_maxlines = None + opt_maxtime = None + opt_regex = None + opt_overflow = 'C' + opt_overflow_level = 2 + opt_nocontext = False + try: + options = [ o.split('=', 1) for o in filenames if '=' in o ] + for key, value in options: + if key == 'maxlines': + opt_maxlines = int(value) + elif key == 'maxtime': + opt_maxtime = float(value) + elif key == 'overflow': + if value not in [ 'C', 'I', 'W', 'O' ]: + raise Exception("Invalid value %s for overflow. Allowed are C, I, O and W" % value) + opt_overflow = value + opt_overflow_level = {'C':2, 'W':1, 'O':0, 'I':0}[value] + elif key == 'regex': + opt_regex = re.compile(value) + elif key == 'iregex': + opt_regex = re.compile(value, re.I) + elif key == 'nocontext': + opt_nocontext = True + else: + raise Exception("Invalid option %s" % key) + except Exception, e: + if debug: + raise + print "INVALID CONFIGURATION: %s" % e + sys.exit(1) + + + for glob in filenames: + if '=' in glob: + continue + logfiles = [ l.strip() for l in os.popen("ls %s 2>/dev/null" % glob).readlines() ] + if opt_regex: + logfiles = [ f for f in logfiles if opt_regex.search(f) ] + if len(logfiles) == 0: + print '[[[%s:missing]]]' % glob + else: + for logfile in logfiles: + process_logfile(logfile, patterns) + +if not debug: + save_status(status) diff --git a/puppet/modules/site_check_mk/manifests/agent.pp b/puppet/modules/site_check_mk/manifests/agent.pp index 75188c7b..a29923c1 100644 --- a/puppet/modules/site_check_mk/manifests/agent.pp +++ b/puppet/modules/site_check_mk/manifests/agent.pp @@ -15,4 +15,5 @@ class site_check_mk::agent { } include site_check_mk::agent::mrpe + include site_check_mk::agent::logwatch } diff --git a/puppet/modules/site_check_mk/manifests/agent/logwatch.pp b/puppet/modules/site_check_mk/manifests/agent/logwatch.pp new file mode 100644 index 00000000..763b01a7 --- /dev/null +++ b/puppet/modules/site_check_mk/manifests/agent/logwatch.pp @@ -0,0 +1,11 @@ +class site_check_mk::agent::logwatch { + # Deploy mk_logwatch 1.2.4 so we can split the config + # into multiple config files in /etc/check_mk/logwatch.d + # see https://leap.se/code/issues/5135 + + file { '/usr/lib/check_mk_agent/plugins/mk_logwatch': + source => 'puppet:///modules/site_check_mk/agent/plugins/mk_logwatch.1.2.4', + mode => '0755' + } + +} -- cgit v1.2.3 From 20e1830ab70c2f63d240f909ab5622476b095ec9 Mon Sep 17 00:00:00 2001 From: varac Date: Wed, 19 Feb 2014 15:39:51 +0100 Subject: add site_check_mk::agent::tapicero, site_check_mk::agent::couchdb --- .../modules/site_check_mk/files/agent/logwatch/couchdb.cfg | 9 +++++++++ puppet/modules/site_check_mk/manifests/agent/couchdb.pp | 12 +++++------- puppet/modules/site_check_mk/manifests/agent/tapicero.pp | 10 ++++++++++ 3 files changed, 24 insertions(+), 7 deletions(-) create mode 100644 puppet/modules/site_check_mk/files/agent/logwatch/couchdb.cfg create mode 100644 puppet/modules/site_check_mk/manifests/agent/tapicero.pp (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/couchdb.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/couchdb.cfg new file mode 100644 index 00000000..0911d09a --- /dev/null +++ b/puppet/modules/site_check_mk/files/agent/logwatch/couchdb.cfg @@ -0,0 +1,9 @@ +/opt/bigcouch/var/log/bigcouch.log + C Uncaught error in HTTP request: {exit, + C Uncaught error in HTTP request: {exit,normal} + C Uncaught error in HTTP request: {error, + C Response abnormally terminated: {nodedown, + C rexi_DOWN,noproc + C rexi_DOWN,noconnection + C error + W Shutting down group server diff --git a/puppet/modules/site_check_mk/manifests/agent/couchdb.pp b/puppet/modules/site_check_mk/manifests/agent/couchdb.pp index 5b50e5a9..c954292a 100644 --- a/puppet/modules/site_check_mk/manifests/agent/couchdb.pp +++ b/puppet/modules/site_check_mk/manifests/agent/couchdb.pp @@ -1,5 +1,10 @@ class site_check_mk::agent::couchdb { + file { '/etc/check_mk/logwatch.d/couchdb.cfg': + source => 'puppet:///modules/site_check_mk/agent/logwatch/couchdb.cfg', + } + + # local custom checks file { '/usr/lib/check_mk_agent/local/check_bigcouch_errors.sh': ensure => link, @@ -7,11 +12,4 @@ class site_check_mk::agent::couchdb { require => Vcsrepo['/srv/leap/couchdb/scripts'] } - # local nagios plugin checks via mrpe - file_line { - 'Tapicero_Procs': - line => 'Tapicero_Procs /usr/lib/nagios/plugins/check_procs -w 1:1 -c 1:1 -a tapicero', - path => '/etc/check_mk/mrpe.cfg'; - } - } diff --git a/puppet/modules/site_check_mk/manifests/agent/tapicero.pp b/puppet/modules/site_check_mk/manifests/agent/tapicero.pp new file mode 100644 index 00000000..2379881c --- /dev/null +++ b/puppet/modules/site_check_mk/manifests/agent/tapicero.pp @@ -0,0 +1,10 @@ +class site_check_mk::agent::tapicero { + + # local nagios plugin checks via mrpe + file_line { + 'Tapicero_Procs': + line => 'Tapicero_Procs /usr/lib/nagios/plugins/check_procs -w 1:1 -c 1:1 -a tapicero', + path => '/etc/check_mk/mrpe.cfg'; + } + +} -- cgit v1.2.3 From 9d19be450d84e1fd281cbfc0f795ca411a2f5879 Mon Sep 17 00:00:00 2001 From: varac Date: Wed, 19 Feb 2014 15:51:09 +0100 Subject: set up logwatch.d directory --- puppet/modules/site_check_mk/manifests/agent/logwatch.pp | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/manifests/agent/logwatch.pp b/puppet/modules/site_check_mk/manifests/agent/logwatch.pp index 763b01a7..67db5a12 100644 --- a/puppet/modules/site_check_mk/manifests/agent/logwatch.pp +++ b/puppet/modules/site_check_mk/manifests/agent/logwatch.pp @@ -8,4 +8,8 @@ class site_check_mk::agent::logwatch { mode => '0755' } + file { '/etc/check_mk/logwatch.d': + ensure => directory + } + } -- cgit v1.2.3 From 6bb879a46c754958d07b530cf62d69a01537ccba Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 20 Feb 2014 00:31:39 +0100 Subject: added tapicero logwatch check --- puppet/modules/site_check_mk/files/agent/logwatch/tapicero.cfg | 5 +++++ puppet/modules/site_check_mk/manifests/agent/tapicero.pp | 4 ++++ 2 files changed, 9 insertions(+) create mode 100644 puppet/modules/site_check_mk/files/agent/logwatch/tapicero.cfg (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/tapicero.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/tapicero.cfg new file mode 100644 index 00000000..9402de9b --- /dev/null +++ b/puppet/modules/site_check_mk/files/agent/logwatch/tapicero.cfg @@ -0,0 +1,5 @@ +/var/log/syslog + C tapicero.*RestClient::InternalServerError: + C tapicero.*RestClient::PreconditionFailed: + C tapicero.*failed + W tapicero.*Couch stream ended unexpectedly. diff --git a/puppet/modules/site_check_mk/manifests/agent/tapicero.pp b/puppet/modules/site_check_mk/manifests/agent/tapicero.pp index 2379881c..088900f4 100644 --- a/puppet/modules/site_check_mk/manifests/agent/tapicero.pp +++ b/puppet/modules/site_check_mk/manifests/agent/tapicero.pp @@ -1,5 +1,9 @@ class site_check_mk::agent::tapicero { + file { '/etc/check_mk/logwatch.d/tapicero.cfg': + source => 'puppet:///modules/site_check_mk/agent/logwatch/tapicero.cfg', + } + # local nagios plugin checks via mrpe file_line { 'Tapicero_Procs': -- cgit v1.2.3 From c0d0a5a0af891c360dded0c508591cf50899bc66 Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 20 Feb 2014 17:07:48 +0100 Subject: now using concanated check_mk logwatch files where needed (#5155) --- .../files/agent/logwatch/logwatch.cfg | 31 ++++++++++++++++++++++ .../site_check_mk/files/agent/logwatch/syslog.cfg | 5 ++++ .../files/agent/logwatch/tapicero.cfg | 1 - .../site_check_mk/manifests/agent/logwatch.pp | 21 ++++++++++++++- .../manifests/agent/logwatch/syslog.pp | 13 +++++++++ .../site_check_mk/manifests/agent/tapicero.pp | 6 +++-- 6 files changed, 73 insertions(+), 4 deletions(-) create mode 100644 puppet/modules/site_check_mk/files/agent/logwatch/logwatch.cfg create mode 100644 puppet/modules/site_check_mk/files/agent/logwatch/syslog.cfg create mode 100644 puppet/modules/site_check_mk/manifests/agent/logwatch/syslog.pp (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/logwatch.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/logwatch.cfg new file mode 100644 index 00000000..c4acae40 --- /dev/null +++ b/puppet/modules/site_check_mk/files/agent/logwatch/logwatch.cfg @@ -0,0 +1,31 @@ +# This file is managed by Puppet. DO NOT EDIT. + +# logwatch.cfg +# This file configures mk_logwatch. Define your logfiles +# and patterns to be looked for here. + +# Name one or more logfiles +/var/log/messages +# Patterns are indented with one space are prefixed with: +# C: Critical messages +# W: Warning messages +# I: ignore these lines (OK) +# The first match decided. Lines that do not match any pattern +# are ignored + C Fail event detected on md device + I mdadm.*: Rebuild.*event detected + W mdadm\[ + W ata.*hard resetting link + W ata.*soft reset failed (.*FIS failed) + W device-mapper: thin:.*reached low water mark + C device-mapper: thin:.*no free space + +/var/log/auth.log + W sshd.*Corrupted MAC on input + +/var/log/kern.log + C panic + C Oops + W generic protection rip + W .*Unrecovered read error - auto reallocate failed + diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/syslog.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/syslog.cfg new file mode 100644 index 00000000..3703b5e1 --- /dev/null +++ b/puppet/modules/site_check_mk/files/agent/logwatch/syslog.cfg @@ -0,0 +1,5 @@ +/var/log/syslog + C panic + C Oops + W generic protection rip + W .*Unrecovered read error - auto reallocate failed diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/tapicero.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/tapicero.cfg index 9402de9b..4e3808eb 100644 --- a/puppet/modules/site_check_mk/files/agent/logwatch/tapicero.cfg +++ b/puppet/modules/site_check_mk/files/agent/logwatch/tapicero.cfg @@ -1,4 +1,3 @@ -/var/log/syslog C tapicero.*RestClient::InternalServerError: C tapicero.*RestClient::PreconditionFailed: C tapicero.*failed diff --git a/puppet/modules/site_check_mk/manifests/agent/logwatch.pp b/puppet/modules/site_check_mk/manifests/agent/logwatch.pp index 67db5a12..38514af2 100644 --- a/puppet/modules/site_check_mk/manifests/agent/logwatch.pp +++ b/puppet/modules/site_check_mk/manifests/agent/logwatch.pp @@ -8,8 +8,27 @@ class site_check_mk::agent::logwatch { mode => '0755' } + # only config files that watch a distinct logfile should go in logwatch.d/ file { '/etc/check_mk/logwatch.d': - ensure => directory + ensure => directory, + recurse => true, + purge => true, } + # service that share a common logfile (i.e. /var/log/syslog) need to get + # concanated in one file, otherwise the last file sourced will override + # the config before + # see mk_logwatch: "logwatch.cfg overwrites config files in logwatch.d", + # https://leap.se/code/issues/5155 + + # first, we need to deploy a custom logwatch.cfg that doesn't include + # a section about /var/log/syslog + + file { '/etc/check_mk/logwatch.cfg': + source => 'puppet:///modules/site_check_mk/agent/logwatch/logwatch.cfg', + require => Package['check_mk-agent-logwatch'] + } + + include concat::setup + include site_check_mk::agent::logwatch::syslog } diff --git a/puppet/modules/site_check_mk/manifests/agent/logwatch/syslog.pp b/puppet/modules/site_check_mk/manifests/agent/logwatch/syslog.pp new file mode 100644 index 00000000..ac3dda64 --- /dev/null +++ b/puppet/modules/site_check_mk/manifests/agent/logwatch/syslog.pp @@ -0,0 +1,13 @@ +class site_check_mk::agent::logwatch::syslog { + + concat { '/etc/check_mk/logwatch.d/syslog.cfg': + warn => true + } + + concat::fragment { 'syslog_header': + source => 'puppet:///modules/site_check_mk/agent/logwatch/syslog.cfg', + target => '/etc/check_mk/logwatch.d/syslog.cfg', + order => '01'; + } + +} diff --git a/puppet/modules/site_check_mk/manifests/agent/tapicero.pp b/puppet/modules/site_check_mk/manifests/agent/tapicero.pp index 088900f4..dc785e52 100644 --- a/puppet/modules/site_check_mk/manifests/agent/tapicero.pp +++ b/puppet/modules/site_check_mk/manifests/agent/tapicero.pp @@ -1,7 +1,9 @@ class site_check_mk::agent::tapicero { - file { '/etc/check_mk/logwatch.d/tapicero.cfg': - source => 'puppet:///modules/site_check_mk/agent/logwatch/tapicero.cfg', + concat::fragment { 'syslog_tapicero': + source => 'puppet:///modules/site_check_mk/agent/logwatch/tapicero.cfg', + target => '/etc/check_mk/logwatch.d/syslog.cfg', + order => '02'; } # local nagios plugin checks via mrpe -- cgit v1.2.3 From 2b875d23a3d2a53c9276dfee1a71085967dec4c0 Mon Sep 17 00:00:00 2001 From: varac Date: Mon, 24 Feb 2014 13:45:50 +0100 Subject: One monitor node for non-local environments and one for local environment (Feature #2981), wip also, use the configured ssh port for every node --- puppet/modules/site_check_mk/manifests/server.pp | 5 +++-- puppet/modules/site_check_mk/templates/use_ssh.mk | 5 +++-- 2 files changed, 6 insertions(+), 4 deletions(-) (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/manifests/server.pp b/puppet/modules/site_check_mk/manifests/server.pp index e77862e5..4bbeb850 100644 --- a/puppet/modules/site_check_mk/manifests/server.pp +++ b/puppet/modules/site_check_mk/manifests/server.pp @@ -4,10 +4,11 @@ class site_check_mk::server { $pubkey = $ssh_hash['authorized_keys']['monitor']['key'] $type = $ssh_hash['authorized_keys']['monitor']['type'] $seckey = $ssh_hash['monitor']['private_key'] - $ssh_port = $ssh_hash['port'] $nagios_hiera = hiera_hash('nagios') - $hosts = $nagios_hiera['hosts'] + $nagios_hosts = $nagios_hiera['hosts'] + + $hosts = hiera_hash('hosts') $all_hosts = inline_template ('<% @hosts.keys.sort.each do |key| -%>"<%= @hosts[key]["domain_internal"] %>", <% end -%>') package { 'check-mk-server': diff --git a/puppet/modules/site_check_mk/templates/use_ssh.mk b/puppet/modules/site_check_mk/templates/use_ssh.mk index 4c5523db..0bebebcf 100644 --- a/puppet/modules/site_check_mk/templates/use_ssh.mk +++ b/puppet/modules/site_check_mk/templates/use_ssh.mk @@ -1,5 +1,6 @@ # http://mathias-kettner.de/checkmk_datasource_programs.html datasource_programs = [ - ( "ssh -l root -i /etc/check_mk/.ssh/id_rsa -p <%= @ssh_port %> check_mk_agent", ALL_HOSTS ), -] +<% nagios_hosts.sort.each do |name,config| %> + ( "ssh -l root -i /etc/check_mk/.ssh/id_rsa -p <%=config['ssh_port']%> <%=config['domain_internal']%> check_mk_agent", [ "<%=config['domain_internal']%>" ], ),<%- end -%> +] -- cgit v1.2.3 From 5372bba5dd503cb4fe9620bc342992c94863c8e6 Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 25 Feb 2014 12:35:51 +0100 Subject: monitor connection attempts from disallowed bigcouch node --- puppet/modules/site_check_mk/files/agent/logwatch/couchdb.cfg | 1 + 1 file changed, 1 insertion(+) (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/couchdb.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/couchdb.cfg index 0911d09a..ee64b3c0 100644 --- a/puppet/modules/site_check_mk/files/agent/logwatch/couchdb.cfg +++ b/puppet/modules/site_check_mk/files/agent/logwatch/couchdb.cfg @@ -6,4 +6,5 @@ C rexi_DOWN,noproc C rexi_DOWN,noconnection C error + C Connection attempt from disallowed node W Shutting down group server -- cgit v1.2.3 From 59b09ce45333778619baca2bd4e34e5beba63584 Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 25 Feb 2014 13:55:15 +0100 Subject: we use logwatch now to check for bigcouch errors --- puppet/modules/site_check_mk/manifests/agent/couchdb.pp | 9 --------- 1 file changed, 9 deletions(-) (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/manifests/agent/couchdb.pp b/puppet/modules/site_check_mk/manifests/agent/couchdb.pp index c954292a..cc166d42 100644 --- a/puppet/modules/site_check_mk/manifests/agent/couchdb.pp +++ b/puppet/modules/site_check_mk/manifests/agent/couchdb.pp @@ -3,13 +3,4 @@ class site_check_mk::agent::couchdb { file { '/etc/check_mk/logwatch.d/couchdb.cfg': source => 'puppet:///modules/site_check_mk/agent/logwatch/couchdb.cfg', } - - - # local custom checks - file { '/usr/lib/check_mk_agent/local/check_bigcouch_errors.sh': - ensure => link, - target => '/srv/leap/couchdb/scripts/tests/check_bigcouch_errors.sh', - require => Vcsrepo['/srv/leap/couchdb/scripts'] - } - } -- cgit v1.2.3 From 299c059c239936901c4b234f78e89d99ce94e19c Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 25 Feb 2014 13:58:52 +0100 Subject: renamed logwatch/couchdb.cfg to logwatch/bigcouch.cfg --- puppet/modules/site_check_mk/files/agent/logwatch/bigcouch.cfg | 10 ++++++++++ puppet/modules/site_check_mk/files/agent/logwatch/couchdb.cfg | 10 ---------- puppet/modules/site_check_mk/manifests/agent/couchdb.pp | 5 +++-- 3 files changed, 13 insertions(+), 12 deletions(-) create mode 100644 puppet/modules/site_check_mk/files/agent/logwatch/bigcouch.cfg delete mode 100644 puppet/modules/site_check_mk/files/agent/logwatch/couchdb.cfg (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/bigcouch.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/bigcouch.cfg new file mode 100644 index 00000000..ee64b3c0 --- /dev/null +++ b/puppet/modules/site_check_mk/files/agent/logwatch/bigcouch.cfg @@ -0,0 +1,10 @@ +/opt/bigcouch/var/log/bigcouch.log + C Uncaught error in HTTP request: {exit, + C Uncaught error in HTTP request: {exit,normal} + C Uncaught error in HTTP request: {error, + C Response abnormally terminated: {nodedown, + C rexi_DOWN,noproc + C rexi_DOWN,noconnection + C error + C Connection attempt from disallowed node + W Shutting down group server diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/couchdb.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/couchdb.cfg deleted file mode 100644 index ee64b3c0..00000000 --- a/puppet/modules/site_check_mk/files/agent/logwatch/couchdb.cfg +++ /dev/null @@ -1,10 +0,0 @@ -/opt/bigcouch/var/log/bigcouch.log - C Uncaught error in HTTP request: {exit, - C Uncaught error in HTTP request: {exit,normal} - C Uncaught error in HTTP request: {error, - C Response abnormally terminated: {nodedown, - C rexi_DOWN,noproc - C rexi_DOWN,noconnection - C error - C Connection attempt from disallowed node - W Shutting down group server diff --git a/puppet/modules/site_check_mk/manifests/agent/couchdb.pp b/puppet/modules/site_check_mk/manifests/agent/couchdb.pp index cc166d42..f2d286ca 100644 --- a/puppet/modules/site_check_mk/manifests/agent/couchdb.pp +++ b/puppet/modules/site_check_mk/manifests/agent/couchdb.pp @@ -1,6 +1,7 @@ class site_check_mk::agent::couchdb { - file { '/etc/check_mk/logwatch.d/couchdb.cfg': - source => 'puppet:///modules/site_check_mk/agent/logwatch/couchdb.cfg', + file { '/etc/check_mk/logwatch.d/bigcouch.cfg': + source => 'puppet:///modules/site_check_mk/agent/logwatch/bigcouch.cfg', } + } -- cgit v1.2.3 From 3df2e8761ce6c54f6914d24e7acd24634d43c44d Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 25 Feb 2014 14:00:47 +0100 Subject: added some error checking to logwatch/syslog.cfg --- puppet/modules/site_check_mk/files/agent/logwatch/syslog.cfg | 3 +++ 1 file changed, 3 insertions(+) (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/syslog.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/syslog.cfg index 3703b5e1..52c479ef 100644 --- a/puppet/modules/site_check_mk/files/agent/logwatch/syslog.cfg +++ b/puppet/modules/site_check_mk/files/agent/logwatch/syslog.cfg @@ -1,5 +1,8 @@ /var/log/syslog C panic C Oops + I Error: Driver 'pcspkr' is already registered, aborting... + C Error + C error W generic protection rip W .*Unrecovered read error - auto reallocate failed -- cgit v1.2.3 From ee83c7227f64bab9a36ecbfd86049bc3153b3760 Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 25 Feb 2014 14:03:28 +0100 Subject: moved logwatch/tapicero.cfg to logwatch/syslog/tapicero.cfg --- puppet/modules/site_check_mk/files/agent/logwatch/syslog/tapicero.cfg | 4 ++++ puppet/modules/site_check_mk/files/agent/logwatch/tapicero.cfg | 4 ---- puppet/modules/site_check_mk/manifests/agent/tapicero.pp | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) create mode 100644 puppet/modules/site_check_mk/files/agent/logwatch/syslog/tapicero.cfg delete mode 100644 puppet/modules/site_check_mk/files/agent/logwatch/tapicero.cfg (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/tapicero.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/tapicero.cfg new file mode 100644 index 00000000..4e3808eb --- /dev/null +++ b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/tapicero.cfg @@ -0,0 +1,4 @@ + C tapicero.*RestClient::InternalServerError: + C tapicero.*RestClient::PreconditionFailed: + C tapicero.*failed + W tapicero.*Couch stream ended unexpectedly. diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/tapicero.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/tapicero.cfg deleted file mode 100644 index 4e3808eb..00000000 --- a/puppet/modules/site_check_mk/files/agent/logwatch/tapicero.cfg +++ /dev/null @@ -1,4 +0,0 @@ - C tapicero.*RestClient::InternalServerError: - C tapicero.*RestClient::PreconditionFailed: - C tapicero.*failed - W tapicero.*Couch stream ended unexpectedly. diff --git a/puppet/modules/site_check_mk/manifests/agent/tapicero.pp b/puppet/modules/site_check_mk/manifests/agent/tapicero.pp index dc785e52..369ed00b 100644 --- a/puppet/modules/site_check_mk/manifests/agent/tapicero.pp +++ b/puppet/modules/site_check_mk/manifests/agent/tapicero.pp @@ -1,7 +1,7 @@ class site_check_mk::agent::tapicero { concat::fragment { 'syslog_tapicero': - source => 'puppet:///modules/site_check_mk/agent/logwatch/tapicero.cfg', + source => 'puppet:///modules/site_check_mk/agent/logwatch/syslog/tapicero.cfg', target => '/etc/check_mk/logwatch.d/syslog.cfg', order => '02'; } -- cgit v1.2.3 From 91365fb3b9b455253484fca6ffbc3dac8361e5b9 Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 25 Feb 2014 15:11:56 +0100 Subject: check syslog for /usr/local/bin/couch-doc-update failures --- .../modules/site_check_mk/files/agent/logwatch/syslog/couchdb.cfg | 2 ++ puppet/modules/site_check_mk/manifests/agent/couchdb.pp | 6 ++++++ 2 files changed, 8 insertions(+) create mode 100644 puppet/modules/site_check_mk/files/agent/logwatch/syslog/couchdb.cfg (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/couchdb.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/couchdb.cfg new file mode 100644 index 00000000..5f8d5b95 --- /dev/null +++ b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/couchdb.cfg @@ -0,0 +1,2 @@ + C /usr/local/bin/couch-doc-update.*failed + C /usr/local/bin/couch-doc-update.*ERROR diff --git a/puppet/modules/site_check_mk/manifests/agent/couchdb.pp b/puppet/modules/site_check_mk/manifests/agent/couchdb.pp index f2d286ca..9456efcc 100644 --- a/puppet/modules/site_check_mk/manifests/agent/couchdb.pp +++ b/puppet/modules/site_check_mk/manifests/agent/couchdb.pp @@ -4,4 +4,10 @@ class site_check_mk::agent::couchdb { source => 'puppet:///modules/site_check_mk/agent/logwatch/bigcouch.cfg', } + concat::fragment { 'syslog_couchdb': + source => 'puppet:///modules/site_check_mk/agent/logwatch/syslog/couchdb.cfg', + target => '/etc/check_mk/logwatch.d/syslog.cfg', + order => '02'; + } + } -- cgit v1.2.3 From 42512cc9428afcd7d949e373e75da4f0d9fc8086 Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 25 Feb 2014 16:02:53 +0100 Subject: check syslog for stunnel failures --- .../site_check_mk/files/agent/logwatch/syslog/stunnel.cfg | 3 +++ puppet/modules/site_check_mk/manifests/agent/stunnel.pp | 9 +++++++++ 2 files changed, 12 insertions(+) create mode 100644 puppet/modules/site_check_mk/files/agent/logwatch/syslog/stunnel.cfg create mode 100644 puppet/modules/site_check_mk/manifests/agent/stunnel.pp (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/stunnel.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/stunnel.cfg new file mode 100644 index 00000000..31c229b7 --- /dev/null +++ b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/stunnel.cfg @@ -0,0 +1,3 @@ +# check for stunnel failures + C stunnel:.*Connection refused + C stunnel:.*Connection reset by peer diff --git a/puppet/modules/site_check_mk/manifests/agent/stunnel.pp b/puppet/modules/site_check_mk/manifests/agent/stunnel.pp new file mode 100644 index 00000000..64022824 --- /dev/null +++ b/puppet/modules/site_check_mk/manifests/agent/stunnel.pp @@ -0,0 +1,9 @@ +class site_check_mk::agent::stunnel { + + concat::fragment { 'syslog_stunnel': + source => 'puppet:///modules/site_check_mk/agent/logwatch/syslog/stunnel.cfg', + target => '/etc/check_mk/logwatch.d/syslog.cfg', + order => '02'; + } + +} -- cgit v1.2.3 From 40b13221967368060773af008f791ca7a053d18d Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 25 Feb 2014 16:27:57 +0100 Subject: set /usr/lib/nagios/plugins/check_icmp to setuid root (Feature #5171) --- puppet/modules/site_check_mk/manifests/server.pp | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/manifests/server.pp b/puppet/modules/site_check_mk/manifests/server.pp index 4bbeb850..0c98cd5a 100644 --- a/puppet/modules/site_check_mk/manifests/server.pp +++ b/puppet/modules/site_check_mk/manifests/server.pp @@ -44,6 +44,13 @@ class site_check_mk::server { content => "${type} ${pubkey} monitor", owner => 'nagios', mode => '0644'; + # check_icmp must be suid root or called by sudo + # see https://leap.se/code/issues/5171 + '/usr/lib/nagios/plugins/check_icmp': + mode => '4755', + require => Package['nagios-plugins-basic']; } + + include check_mk::agent::local_checks } -- cgit v1.2.3 From 0a6fbced6f2177464c000fc79a90c03171a3bcf6 Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 25 Feb 2014 16:45:33 +0100 Subject: complete nagios monitoring for couchdb (Feature #2175) --- puppet/modules/site_check_mk/manifests/agent/couchdb.pp | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/manifests/agent/couchdb.pp b/puppet/modules/site_check_mk/manifests/agent/couchdb.pp index 9456efcc..97e4a777 100644 --- a/puppet/modules/site_check_mk/manifests/agent/couchdb.pp +++ b/puppet/modules/site_check_mk/manifests/agent/couchdb.pp @@ -1,13 +1,25 @@ class site_check_mk::agent::couchdb { + # watch logs file { '/etc/check_mk/logwatch.d/bigcouch.cfg': source => 'puppet:///modules/site_check_mk/agent/logwatch/bigcouch.cfg', } - concat::fragment { 'syslog_couchdb': source => 'puppet:///modules/site_check_mk/agent/logwatch/syslog/couchdb.cfg', target => '/etc/check_mk/logwatch.d/syslog.cfg', order => '02'; } + + # check bigcouch processes + file_line { + 'Bigcouch_epmd_procs': + line => 'Bigcouch_epmd_procs /usr/lib/nagios/plugins/check_procs -w 1:1 -c 1:1 -a /opt/bigcouch/erts-5.9.1/bin/epmd', + path => '/etc/check_mk/mrpe.cfg'; + 'Bigcouch_beam_procs': + line => 'Bigcouch_beam_procs /usr/lib/nagios/plugins/check_procs -w 1:1 -c 1:1 -a /opt/bigcouch/erts-5.9.1/bin/beam', + path => '/etc/check_mk/mrpe.cfg'; + } + + } -- cgit v1.2.3 From 5cc2e0d7a10c088d024bf0e5e4538b31a7d2844c Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 25 Feb 2014 17:19:36 +0100 Subject: nagios monitoring of haproxy nodes (Feature #2657) --- puppet/modules/site_check_mk/manifests/agent/haproxy.pp | 12 ++++++++++++ .../manifests/agent/package/nagios_plugins_contrib.pp | 5 +++++ 2 files changed, 17 insertions(+) create mode 100644 puppet/modules/site_check_mk/manifests/agent/haproxy.pp create mode 100644 puppet/modules/site_check_mk/manifests/agent/package/nagios_plugins_contrib.pp (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/manifests/agent/haproxy.pp b/puppet/modules/site_check_mk/manifests/agent/haproxy.pp new file mode 100644 index 00000000..e7986db1 --- /dev/null +++ b/puppet/modules/site_check_mk/manifests/agent/haproxy.pp @@ -0,0 +1,12 @@ +class site_check_mk::agent::haproxy { + + include site_check_mk::agent::package::nagios_plugins_contrib + + # local nagios plugin checks via mrpe + file_line { + 'haproxy': + line => 'Haproxy /usr/lib/nagios/plugins/check_haproxy -u "http://localhost:8000/haproxy;csv"', + path => '/etc/check_mk/mrpe.cfg'; + } + +} diff --git a/puppet/modules/site_check_mk/manifests/agent/package/nagios_plugins_contrib.pp b/puppet/modules/site_check_mk/manifests/agent/package/nagios_plugins_contrib.pp new file mode 100644 index 00000000..95a60d17 --- /dev/null +++ b/puppet/modules/site_check_mk/manifests/agent/package/nagios_plugins_contrib.pp @@ -0,0 +1,5 @@ +class site_check_mk::agent::package::nagios_plugins_contrib { + package { 'nagios-plugins-contrib': + ensure => installed, + } +} -- cgit v1.2.3 From 835d1f9699507e9e40cae32ffc90940e26bed3ee Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 25 Feb 2014 17:58:48 +0100 Subject: nagios: check open files for bigcouch process (Feature #4965) --- .../agent/nagios_plugins/check_unix_open_fds.pl | 322 +++++++++++++++++++++ puppet/modules/site_check_mk/manifests/agent.pp | 4 + .../site_check_mk/manifests/agent/couchdb.pp | 11 + .../manifests/agent/package/perl_plugin.pp | 5 + 4 files changed, 342 insertions(+) create mode 100755 puppet/modules/site_check_mk/files/agent/nagios_plugins/check_unix_open_fds.pl create mode 100644 puppet/modules/site_check_mk/manifests/agent/package/perl_plugin.pp (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/agent/nagios_plugins/check_unix_open_fds.pl b/puppet/modules/site_check_mk/files/agent/nagios_plugins/check_unix_open_fds.pl new file mode 100755 index 00000000..06163d49 --- /dev/null +++ b/puppet/modules/site_check_mk/files/agent/nagios_plugins/check_unix_open_fds.pl @@ -0,0 +1,322 @@ +#!/usr/bin/perl -w + +# check_unix_open_fds Nagios Plugin +# +# TComm - Carlos Peris Pla +# +# This nagios plugin is free software, and comes with ABSOLUTELY +# NO WARRANTY. It may be used, redistributed and/or modified under +# the terms of the GNU General Public Licence (see +# http://www.fsf.org/licensing/licenses/gpl.txt). + + +# MODULE DECLARATION + +use strict; +use Nagios::Plugin; + + +# FUNCTION DECLARATION + +sub CreateNagiosManager (); +sub CheckArguments (); +sub PerformCheck (); + + +# CONSTANT DEFINITION + +use constant NAME => 'check_unix_open_fds'; +use constant VERSION => '0.1b'; +use constant USAGE => "Usage:\ncheck_unix_open_fds -w -c \n". + "\t\t[-V ]\n"; +use constant BLURB => "This plugin checks, in UNIX systems with the command lsof installed and with its SUID bit activated, the number\n". + "of file descriptors opened by an application and its processes.\n"; +use constant LICENSE => "This nagios plugin is free software, and comes with ABSOLUTELY\n". + "no WARRANTY. It may be used, redistributed and/or modified under\n". + "the terms of the GNU General Public Licence\n". + "(see http://www.fsf.org/licensing/licenses/gpl.txt).\n"; +use constant EXAMPLE => "\n\n". + "Example:\n". + "\n". + "check_unix_open_fds -a /usr/local/nagios/bin/ndo2db -w 20,75 -c 25,85\n". + "\n". + "It returns CRITICAL if number of file descriptors opened by ndo2db is higher than 85,\n". + "if not it returns WARNING if number of file descriptors opened by ndo2db is higher \n". + "than 75, if not it returns CRITICAL if number of file descriptors opened by any process\n". + "of ndo2db is higher than 25, if not it returns WARNING if number of file descriptors \n". + "opened by any process of ndo2db is higher than 20.\n". + "In other cases it returns OK if check has been performed succesfully.\n\n"; + + +# VARIABLE DEFINITION + +my $Nagios; +my $Error; +my $PluginResult; +my $PluginOutput; +my @WVRange; +my @CVRange; + + +# MAIN FUNCTION + +# Get command line arguments +$Nagios = &CreateNagiosManager(USAGE, VERSION, BLURB, LICENSE, NAME, EXAMPLE); +eval {$Nagios->getopts}; + +if (!$@) { + # Command line parsed + if (&CheckArguments($Nagios, \$Error, \@WVRange, \@CVRange)) { + # Argument checking passed + $PluginResult = &PerformCheck($Nagios, \$PluginOutput, \@WVRange, \@CVRange) + } + else { + # Error checking arguments + $PluginOutput = $Error; + $PluginResult = UNKNOWN; + } + $Nagios->nagios_exit($PluginResult,$PluginOutput); +} +else { + # Error parsing command line + $Nagios->nagios_exit(UNKNOWN,$@); +} + + + +# FUNCTION DEFINITIONS + +# Creates and configures a Nagios plugin object +# Input: strings (usage, version, blurb, license, name and example) to configure argument parsing functionality +# Return value: reference to a Nagios plugin object + +sub CreateNagiosManager() { + # Create GetOpt object + my $Nagios = Nagios::Plugin->new(usage => $_[0], version => $_[1], blurb => $_[2], license => $_[3], plugin => $_[4], extra => $_[5]); + + # Add argument units + $Nagios->add_arg(spec => 'application|a=s', + help => 'Application path for which you want to check the number of open file descriptors', + required => 1); + + # Add argument warning + $Nagios->add_arg(spec => 'warning|w=s', + help => "Warning thresholds. Format: ", + required => 1); + # Add argument critical + $Nagios->add_arg(spec => 'critical|c=s', + help => "Critical thresholds. Format: ", + required => 1); + + # Return value + return $Nagios; +} + + +# Checks argument values and sets some default values +# Input: Nagios Plugin object +# Output: reference to Error description string, Memory Unit, Swap Unit, reference to WVRange ($_[4]), reference to CVRange ($_[5]) +# Return value: True if arguments ok, false if not + +sub CheckArguments() { + my ($Nagios, $Error, $WVRange, $CVRange) = @_; + my $commas; + my $units; + my $i; + my $firstpos; + my $secondpos; + + # Check Warning thresholds list + $commas = $Nagios->opts->warning =~ tr/,//; + if ($commas !=1){ + ${$Error} = "Invalid Warning list format. One comma is expected."; + return 0; + } + else{ + $i=0; + $firstpos=0; + my $warning=$Nagios->opts->warning; + while ($warning =~ /[,]/g) { + $secondpos=pos $warning; + if ($secondpos - $firstpos==1){ + @{$WVRange}[$i] = "~:"; + } + else{ + @{$WVRange}[$i] = substr $Nagios->opts->warning, $firstpos, ($secondpos-$firstpos-1); + } + $firstpos=$secondpos; + $i++ + } + if (length($Nagios->opts->warning) - $firstpos==0){#La coma es el ultimo elemento del string + @{$WVRange}[$i] = "~:"; + } + else{ + @{$WVRange}[$i] = substr $Nagios->opts->warning, $firstpos, (length($Nagios->opts->warning)-$firstpos); + } + + if (@{$WVRange}[0] !~/^(@?(\d+|(\d+|~):(\d+)?))?$/){ + ${$Error} = "Invalid Process Warning threshold in ${$WVRange[0]}"; + return 0; + }if (@{$WVRange}[1] !~/^(@?(\d+|(\d+|~):(\d+)?))?$/){ + ${$Error} = "Invalid Application Warning threshold in ${$WVRange[1]}"; + return 0; + } + } + + # Check Critical thresholds list + $commas = $Nagios->opts->critical =~ tr/,//; + if ($commas !=1){ + ${$Error} = "Invalid Critical list format. One comma is expected."; + return 0; + } + else{ + $i=0; + $firstpos=0; + my $critical=$Nagios->opts->critical; + while ($critical =~ /[,]/g) { + $secondpos=pos $critical ; + if ($secondpos - $firstpos==1){ + @{$CVRange}[$i] = "~:"; + } + else{ + @{$CVRange}[$i] =substr $Nagios->opts->critical, $firstpos, ($secondpos-$firstpos-1); + } + $firstpos=$secondpos; + $i++ + } + if (length($Nagios->opts->critical) - $firstpos==0){#La coma es el ultimo elemento del string + @{$CVRange}[$i] = "~:"; + } + else{ + @{$CVRange}[$i] = substr $Nagios->opts->critical, $firstpos, (length($Nagios->opts->critical)-$firstpos); + } + + if (@{$CVRange}[0] !~/^(@?(\d+|(\d+|~):(\d+)?))?$/) { + ${$Error} = "Invalid Process Critical threshold in @{$CVRange}[0]"; + return 0; + } + if (@{$CVRange}[1] !~/^(@?(\d+|(\d+|~):(\d+)?))?$/) { + ${$Error} = "Invalid Application Critical threshold in @{$CVRange}[1]"; + return 0; + } + } + + return 1; +} + + +# Performs whole check: +# Input: Nagios Plugin object, reference to Plugin output string, Application, referece to WVRange, reference to CVRange +# Output: Plugin output string +# Return value: Plugin return value + +sub PerformCheck() { + my ($Nagios, $PluginOutput, $WVRange, $CVRange) = @_; + my $Application; + my @AppNameSplitted; + my $ApplicationName; + my $PsCommand; + my $PsResult; + my @PsResultLines; + my $ProcLine; + my $ProcPid; + my $LsofCommand; + my $LsofResult; + my $ProcCount = 0; + my $FDCount = 0; + my $ProcFDAvg = 0; + my $PerProcMaxFD = 0; + my $ProcOKFlag = 0; + my $ProcWarningFlag = 0; + my $ProcCriticalFlag = 0; + my $OKFlag = 0; + my $WarningFlag = 0; + my $CriticalFlag = 0; + my $LastWarningProcFDs = 0; + my $LastWarningProc = -1; + my $LastCriticalProcFDs = 0; + my $LastCriticalProc = -1; + my $ProcPluginReturnValue = UNKNOWN; + my $AppPluginReturnValue = UNKNOWN; + my $PluginReturnValue = UNKNOWN; + my $PerformanceData = ""; + my $PerfdataUnit = "FDs"; + + $Application = $Nagios->opts->application; + $PsCommand = "ps -eaf | grep $Application"; + $PsResult = `$PsCommand`; + @AppNameSplitted = split(/\//, $Application); + $ApplicationName = $AppNameSplitted[$#AppNameSplitted]; + @PsResultLines = split(/\n/, $PsResult); + if ( $#PsResultLines > 1 ) { + foreach my $Proc (split(/\n/, $PsResult)) { + if ($Proc !~ /check_unix_open_fds/ && $Proc !~ / grep /) { + $ProcCount += 1; + $ProcPid = (split(/\s+/, $Proc))[1]; + $LsofCommand = "lsof -p $ProcPid | wc -l"; + $LsofResult = `$LsofCommand`; + $LsofResult = ($LsofResult > 0 ) ? ($LsofResult - 1) : 0; + $FDCount += $LsofResult; + if ($LsofResult >= $PerProcMaxFD) { $PerProcMaxFD = $LsofResult; } + $ProcPluginReturnValue = $Nagios->check_threshold(check => $LsofResult,warning => @{$WVRange}[0],critical => @{$CVRange}[0]); + if ($ProcPluginReturnValue eq OK) { + $ProcOKFlag = 1; + } + elsif ($ProcPluginReturnValue eq WARNING) { + $ProcWarningFlag = 1; + if ($LsofResult >= $LastWarningProcFDs) { + $LastWarningProcFDs = $LsofResult; + $LastWarningProc = $ProcPid; + } + } + #if ($LsofResult >= $PCT) { + elsif ($ProcPluginReturnValue eq CRITICAL) { + $ProcCriticalFlag = 1; + if ($LsofResult >= $LastCriticalProcFDs) { + $LastCriticalProcFDs = $LsofResult; + $LastCriticalProc = $ProcPid; + } + } + } + } + if ($ProcCount) { $ProcFDAvg = int($FDCount / $ProcCount); } + $AppPluginReturnValue = $Nagios->check_threshold(check => $FDCount,warning => @{$WVRange}[1],critical => @{$CVRange}[1]); + #if ($FDCount >= $TWT) { + if ($AppPluginReturnValue eq OK) { $OKFlag = 1; } + elsif ($AppPluginReturnValue eq WARNING) { $WarningFlag = 1; } + elsif ($AppPluginReturnValue eq CRITICAL) { $CriticalFlag = 1; } + + # PluginReturnValue and PluginOutput + if ($CriticalFlag) { + $PluginReturnValue = CRITICAL; + ${$PluginOutput} .= "$ApplicationName handling $FDCount files (critical threshold set to @{$CVRange}[1])"; + } + elsif ($WarningFlag) { + $PluginReturnValue = WARNING; + ${$PluginOutput} .= "$ApplicationName handling $FDCount files (warning threshold set to @{$WVRange}[1])"; + } + elsif ($ProcCriticalFlag) { + $PluginReturnValue = CRITICAL; + ${$PluginOutput} .= "Process ID $LastCriticalProc handling $LastCriticalProcFDs files (critical threshold set to @{$CVRange}[0])"; + } + elsif ($ProcWarningFlag) { + $PluginReturnValue = WARNING; + ${$PluginOutput} .= "Process ID $LastWarningProc handling $LastWarningProcFDs files (warning threshold set to @{$WVRange}[0])"; + } + elsif ($OKFlag && $ProcOKFlag) { + $PluginReturnValue = OK; + ${$PluginOutput} .= "$ApplicationName handling $FDCount files"; + } + } + else { + ${$PluginOutput} .= "No existe la aplicacion $ApplicationName"; + } + + + $PerformanceData .= "ProcCount=$ProcCount$PerfdataUnit FDCount=$FDCount$PerfdataUnit ProcFDAvg=$ProcFDAvg$PerfdataUnit PerProcMaxFD=$PerProcMaxFD$PerfdataUnit"; + + # Output with performance data: + ${$PluginOutput} .= " | $PerformanceData"; + + return $PluginReturnValue; +} diff --git a/puppet/modules/site_check_mk/manifests/agent.pp b/puppet/modules/site_check_mk/manifests/agent.pp index a29923c1..efb05b37 100644 --- a/puppet/modules/site_check_mk/manifests/agent.pp +++ b/puppet/modules/site_check_mk/manifests/agent.pp @@ -14,6 +14,10 @@ class site_check_mk::agent { register_agent => false } + file { [ '/srv/leap/nagios', '/srv/leap/nagios/plugins' ]: + ensure => directory, + } + include site_check_mk::agent::mrpe include site_check_mk::agent::logwatch } diff --git a/puppet/modules/site_check_mk/manifests/agent/couchdb.pp b/puppet/modules/site_check_mk/manifests/agent/couchdb.pp index 97e4a777..01e2b886 100644 --- a/puppet/modules/site_check_mk/manifests/agent/couchdb.pp +++ b/puppet/modules/site_check_mk/manifests/agent/couchdb.pp @@ -21,5 +21,16 @@ class site_check_mk::agent::couchdb { path => '/etc/check_mk/mrpe.cfg'; } + # check open files for bigcouch proc + include site_check_mk::agent::package::perl_plugin + file { '/srv/leap/nagios/plugins/check_unix_open_fds.pl': + source => 'puppet:///modules/site_check_mk/agent/nagios_plugins/check_unix_open_fds.pl', + mode => '0755' + } + file_line { + 'Bigcouch_open_files': + line => 'Bigcouch_open_files /srv/leap/nagios/plugins/check_unix_open_fds.pl -a beam -w 750,750 -c 1000,1000', + path => '/etc/check_mk/mrpe.cfg'; + } } diff --git a/puppet/modules/site_check_mk/manifests/agent/package/perl_plugin.pp b/puppet/modules/site_check_mk/manifests/agent/package/perl_plugin.pp new file mode 100644 index 00000000..4feda375 --- /dev/null +++ b/puppet/modules/site_check_mk/manifests/agent/package/perl_plugin.pp @@ -0,0 +1,5 @@ +class site_check_mk::agent::package::perl_plugin { + package { 'libnagios-plugin-perl': + ensure => installed, + } +} -- cgit v1.2.3 From 0daa46300cddc6c56e07b42c131852e839235a7f Mon Sep 17 00:00:00 2001 From: varac Date: Wed, 26 Feb 2014 14:02:39 +0100 Subject: ignore logwatch pattern for tapicero: 412 Precondition Failed while creating user db (Bug #5168) --- .../modules/site_check_mk/files/agent/logwatch/syslog/tapicero.cfg | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/tapicero.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/tapicero.cfg index 4e3808eb..9983d27c 100644 --- a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/tapicero.cfg +++ b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/tapicero.cfg @@ -1,4 +1,7 @@ C tapicero.*RestClient::InternalServerError: - C tapicero.*RestClient::PreconditionFailed: +# possible race condition between multiple tapicero +# instances, so we ignore it +# see https://leap.se/code/issues/5168 + I tapicero.*RestClient::PreconditionFailed: C tapicero.*failed W tapicero.*Couch stream ended unexpectedly. -- cgit v1.2.3 From 877e6daa7e281c27114759482879e6f8c6903283 Mon Sep 17 00:00:00 2001 From: varac Date: Wed, 26 Feb 2014 14:08:48 +0100 Subject: ignore logwatch pattern 'sunnel: SSL_shutdown: Connection reset by peer' --- puppet/modules/site_check_mk/files/agent/logwatch/syslog/stunnel.cfg | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/stunnel.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/stunnel.cfg index 31c229b7..cf7ebca8 100644 --- a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/stunnel.cfg +++ b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/stunnel.cfg @@ -1,3 +1,5 @@ # check for stunnel failures C stunnel:.*Connection refused - C stunnel:.*Connection reset by peer +# this is a temporary failure and happens very often, so we +# ignore it + I stunnel:.*Connection reset by peer -- cgit v1.2.3 From 5b15447055de66f30bc7f036a588dec4638b9a7d Mon Sep 17 00:00:00 2001 From: varac Date: Wed, 26 Feb 2014 14:52:04 +0100 Subject: check syslog for webapp errors --- .../modules/site_check_mk/files/agent/logwatch/syslog/webapp.cfg | 2 ++ puppet/modules/site_check_mk/manifests/agent/webapp.pp | 9 +++++++++ 2 files changed, 11 insertions(+) create mode 100644 puppet/modules/site_check_mk/files/agent/logwatch/syslog/webapp.cfg create mode 100644 puppet/modules/site_check_mk/manifests/agent/webapp.pp (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/webapp.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/webapp.cfg new file mode 100644 index 00000000..14fcf34a --- /dev/null +++ b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/webapp.cfg @@ -0,0 +1,2 @@ +# check for webapp errors + C webapp.*Could not connect to couch database messages due to 401 Unauthorized: {"error":"unauthorized","reason":"You are not a server admin."} diff --git a/puppet/modules/site_check_mk/manifests/agent/webapp.pp b/puppet/modules/site_check_mk/manifests/agent/webapp.pp new file mode 100644 index 00000000..dc2baf19 --- /dev/null +++ b/puppet/modules/site_check_mk/manifests/agent/webapp.pp @@ -0,0 +1,9 @@ +class site_check_mk::agent::webapp { + + concat::fragment { 'syslog_webapp': + source => 'puppet:///modules/site_check_mk/agent/logwatch/syslog/webapp.cfg', + target => '/etc/check_mk/logwatch.d/syslog.cfg', + order => '02'; + } + +} -- cgit v1.2.3 From fa75c9406b1c4cfeccca046ba01d108b681e53fe Mon Sep 17 00:00:00 2001 From: varac Date: Wed, 26 Feb 2014 15:20:34 +0100 Subject: ignore RoutingErrors that rails throw when it can't handle a url (#5173) --- puppet/modules/site_check_mk/files/agent/logwatch/syslog/webapp.cfg | 3 +++ 1 file changed, 3 insertions(+) (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/webapp.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/webapp.cfg index 14fcf34a..00f9c7fd 100644 --- a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/webapp.cfg +++ b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/webapp.cfg @@ -1,2 +1,5 @@ # check for webapp errors C webapp.*Could not connect to couch database messages due to 401 Unauthorized: {"error":"unauthorized","reason":"You are not a server admin."} +# ignore RoutingErrors that rails throw when it can't handle a url +# see https://leap.se/code/issues/5173 + I webapp.*ActionController::RoutingError -- cgit v1.2.3 From fdb0e27d6df35b511e4883becf3bc2afb945550b Mon Sep 17 00:00:00 2001 From: varac Date: Wed, 26 Feb 2014 15:30:54 +0100 Subject: check syslog for 'Undefined' logpattern --- puppet/modules/site_check_mk/files/agent/logwatch/syslog.cfg | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/syslog.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/syslog.cfg index 52c479ef..f3505c1c 100644 --- a/puppet/modules/site_check_mk/files/agent/logwatch/syslog.cfg +++ b/puppet/modules/site_check_mk/files/agent/logwatch/syslog.cfg @@ -1,4 +1,5 @@ /var/log/syslog +# some general patterns C panic C Oops I Error: Driver 'pcspkr' is already registered, aborting... @@ -6,3 +7,6 @@ C error W generic protection rip W .*Unrecovered read error - auto reallocate failed +# 401 Unauthorized error logged by webapp and possible other +# applications + C Unauthorized -- cgit v1.2.3 From 66cc1345c3af4e814d98c8e4b90d90158ac9d399 Mon Sep 17 00:00:00 2001 From: varac Date: Wed, 26 Feb 2014 15:53:12 +0100 Subject: ignore valid log patterns from bigcouch.log --- puppet/modules/site_check_mk/files/agent/logwatch/bigcouch.cfg | 5 +++++ 1 file changed, 5 insertions(+) (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/bigcouch.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/bigcouch.cfg index ee64b3c0..a1eb1312 100644 --- a/puppet/modules/site_check_mk/files/agent/logwatch/bigcouch.cfg +++ b/puppet/modules/site_check_mk/files/agent/logwatch/bigcouch.cfg @@ -8,3 +8,8 @@ C error C Connection attempt from disallowed node W Shutting down group server +# ignore requests that are fine + I undefined - -.*200$ + I undefined - -.*201$ + I 127.0.0.1 undefined.* ok + I 127.0.0.1 localhost:5984 .* ok -- cgit v1.2.3 From 2209afd630a75335e26516c6d9fa1c796bca8a49 Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 27 Feb 2014 18:01:34 +0100 Subject: check webapp login (Feature #5172) --- puppet/modules/site_check_mk/manifests/agent/webapp.pp | 9 +++++++++ 1 file changed, 9 insertions(+) (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/manifests/agent/webapp.pp b/puppet/modules/site_check_mk/manifests/agent/webapp.pp index dc2baf19..48fa0828 100644 --- a/puppet/modules/site_check_mk/manifests/agent/webapp.pp +++ b/puppet/modules/site_check_mk/manifests/agent/webapp.pp @@ -1,5 +1,14 @@ class site_check_mk::agent::webapp { + # check webapp login + package { 'python-srp': ensure => installed } + file { '/usr/lib/check_mk_agent/local/nagios-webapp_login.py': + ensure => link, + target => '/srv/leap/webapp/test/nagios/webapp_login.py' + } + + + # check syslog concat::fragment { 'syslog_webapp': source => 'puppet:///modules/site_check_mk/agent/logwatch/syslog/webapp.cfg', target => '/etc/check_mk/logwatch.d/syslog.cfg', -- cgit v1.2.3 From 89c5fd126f73dff0bd4258ec51ad03f523d64ade Mon Sep 17 00:00:00 2001 From: varac Date: Fri, 28 Feb 2014 00:40:07 +0100 Subject: install more needed packages for webapp login check --- puppet/modules/site_check_mk/manifests/agent/webapp.pp | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/manifests/agent/webapp.pp b/puppet/modules/site_check_mk/manifests/agent/webapp.pp index 48fa0828..932d6bb9 100644 --- a/puppet/modules/site_check_mk/manifests/agent/webapp.pp +++ b/puppet/modules/site_check_mk/manifests/agent/webapp.pp @@ -1,7 +1,9 @@ class site_check_mk::agent::webapp { # check webapp login - package { 'python-srp': ensure => installed } + package { [ 'python-srp', 'python-requests', 'python-yaml' ]: + ensure => installed + } file { '/usr/lib/check_mk_agent/local/nagios-webapp_login.py': ensure => link, target => '/srv/leap/webapp/test/nagios/webapp_login.py' -- cgit v1.2.3 From 08f0fa4c8b1853db04835f407350c052ccfdb3d8 Mon Sep 17 00:00:00 2001 From: varac Date: Fri, 28 Feb 2014 00:41:44 +0100 Subject: don't displa ycontext for errors in bigcouch.log (reported too many context lines), ignore patterns first --- .../modules/site_check_mk/files/agent/logwatch/bigcouch.cfg | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/bigcouch.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/bigcouch.cfg index a1eb1312..92c5eb5a 100644 --- a/puppet/modules/site_check_mk/files/agent/logwatch/bigcouch.cfg +++ b/puppet/modules/site_check_mk/files/agent/logwatch/bigcouch.cfg @@ -1,4 +1,9 @@ -/opt/bigcouch/var/log/bigcouch.log +/opt/bigcouch/var/log/bigcouch.log nocontext=1 +# ignore requests that are fine + I undefined - -.*200$ + I undefined - -.*201$ + I 127.0.0.1 undefined.* ok + I 127.0.0.1 localhost:5984 .* ok C Uncaught error in HTTP request: {exit, C Uncaught error in HTTP request: {exit,normal} C Uncaught error in HTTP request: {error, @@ -8,8 +13,3 @@ C error C Connection attempt from disallowed node W Shutting down group server -# ignore requests that are fine - I undefined - -.*200$ - I undefined - -.*201$ - I 127.0.0.1 undefined.* ok - I 127.0.0.1 localhost:5984 .* ok -- cgit v1.2.3 From f802fcdc7396d8a3b804be6480adb8611638f2c0 Mon Sep 17 00:00:00 2001 From: varac Date: Fri, 28 Feb 2014 01:18:33 +0100 Subject: Make leap_cli tests accessible for check_mk (Feature #5148) --- .../files/agent/local_checks/all_hosts/run_node_tests.sh | 5 +++++ puppet/modules/site_check_mk/manifests/agent.pp | 5 +++++ 2 files changed, 10 insertions(+) create mode 100644 puppet/modules/site_check_mk/files/agent/local_checks/all_hosts/run_node_tests.sh (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/agent/local_checks/all_hosts/run_node_tests.sh b/puppet/modules/site_check_mk/files/agent/local_checks/all_hosts/run_node_tests.sh new file mode 100644 index 00000000..1dd0afc9 --- /dev/null +++ b/puppet/modules/site_check_mk/files/agent/local_checks/all_hosts/run_node_tests.sh @@ -0,0 +1,5 @@ +#!/bin/sh +# +# runs node tests + +/srv/leap/bin/run_tests --checkmk diff --git a/puppet/modules/site_check_mk/manifests/agent.pp b/puppet/modules/site_check_mk/manifests/agent.pp index efb05b37..b752182e 100644 --- a/puppet/modules/site_check_mk/manifests/agent.pp +++ b/puppet/modules/site_check_mk/manifests/agent.pp @@ -18,6 +18,11 @@ class site_check_mk::agent { ensure => directory, } + file { '/usr/lib/check_mk_agent/local/run_node_tests.sh': + source => 'puppet:///modules/site_check_mk/agent/local_checks/all_hosts/run_node_tests.sh', + mode => '0755' + } + include site_check_mk::agent::mrpe include site_check_mk::agent::logwatch } -- cgit v1.2.3 From c7af5055fd9f255357a8dcd6e318c7a15a3b709c Mon Sep 17 00:00:00 2001 From: varac Date: Fri, 28 Feb 2014 21:53:12 +0100 Subject: check leap_mx queue --- .../files/agent/local_checks/mx/check_leap_mx.sh | 33 ++++++++++++++++++++++ puppet/modules/site_check_mk/manifests/agent/mx.pp | 8 ++++++ 2 files changed, 41 insertions(+) create mode 100755 puppet/modules/site_check_mk/files/agent/local_checks/mx/check_leap_mx.sh create mode 100644 puppet/modules/site_check_mk/manifests/agent/mx.pp (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/agent/local_checks/mx/check_leap_mx.sh b/puppet/modules/site_check_mk/files/agent/local_checks/mx/check_leap_mx.sh new file mode 100755 index 00000000..2958d2ed --- /dev/null +++ b/puppet/modules/site_check_mk/files/agent/local_checks/mx/check_leap_mx.sh @@ -0,0 +1,33 @@ +#!/bin/bash + + +WARN=1 +CRIT=5 + +# in minutes +MAXAGE=10 + +STATUS[0]='OK' +STATUS[1]='Warning' +STATUS[2]='Critical' +CHECKNAME='Leap_MX_Queue' + +WATCHDIR='/var/mail/vmail/Maildir/new/' + + +total=`find $WATCHDIR -type f -mmin +$MAXAGE | wc -l` + +if [ $total -lt $WARN ] +then + exitcode=0 +else + if [ $total -le $CRIT ] + then + exitcode=1 + else + exitcode=2 + fi +fi + +echo "$exitcode $CHECKNAME stale_files=$total ${STATUS[exitcode]}: $total stale files (>=$MAXAGE min) in $WATCHDIR." + diff --git a/puppet/modules/site_check_mk/manifests/agent/mx.pp b/puppet/modules/site_check_mk/manifests/agent/mx.pp new file mode 100644 index 00000000..c4d3ea13 --- /dev/null +++ b/puppet/modules/site_check_mk/manifests/agent/mx.pp @@ -0,0 +1,8 @@ +class site_check_mk::agent::mx { + + file { '/usr/lib/check_mk_agent/local/check_leap_mx.sh': + source => 'puppet:///modules/site_check_mk/agent/local_checks/mx/check_leap_mx.sh', + mode => '0755' + } + +} -- cgit v1.2.3 From 34b7c8ebb3462fea880c848d960261cabd4a6a9f Mon Sep 17 00:00:00 2001 From: varac Date: Fri, 28 Feb 2014 22:56:16 +0100 Subject: check soledad.log for 'Timing out client:' --- puppet/modules/site_check_mk/files/agent/logwatch/soledad.cfg | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/soledad.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/soledad.cfg index 54b782d3..0f4c9469 100644 --- a/puppet/modules/site_check_mk/files/agent/logwatch/soledad.cfg +++ b/puppet/modules/site_check_mk/files/agent/logwatch/soledad.cfg @@ -1,4 +1,4 @@ /var/log/soledad.log C WSGI application error C error - + W Timing out client: -- cgit v1.2.3 From efb262a0337493b7a7954ccdd72119d8519370af Mon Sep 17 00:00:00 2001 From: varac Date: Fri, 28 Feb 2014 23:05:52 +0100 Subject: check leap_mx (Feature #5175) --- .../modules/site_check_mk/files/agent/logwatch/leap_mx.cfg | 4 ++++ puppet/modules/site_check_mk/manifests/agent/mx.pp | 14 ++++++++++++++ 2 files changed, 18 insertions(+) create mode 100644 puppet/modules/site_check_mk/files/agent/logwatch/leap_mx.cfg (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/leap_mx.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/leap_mx.cfg new file mode 100644 index 00000000..c71c5392 --- /dev/null +++ b/puppet/modules/site_check_mk/files/agent/logwatch/leap_mx.cfg @@ -0,0 +1,4 @@ +/var/log/leap_mx.log + W Don't know how to deliver mail + W No public key, stopping the processing chain + diff --git a/puppet/modules/site_check_mk/manifests/agent/mx.pp b/puppet/modules/site_check_mk/manifests/agent/mx.pp index c4d3ea13..2dd50400 100644 --- a/puppet/modules/site_check_mk/manifests/agent/mx.pp +++ b/puppet/modules/site_check_mk/manifests/agent/mx.pp @@ -1,5 +1,19 @@ class site_check_mk::agent::mx { + # watch logs + file { '/etc/check_mk/logwatch.d/leap_mx.cfg': + source => 'puppet:///modules/site_check_mk/agent/logwatch/leap_mx.cfg', + } + + # local nagios plugin checks via mrpe + file_line { + 'Leap_MX_Procs': + line => 'Leap_MX_Procs /usr/lib/nagios/plugins/check_procs -w 1:1 -c 1:1 -a leap_mx', + path => '/etc/check_mk/mrpe.cfg'; + } + + + # check stale files in queue dir file { '/usr/lib/check_mk_agent/local/check_leap_mx.sh': source => 'puppet:///modules/site_check_mk/agent/local_checks/mx/check_leap_mx.sh', mode => '0755' -- cgit v1.2.3 From 5dd248238cdf5ab27232ecf426aada05503d2b10 Mon Sep 17 00:00:00 2001 From: varac Date: Mon, 3 Mar 2014 17:17:02 +0100 Subject: check syslog for bigcouch restarts --- puppet/modules/site_check_mk/files/agent/logwatch/bigcouch.cfg | 1 + 1 file changed, 1 insertion(+) (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/bigcouch.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/bigcouch.cfg index 92c5eb5a..3f6cc413 100644 --- a/puppet/modules/site_check_mk/files/agent/logwatch/bigcouch.cfg +++ b/puppet/modules/site_check_mk/files/agent/logwatch/bigcouch.cfg @@ -13,3 +13,4 @@ C error C Connection attempt from disallowed node W Shutting down group server + W Apache CouchDB has started -- cgit v1.2.3 From 8811b41222a98037eaae9bb0de1835c3c0282178 Mon Sep 17 00:00:00 2001 From: varac Date: Mon, 3 Mar 2014 17:18:41 +0100 Subject: check soledad.log also for Upper case pattern 'Error' --- puppet/modules/site_check_mk/files/agent/logwatch/soledad.cfg | 1 + 1 file changed, 1 insertion(+) (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/soledad.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/soledad.cfg index 0f4c9469..623d1e46 100644 --- a/puppet/modules/site_check_mk/files/agent/logwatch/soledad.cfg +++ b/puppet/modules/site_check_mk/files/agent/logwatch/soledad.cfg @@ -1,4 +1,5 @@ /var/log/soledad.log C WSGI application error + C Error C error W Timing out client: -- cgit v1.2.3 From ba6edc92bc27f219401b5610d2f99d679fbc865f Mon Sep 17 00:00:00 2001 From: varac Date: Mon, 3 Mar 2014 17:19:32 +0100 Subject: check syslog for bigcouch error "epmd: got partial packet only on file descriptor" --- puppet/modules/site_check_mk/files/agent/logwatch/syslog/couchdb.cfg | 2 ++ 1 file changed, 2 insertions(+) (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/couchdb.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/couchdb.cfg index 5f8d5b95..c92b5af7 100644 --- a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/couchdb.cfg +++ b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/couchdb.cfg @@ -1,2 +1,4 @@ C /usr/local/bin/couch-doc-update.*failed C /usr/local/bin/couch-doc-update.*ERROR + W epmd: got partial packet only on file descriptor + -- cgit v1.2.3 From 0152667c246e1f835021ad13f3df00a6c08eb5c0 Mon Sep 17 00:00:00 2001 From: varac Date: Mon, 3 Mar 2014 17:20:56 +0100 Subject: ignore stunnel pattern "Peer suddenly disconnected" (#5218) --- puppet/modules/site_check_mk/files/agent/logwatch/syslog/stunnel.cfg | 1 + 1 file changed, 1 insertion(+) (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/stunnel.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/stunnel.cfg index cf7ebca8..a4e428b4 100644 --- a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/stunnel.cfg +++ b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/stunnel.cfg @@ -3,3 +3,4 @@ # this is a temporary failure and happens very often, so we # ignore it I stunnel:.*Connection reset by peer + I stunnel:.*Peer suddenly disconnected -- cgit v1.2.3 From 984939c4a74b71ce67db27a035ca5017f82c416f Mon Sep 17 00:00:00 2001 From: varac Date: Mon, 3 Mar 2014 17:32:42 +0100 Subject: move generic syslog patterns to the end of syslog.cfg so we can ignore patterns first --- puppet/modules/site_check_mk/files/agent/logwatch/syslog.cfg | 12 ------------ .../site_check_mk/files/agent/logwatch/syslog_header.cfg | 1 + .../site_check_mk/files/agent/logwatch/syslog_tail.cfg | 11 +++++++++++ .../modules/site_check_mk/manifests/agent/logwatch/syslog.pp | 7 ++++++- 4 files changed, 18 insertions(+), 13 deletions(-) delete mode 100644 puppet/modules/site_check_mk/files/agent/logwatch/syslog.cfg create mode 100644 puppet/modules/site_check_mk/files/agent/logwatch/syslog_header.cfg create mode 100644 puppet/modules/site_check_mk/files/agent/logwatch/syslog_tail.cfg (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/syslog.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/syslog.cfg deleted file mode 100644 index f3505c1c..00000000 --- a/puppet/modules/site_check_mk/files/agent/logwatch/syslog.cfg +++ /dev/null @@ -1,12 +0,0 @@ -/var/log/syslog -# some general patterns - C panic - C Oops - I Error: Driver 'pcspkr' is already registered, aborting... - C Error - C error - W generic protection rip - W .*Unrecovered read error - auto reallocate failed -# 401 Unauthorized error logged by webapp and possible other -# applications - C Unauthorized diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/syslog_header.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/syslog_header.cfg new file mode 100644 index 00000000..f60d752b --- /dev/null +++ b/puppet/modules/site_check_mk/files/agent/logwatch/syslog_header.cfg @@ -0,0 +1 @@ +/var/log/syslog diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/syslog_tail.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/syslog_tail.cfg new file mode 100644 index 00000000..450b9e90 --- /dev/null +++ b/puppet/modules/site_check_mk/files/agent/logwatch/syslog_tail.cfg @@ -0,0 +1,11 @@ +# some general patterns + C panic + C Oops + I Error: Driver 'pcspkr' is already registered, aborting... + C Error + C error + W generic protection rip + W .*Unrecovered read error - auto reallocate failed +# 401 Unauthorized error logged by webapp and possible other +# applications + C Unauthorized diff --git a/puppet/modules/site_check_mk/manifests/agent/logwatch/syslog.pp b/puppet/modules/site_check_mk/manifests/agent/logwatch/syslog.pp index ac3dda64..c927780d 100644 --- a/puppet/modules/site_check_mk/manifests/agent/logwatch/syslog.pp +++ b/puppet/modules/site_check_mk/manifests/agent/logwatch/syslog.pp @@ -5,9 +5,14 @@ class site_check_mk::agent::logwatch::syslog { } concat::fragment { 'syslog_header': - source => 'puppet:///modules/site_check_mk/agent/logwatch/syslog.cfg', + source => 'puppet:///modules/site_check_mk/agent/logwatch/syslog_header.cfg', target => '/etc/check_mk/logwatch.d/syslog.cfg', order => '01'; } + concat::fragment { 'syslog_tail': + source => 'puppet:///modules/site_check_mk/agent/logwatch/syslog_tail.cfg', + target => '/etc/check_mk/logwatch.d/syslog.cfg', + order => '99'; + } } -- cgit v1.2.3 From 851aaacb3ba3e746dd966e9477b7a3a289b0bf61 Mon Sep 17 00:00:00 2001 From: varac Date: Mon, 3 Mar 2014 23:17:56 +0100 Subject: ignore "Uncaught error in HTTP request: {exit, normal}" error (#5226) --- puppet/modules/site_check_mk/files/agent/logwatch/bigcouch.cfg | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/bigcouch.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/bigcouch.cfg index 3f6cc413..96bf190c 100644 --- a/puppet/modules/site_check_mk/files/agent/logwatch/bigcouch.cfg +++ b/puppet/modules/site_check_mk/files/agent/logwatch/bigcouch.cfg @@ -4,8 +4,11 @@ I undefined - -.*201$ I 127.0.0.1 undefined.* ok I 127.0.0.1 localhost:5984 .* ok - C Uncaught error in HTTP request: {exit, - C Uncaught error in HTTP request: {exit,normal} + # ignore "Uncaught error in HTTP request: {exit, normal}" error + # it's suppressed in later versions of bigcouch anhow + # see https://leap.se/code/issues/5226 + I Uncaught error in HTTP request: {exit,normal} + I Uncaught error in HTTP request: {exit, C Uncaught error in HTTP request: {error, C Response abnormally terminated: {nodedown, C rexi_DOWN,noproc -- cgit v1.2.3 From 236d996a76b42fdf1adbc519813e2318571cbf08 Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 4 Mar 2014 00:37:46 +0100 Subject: ignore 'epmd: got partial packet only on file descriptor' (#5244) --- puppet/modules/site_check_mk/files/agent/logwatch/syslog/couchdb.cfg | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/couchdb.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/couchdb.cfg index c92b5af7..a5438e61 100644 --- a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/couchdb.cfg +++ b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/couchdb.cfg @@ -1,4 +1,7 @@ C /usr/local/bin/couch-doc-update.*failed C /usr/local/bin/couch-doc-update.*ERROR - W epmd: got partial packet only on file descriptor +# on one-node bigcouch setups, we'll get this msg +# a lot, so we ignore it here until we fix +# https://leap.se/code/issues/5244 + I epmd: got partial packet only on file descriptor -- cgit v1.2.3 From 3ffaf0bc613228f9639f50c6ace966778af52111 Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 4 Mar 2014 01:02:34 +0100 Subject: ignore stunnel 'Connection refused' errors that happen too often until we fix #5218 --- .../site_check_mk/files/agent/logwatch/syslog/stunnel.cfg | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/stunnel.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/stunnel.cfg index a4e428b4..865c9b9b 100644 --- a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/stunnel.cfg +++ b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/stunnel.cfg @@ -1,6 +1,9 @@ # check for stunnel failures - C stunnel:.*Connection refused -# this is a temporary failure and happens very often, so we -# ignore it +# +# those are temporary failure and happen very often, so we +# ignore them until we tuned stunnel timeouts/logging, +# see https://leap.se/code/issues/5218 I stunnel:.*Connection reset by peer I stunnel:.*Peer suddenly disconnected + I stunnel:.*Connection refused + -- cgit v1.2.3 From 02a2a74058de9e541822a88e7b5872cdb5cbe45f Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 4 Mar 2014 13:48:06 +0100 Subject: ignore failing creation of user-dbs by tapicero, see #5168 --- .../modules/site_check_mk/files/agent/logwatch/syslog/tapicero.cfg | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/tapicero.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/tapicero.cfg index 9983d27c..a39cb504 100644 --- a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/tapicero.cfg +++ b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/tapicero.cfg @@ -3,5 +3,11 @@ # instances, so we ignore it # see https://leap.se/code/issues/5168 I tapicero.*RestClient::PreconditionFailed: +# until we can analyze multiline patterns with +# check_mk logwatch, we unfortunatly need ignore this +# line too, which shows up in combination with the +# above PreconditionFailed error. +# see https://leap.se/code/issues/4821#note-5 + I tapicero.*Creating database.*failed due to: C tapicero.*failed W tapicero.*Couch stream ended unexpectedly. -- cgit v1.2.3 From e85bc5c99fc2d1d09a86aa7a5c8ad4038dd2de47 Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 4 Mar 2014 14:57:01 +0100 Subject: ignore bigcouch 'Shutting down group server' error (#5246) --- puppet/modules/site_check_mk/files/agent/logwatch/bigcouch.cfg | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/bigcouch.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/bigcouch.cfg index 96bf190c..28f333b0 100644 --- a/puppet/modules/site_check_mk/files/agent/logwatch/bigcouch.cfg +++ b/puppet/modules/site_check_mk/files/agent/logwatch/bigcouch.cfg @@ -4,6 +4,8 @@ I undefined - -.*201$ I 127.0.0.1 undefined.* ok I 127.0.0.1 localhost:5984 .* ok + # https://leap.se/code/issues/5246 + I Shutting down group server # ignore "Uncaught error in HTTP request: {exit, normal}" error # it's suppressed in later versions of bigcouch anhow # see https://leap.se/code/issues/5226 @@ -15,5 +17,4 @@ C rexi_DOWN,noconnection C error C Connection attempt from disallowed node - W Shutting down group server W Apache CouchDB has started -- cgit v1.2.3 From 32217e18179687cd4adde350379c57c7f96ca59f Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 4 Mar 2014 15:16:39 +0100 Subject: fix check_mk resource dependencies (Bug #5145) --- .../modules/site_check_mk/manifests/agent/logwatch.pp | 6 ++++-- puppet/modules/site_check_mk/manifests/agent/mrpe.pp | 3 ++- puppet/modules/site_check_mk/manifests/server.pp | 19 +++++++++++++------ 3 files changed, 19 insertions(+), 9 deletions(-) (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/manifests/agent/logwatch.pp b/puppet/modules/site_check_mk/manifests/agent/logwatch.pp index 38514af2..4c249e6f 100644 --- a/puppet/modules/site_check_mk/manifests/agent/logwatch.pp +++ b/puppet/modules/site_check_mk/manifests/agent/logwatch.pp @@ -4,8 +4,9 @@ class site_check_mk::agent::logwatch { # see https://leap.se/code/issues/5135 file { '/usr/lib/check_mk_agent/plugins/mk_logwatch': - source => 'puppet:///modules/site_check_mk/agent/plugins/mk_logwatch.1.2.4', - mode => '0755' + source => 'puppet:///modules/site_check_mk/agent/plugins/mk_logwatch.1.2.4', + mode => '0755', + require => Package['check-mk-agent'] } # only config files that watch a distinct logfile should go in logwatch.d/ @@ -13,6 +14,7 @@ class site_check_mk::agent::logwatch { ensure => directory, recurse => true, purge => true, + require => Package['check-mk-server'] } # service that share a common logfile (i.e. /var/log/syslog) need to get diff --git a/puppet/modules/site_check_mk/manifests/agent/mrpe.pp b/puppet/modules/site_check_mk/manifests/agent/mrpe.pp index 37df7f74..7222e4e1 100644 --- a/puppet/modules/site_check_mk/manifests/agent/mrpe.pp +++ b/puppet/modules/site_check_mk/manifests/agent/mrpe.pp @@ -8,7 +8,8 @@ class site_check_mk::agent::mrpe { } file { '/etc/check_mk/mrpe.cfg': - ensure => present + ensure => present, + require => Package['check-mk-server'] } -> file_line { 'Apt': line => 'APT /usr/lib/nagios/plugins/check_apt', diff --git a/puppet/modules/site_check_mk/manifests/server.pp b/puppet/modules/site_check_mk/manifests/server.pp index 0c98cd5a..d1bc5930 100644 --- a/puppet/modules/site_check_mk/manifests/server.pp +++ b/puppet/modules/site_check_mk/manifests/server.pp @@ -25,25 +25,32 @@ class site_check_mk::server { require => Package['check-mk-server'] } - Exec['check_mk-reload'] -> Service['nagios'] + Exec['check_mk-reload'] -> + Exec['check_mk-refresh-inventory-daily'] -> + Service['nagios'] file { '/etc/check_mk/conf.d/use_ssh.mk': content => template('site_check_mk/use_ssh.mk'), - notify => Exec['check_mk-refresh']; + notify => Exec['check_mk-refresh'], + require => Package['check-mk-server']; '/etc/check_mk/all_hosts_static': content => $all_hosts, - notify => Exec['check_mk-refresh']; + notify => Exec['check_mk-refresh'], + require => Package['check-mk-server']; '/etc/check_mk/.ssh': - ensure => directory; + ensure => directory, + require => Package['check-mk-server']; '/etc/check_mk/.ssh/id_rsa': content => $seckey, owner => 'nagios', - mode => '0600'; + mode => '0600', + require => Package['check-mk-server']; '/etc/check_mk/.ssh/id_rsa.pub': content => "${type} ${pubkey} monitor", owner => 'nagios', - mode => '0644'; + mode => '0644', + require => Package['check-mk-server']; # check_icmp must be suid root or called by sudo # see https://leap.se/code/issues/5171 '/usr/lib/nagios/plugins/check_icmp': -- cgit v1.2.3 From 8c43ea97e565cc7a76ea15964249a9fb6edccbfb Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 4 Mar 2014 16:37:24 +0100 Subject: don't use storedconfigs for check_mk, requires current check_mk module (#5253) --- puppet/modules/site_check_mk/manifests/server.pp | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/manifests/server.pp b/puppet/modules/site_check_mk/manifests/server.pp index d1bc5930..e544ef0d 100644 --- a/puppet/modules/site_check_mk/manifests/server.pp +++ b/puppet/modules/site_check_mk/manifests/server.pp @@ -17,12 +17,13 @@ class site_check_mk::server { # override paths to use the system check_mk rather than OMD class { 'check_mk::config': - site => '', - etc_dir => '/etc', - nagios_subdir => 'nagios3', - bin_dir => '/usr/bin', - host_groups => undef, - require => Package['check-mk-server'] + site => '', + etc_dir => '/etc', + nagios_subdir => 'nagios3', + bin_dir => '/usr/bin', + host_groups => undef, + use_storedconfigs => false, + require => Package['check-mk-server'] } Exec['check_mk-reload'] -> -- cgit v1.2.3 From c1dca55e9a9a6827ffcce120523e7a27e113f3c7 Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 4 Mar 2014 16:45:18 +0100 Subject: use curly brackets for variables in check_leap_mx.sh output, see https://review.leap.se/r/160/#comment156 --- .../modules/site_check_mk/files/agent/local_checks/mx/check_leap_mx.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/agent/local_checks/mx/check_leap_mx.sh b/puppet/modules/site_check_mk/files/agent/local_checks/mx/check_leap_mx.sh index 2958d2ed..b8687c9a 100755 --- a/puppet/modules/site_check_mk/files/agent/local_checks/mx/check_leap_mx.sh +++ b/puppet/modules/site_check_mk/files/agent/local_checks/mx/check_leap_mx.sh @@ -29,5 +29,5 @@ else fi fi -echo "$exitcode $CHECKNAME stale_files=$total ${STATUS[exitcode]}: $total stale files (>=$MAXAGE min) in $WATCHDIR." +echo "${exitcode} ${CHECKNAME} stale_files=${total} ${STATUS[exitcode]}: ${total} stale files (>=${MAXAGE} min) in ${WATCHDIR}." -- cgit v1.2.3 From 3b7c8e273a0e75e58c736b2eacf89b4c7b9d81e5 Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 4 Mar 2014 18:56:10 +0100 Subject: remove trailing whitespaces from logwatch config files --- puppet/modules/site_check_mk/files/agent/logwatch/logwatch.cfg | 2 +- puppet/modules/site_check_mk/files/agent/logwatch/syslog/couchdb.cfg | 2 +- puppet/modules/site_check_mk/files/agent/logwatch/syslog/stunnel.cfg | 4 ++-- puppet/modules/site_check_mk/files/agent/logwatch/syslog/tapicero.cfg | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/logwatch.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/logwatch.cfg index c4acae40..4f16d1bd 100644 --- a/puppet/modules/site_check_mk/files/agent/logwatch/logwatch.cfg +++ b/puppet/modules/site_check_mk/files/agent/logwatch/logwatch.cfg @@ -8,7 +8,7 @@ /var/log/messages # Patterns are indented with one space are prefixed with: # C: Critical messages -# W: Warning messages +# W: Warning messages # I: ignore these lines (OK) # The first match decided. Lines that do not match any pattern # are ignored diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/couchdb.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/couchdb.cfg index a5438e61..f546135a 100644 --- a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/couchdb.cfg +++ b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/couchdb.cfg @@ -1,7 +1,7 @@ C /usr/local/bin/couch-doc-update.*failed C /usr/local/bin/couch-doc-update.*ERROR # on one-node bigcouch setups, we'll get this msg -# a lot, so we ignore it here until we fix +# a lot, so we ignore it here until we fix # https://leap.se/code/issues/5244 I epmd: got partial packet only on file descriptor diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/stunnel.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/stunnel.cfg index 865c9b9b..eb3131f2 100644 --- a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/stunnel.cfg +++ b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/stunnel.cfg @@ -1,7 +1,7 @@ # check for stunnel failures # -# those are temporary failure and happen very often, so we -# ignore them until we tuned stunnel timeouts/logging, +# these are temporary failures and happen very often, so we +# ignore them until we tuned stunnel timeouts/logging, # see https://leap.se/code/issues/5218 I stunnel:.*Connection reset by peer I stunnel:.*Peer suddenly disconnected diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/tapicero.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/tapicero.cfg index a39cb504..7f43a18c 100644 --- a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/tapicero.cfg +++ b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/tapicero.cfg @@ -3,7 +3,7 @@ # instances, so we ignore it # see https://leap.se/code/issues/5168 I tapicero.*RestClient::PreconditionFailed: -# until we can analyze multiline patterns with +# until we can analyze multiline patterns with # check_mk logwatch, we unfortunatly need ignore this # line too, which shows up in combination with the # above PreconditionFailed error. -- cgit v1.2.3 From 8bf1fa304a047fd74538345d1ffa5c2c4312dd55 Mon Sep 17 00:00:00 2001 From: varac Date: Wed, 5 Mar 2014 16:08:41 +0100 Subject: use the right package dependencies for site_check_mk::agent class and subclasses --- puppet/modules/site_check_mk/manifests/agent/logwatch.pp | 4 ++-- puppet/modules/site_check_mk/manifests/agent/mrpe.pp | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/manifests/agent/logwatch.pp b/puppet/modules/site_check_mk/manifests/agent/logwatch.pp index 4c249e6f..423cace2 100644 --- a/puppet/modules/site_check_mk/manifests/agent/logwatch.pp +++ b/puppet/modules/site_check_mk/manifests/agent/logwatch.pp @@ -6,7 +6,7 @@ class site_check_mk::agent::logwatch { file { '/usr/lib/check_mk_agent/plugins/mk_logwatch': source => 'puppet:///modules/site_check_mk/agent/plugins/mk_logwatch.1.2.4', mode => '0755', - require => Package['check-mk-agent'] + require => Package['check-mk-agent-logwatch'] } # only config files that watch a distinct logfile should go in logwatch.d/ @@ -14,7 +14,7 @@ class site_check_mk::agent::logwatch { ensure => directory, recurse => true, purge => true, - require => Package['check-mk-server'] + require => Package['check-mk-agent-logwatch'] } # service that share a common logfile (i.e. /var/log/syslog) need to get diff --git a/puppet/modules/site_check_mk/manifests/agent/mrpe.pp b/puppet/modules/site_check_mk/manifests/agent/mrpe.pp index 7222e4e1..6921574f 100644 --- a/puppet/modules/site_check_mk/manifests/agent/mrpe.pp +++ b/puppet/modules/site_check_mk/manifests/agent/mrpe.pp @@ -9,7 +9,7 @@ class site_check_mk::agent::mrpe { file { '/etc/check_mk/mrpe.cfg': ensure => present, - require => Package['check-mk-server'] + require => Package['check-mk-agent'] } -> file_line { 'Apt': line => 'APT /usr/lib/nagios/plugins/check_apt', -- cgit v1.2.3 From 0b3cba122d0393540ca1625e56047ac67f457314 Mon Sep 17 00:00:00 2001 From: varac Date: Wed, 12 Mar 2014 23:49:32 +0100 Subject: check if soledad is working (Feature #5239) --- puppet/modules/site_check_mk/manifests/agent/webapp.pp | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/manifests/agent/webapp.pp b/puppet/modules/site_check_mk/manifests/agent/webapp.pp index 932d6bb9..cb160d83 100644 --- a/puppet/modules/site_check_mk/manifests/agent/webapp.pp +++ b/puppet/modules/site_check_mk/manifests/agent/webapp.pp @@ -1,13 +1,17 @@ class site_check_mk::agent::webapp { - # check webapp login - package { [ 'python-srp', 'python-requests', 'python-yaml' ]: + # check webapp login + soledad sync + package { [ 'python-srp', 'python-requests', 'python-yaml', 'python-u1db' ]: ensure => installed } file { '/usr/lib/check_mk_agent/local/nagios-webapp_login.py': ensure => link, target => '/srv/leap/webapp/test/nagios/webapp_login.py' } + file { '/usr/lib/check_mk_agent/local/soledad_sync.py': + ensure => link, + target => '/srv/leap/webapp/test/nagios/soledad_sync.py' + } # check syslog -- cgit v1.2.3 From 8b207aba9c12d1e4b6320ee800de60578b9521cd Mon Sep 17 00:00:00 2001 From: varac Date: Thu, 13 Mar 2014 22:02:01 +0100 Subject: catch errors when tapicero fails to create a userdb (Feature #5306) --- .../modules/site_check_mk/files/agent/logwatch/syslog/tapicero.cfg | 7 +------ 1 file changed, 1 insertion(+), 6 deletions(-) (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/tapicero.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/tapicero.cfg index 7f43a18c..93ce0311 100644 --- a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/tapicero.cfg +++ b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/tapicero.cfg @@ -3,11 +3,6 @@ # instances, so we ignore it # see https://leap.se/code/issues/5168 I tapicero.*RestClient::PreconditionFailed: -# until we can analyze multiline patterns with -# check_mk logwatch, we unfortunatly need ignore this -# line too, which shows up in combination with the -# above PreconditionFailed error. -# see https://leap.se/code/issues/4821#note-5 - I tapicero.*Creating database.*failed due to: + C tapicero.*Creating database.*failed due to: C tapicero.*failed W tapicero.*Couch stream ended unexpectedly. -- cgit v1.2.3 From 1ebece7b07ee721eb888873e47fa512a6a42f807 Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 25 Mar 2014 08:31:20 +0100 Subject: ignore openvpn TLS initialization errors (Feature #5374) --- .../site_check_mk/files/agent/logwatch/syslog/openvpn.cfg | 7 +++++++ puppet/modules/site_check_mk/manifests/agent/openvpn.pp | 10 ++++++++++ 2 files changed, 17 insertions(+) create mode 100644 puppet/modules/site_check_mk/files/agent/logwatch/syslog/openvpn.cfg create mode 100644 puppet/modules/site_check_mk/manifests/agent/openvpn.pp (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/files/agent/logwatch/syslog/openvpn.cfg b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/openvpn.cfg new file mode 100644 index 00000000..d58e876d --- /dev/null +++ b/puppet/modules/site_check_mk/files/agent/logwatch/syslog/openvpn.cfg @@ -0,0 +1,7 @@ +# ignore openvpn TLS initialization errors when clients +# suddenly hangup before properly establishing +# a tls connection + I ovpn-.*TLS Error: Unroutable control packet received from + I ovpn-.*TLS Error: TLS key negotiation failed to occur within 60 seconds (check your network connectivity) + I ovpn-.*TLS Error: TLS handshake failed + diff --git a/puppet/modules/site_check_mk/manifests/agent/openvpn.pp b/puppet/modules/site_check_mk/manifests/agent/openvpn.pp new file mode 100644 index 00000000..919a408d --- /dev/null +++ b/puppet/modules/site_check_mk/manifests/agent/openvpn.pp @@ -0,0 +1,10 @@ +class site_check_mk::agent::openvpn { + + # check syslog + concat::fragment { 'syslog_openpvn': + source => 'puppet:///modules/site_check_mk/agent/logwatch/syslog/openvpn.cfg', + target => '/etc/check_mk/logwatch.d/syslog.cfg', + order => '02'; + } + +} -- cgit v1.2.3 From e3d4c14648ff4e108cec28112c119ee7115a44cb Mon Sep 17 00:00:00 2001 From: varac Date: Tue, 8 Apr 2014 16:39:40 +0200 Subject: fix check_mk resource dependency deploy errors (Bug #5272) --- puppet/modules/site_check_mk/manifests/agent.pp | 20 ++++++++++---------- puppet/modules/site_check_mk/manifests/agent/mx.pp | 5 +++-- .../modules/site_check_mk/manifests/agent/webapp.pp | 10 ++++++---- 3 files changed, 19 insertions(+), 16 deletions(-) (limited to 'puppet/modules/site_check_mk') diff --git a/puppet/modules/site_check_mk/manifests/agent.pp b/puppet/modules/site_check_mk/manifests/agent.pp index b752182e..589041eb 100644 --- a/puppet/modules/site_check_mk/manifests/agent.pp +++ b/puppet/modules/site_check_mk/manifests/agent.pp @@ -4,7 +4,7 @@ class site_check_mk::agent { $pubkey = $ssh_hash['authorized_keys']['monitor']['key'] $type = $ssh_hash['authorized_keys']['monitor']['type'] - include site_apt::preferences::check_mk + class { 'site_apt::preferences::check_mk': } -> class { 'check_mk::agent': agent_package_name => 'check-mk-agent', @@ -12,17 +12,17 @@ class site_check_mk::agent { method => 'ssh', homedir => '/etc/nagios/check_mk', register_agent => false - } + } -> - file { [ '/srv/leap/nagios', '/srv/leap/nagios/plugins' ]: - ensure => directory, - } + class { 'site_check_mk::agent::mrpe': } -> + class { 'site_check_mk::agent::logwatch': } -> - file { '/usr/lib/check_mk_agent/local/run_node_tests.sh': - source => 'puppet:///modules/site_check_mk/agent/local_checks/all_hosts/run_node_tests.sh', - mode => '0755' + file { + [ '/srv/leap/nagios', '/srv/leap/nagios/plugins' ]: + ensure => directory; + '/usr/lib/check_mk_agent/local/run_node_tests.sh': + source => 'puppet:///modules/site_check_mk/agent/local_checks/all_hosts/run_node_tests.sh', + mode => '0755'; } - include site_check_mk::agent::mrpe - include site_check_mk::agent::logwatch } diff --git a/puppet/modules/site_check_mk/manifests/agent/mx.pp b/puppet/modules/site_check_mk/manifests/agent/mx.pp index 2dd50400..35a4e9a5 100644 --- a/puppet/modules/site_check_mk/manifests/agent/mx.pp +++ b/puppet/modules/site_check_mk/manifests/agent/mx.pp @@ -15,8 +15,9 @@ class site_check_mk::agent::mx { # check stale files in queue dir file { '/usr/lib/check_mk_agent/local/check_leap_mx.sh': - source => 'puppet:///modules/site_check_mk/agent/local_checks/mx/check_leap_mx.sh', - mode => '0755' + source => 'puppet:///modules/site_check_mk/agent/local_checks/mx/check_leap_mx.sh', + mode => '0755', + require => Package['check_mk-agent'] } } diff --git a/puppet/modules/site_check_mk/manifests/agent/webapp.pp b/puppet/modules/site_check_mk/manifests/agent/webapp.pp index cb160d83..64f5ea6d 100644 --- a/puppet/modules/site_check_mk/manifests/agent/webapp.pp +++ b/puppet/modules/site_check_mk/manifests/agent/webapp.pp @@ -5,12 +5,14 @@ class site_check_mk::agent::webapp { ensure => installed } file { '/usr/lib/check_mk_agent/local/nagios-webapp_login.py': - ensure => link, - target => '/srv/leap/webapp/test/nagios/webapp_login.py' + ensure => link, + target => '/srv/leap/webapp/test/nagios/webapp_login.py', + require => Package['check_mk-agent'] } file { '/usr/lib/check_mk_agent/local/soledad_sync.py': - ensure => link, - target => '/srv/leap/webapp/test/nagios/soledad_sync.py' + ensure => link, + target => '/srv/leap/webapp/test/nagios/soledad_sync.py', + require => Package['check_mk-agent'] } -- cgit v1.2.3