1 files changed, 111 insertions, 0 deletions

diff --git a/files/plugins/selinux_avcstats b/files/plugins/selinux_avcstats
new file mode 100755
index 0000000..b7d2dbb
--- /dev/null
+++ b/files/plugins/selinux_avcstats
@@ -0,0 +1,111 @@
+#!/bin/sh
+#
+# Plugin to monitor SELinux's Access Vector Cache (AVC).
+#
+#       config   (required)
+#       autoconf (optional - used by munin-config)
+#
+# Lars Strand, 2007
+#
+#
+# Magic markers (used by munin-config and some installation scripts (i.e.
+# optional)):
+#%# family=auto
+#%# capabilities=autoconf
+
+
+AVCSTATS="/selinux/avc/cache_stats"
+
+if [ "$1" = "autoconf" ]; then
+        if [ -r $AVCSTATS ]; then
+                echo yes
+                exit 0
+        else
+                echo no
+                exit 1
+        fi
+fi
+
+if [ "$1" = "config" ]; then
+
+        echo "graph_title SELinux's Access Vector Cache"
+        echo 'graph_args -l 0 --base 1000'
+        echo 'graph_vlabel AVC operations'
+        echo 'graph_category selinux'
+
+        echo 'lookups.label lookups'
+        echo 'lookups.type DERIVE'
+        echo 'lookups.min 0'
+        echo 'lookups.max 1000000000'
+        echo 'lookups.draw AREA'
+        echo 'lookups.colour ff0000' # Red
+        echo 'lookups.info Number of access vector lookups. This number is a good indicator of the load beeing placed on the AVC.'
+
+        echo 'hits.label hits'
+        echo 'hits.type DERIVE'
+        echo 'hits.min 0'
+        echo 'hits.max 1000000000'
+        echo 'hits.draw STACK'
+        echo 'hits.colour 0022ff' # Blue
+        echo 'hits.info Number of access vector hits.'
+
+        echo 'misses.label misses'
+        echo 'misses.type DERIVE'
+        echo 'misses.min 0'
+        echo 'misses.max 1000000000'
+        echo 'misses.draw STACK'
+        echo 'misses.colour 990000' # Darker red
+        echo 'misses.info Number of cache misses.'
+
+        echo 'allocations.label allocations'
+        echo 'allocations.type DERIVE'
+        echo 'allocations.min 0'
+        echo 'allocations.max 100000000'
+        echo 'allocations.draw STACK'
+        echo 'allocations.colour ffa500' # Orange
+        echo 'allocations.info Number of AVC entries allocated.'
+
+        echo 'reclaims.label reclaims'
+        echo 'reclaims.type DERIVE'
+        echo 'reclaims.min 0'
+        echo 'reclaims.max 1000000000'
+        echo 'reclaims.draw STACK'
+        echo 'reclaims.colour 00aaaa' # Darker turquoise
+        echo 'reclaims.info Number of current total reclaimed AVC entries. If this keeps changing, you may need to increase the cache size (/selinux/avc/cache_threshold).'
+
+        echo 'frees.label frees'
+        echo 'frees.type DERIVE'
+        echo 'frees.min 0'
+        echo 'frees.max 1000000000'
+        echo 'frees.draw STACK'
+        echo 'frees.colour 00ff7f' # Spring green
+        echo 'frees.info Number of free AVC entries.'
+
+        exit 0
+fi
+
+if [ -r $AVCSTATS ]; then
+    awk ' NR > 1 {
+        lookups += $1;
+        hits += $2;
+        misses += $3;
+        allocations += $4;
+        reclaims += $5;
+        frees += $6;
+    } END {
+        print "lookups.value " lookups;
+        print "hits.value " hits;
+        print "misses.value " misses;
+        print "allocations.value " allocations;
+        print "reclaims.value " reclaims;
+        print "frees.value " frees;
+    } ' < $AVCSTATS
+else
+    echo "lookups.value U"
+    echo "hits.value U"
+    echo "misses.value U"
+    echo "allocations.value U"
+    echo "reclaims.value U"
+    echo "frees.value U"
+fi
+