zabbix
/
limosek-zaf-plugins
mirror of https://github.com/limosek/zaf-plugins.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Added fail2ban plugin 

Repaired discovery of openssh plugin
1.3
Lukas Macura 2016-04-05 12:46:35 +02:00
parent 507b95ea12
commit 922edfe2cb
4 changed files with 232 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
fail2ban/README.md Normal file
View File

@ -0,0 +1,8 @@
# Plugin fail2ban
Zaf plugin for monitoring fail2ban with LLD
# Credits
2014 dron, jiri.slezka@slu.cz
2016 limo, lukas.macura@slu.cz

71
fail2ban/control.zaf Normal file
View File

@ -0,0 +1,71 @@
Plugin: fail2ban
Description::
Plugin fail2ban
Zaf plugin for monitoring fail2ban with LLD
Credits
2014 dron, jiri.slezka@slu.cz
2016 limo, lukas.macura@slu.cz
::
# Version of the plugin.
Version: 0.1
# Url of plugin location to be able to update plugin
Url: https://raw.githubusercontent.com/limosek/zaf-plugins/master/fail2ban
# Homepage of plugin
Web: https://github.com/limosek/zaf-plugins/
# Maintainer
Maintainer: Lukas Macura <lukas@macura.cz>
# Dependencies
Depends-dpkg: dash curl fail2ban sudo
Depens-opkg: busybox curl fail2ban sudo
Depends-rpm: curl fail2ban sudo
Depends-bin: curl fail2ban-client sudo
# We need to setup sudo to reach fail2ban-client as zabbix user
Install-script::
#!/bin/sh
. $ZAF_LIB_DIR/zaf.lib.sh
if [ -d /etc/sudoers.d ]; then
echo zabbix ALL=NOPASSWD: $(which fail2ban-client) '*' >/etc/sudoers.d/zaf-fail2ban
else
zaf_wrn "Cannot setup sudo. Please do it manualy or run zabbix agent as root."
fi
::
Item banned_actual:
Description::
Returns number of currently banned IPs for jail
::
Parameters: jail
Cmd: sudo fail2ban-client status $1 | grep "Currently banned:" | grep -o -E "[0-9]*"
/Item
Item banned_total:
Description::
Returns number of total banned IPs for jail
::
Parameters: jail
Cmd: sudo fail2ban-client status $1 | grep "Total banned:" | grep -o -E "[0-9]*"
/Item
Item jail_discovery:
Description::
Returns discovered jails
::
Script::
#!/bin/sh
. $ZAF_LIB_DIR/zaf.lib.sh
sudo fail2ban-client status | grep "Jail list" |grep -E -o "([-[:alnum:]]*, )*[-[:alnum:]]*$" | zaf_discovery '{#F2BJAIL}'
::
/Item

150
fail2ban/template.xml Normal file
View File

@ -0,0 +1,150 @@
<?xml version="1.0" encoding="UTF-8"?>
<zabbix_export>
<version>2.0</version>
<date>2014-09-30T10:56:29Z</date>
<groups>
<group>
<name>Templates</name>
</group>
</groups>
<templates>
<template>
<template>Template Zaf fail2ban</template>
<name>Template Zaf fail2ban</name>
<groups>
<group>
<name>Templates</name>
</group>
</groups>
<applications>
<application>
<name>Security</name>
</application>
</applications>
<items/>
<discovery_rules>
<discovery_rule>
<name>Fail2ban jails discovery</name>
<type>0</type>
<snmp_community/>
<snmp_oid/>
<key>fail2ban.jail_discovery</key>
<delay>3600</delay>
<status>0</status>
<allowed_hosts/>
<snmpv3_contextname/>
<snmpv3_securityname/>
<snmpv3_securitylevel>0</snmpv3_securitylevel>
<snmpv3_authprotocol>0</snmpv3_authprotocol>
<snmpv3_authpassphrase/>
<snmpv3_privprotocol>0</snmpv3_privprotocol>
<snmpv3_privpassphrase/>
<delay_flex/>
<params/>
<ipmi_sensor/>
<authtype>0</authtype>
<username/>
<password/>
<publickey/>
<privatekey/>
<port/>
<filter>{#F2BJAIL}:</filter>
<lifetime>30</lifetime>
<description>Discovery of jails from fail2ban daemon.</description>
<item_prototypes>
<item_prototype>
<name>Fail2ban $1 currently banned ips</name>
<type>0</type>
<snmp_community/>
<multiplier>0</multiplier>
<snmp_oid/>
<key>fail2ban.banned_actual[{#F2BJAIL}]</key>
<delay>60</delay>
<history>7</history>
<trends>365</trends>
<status>0</status>
<value_type>3</value_type>
<allowed_hosts/>
<units>count</units>
<delta>0</delta>
<snmpv3_contextname/>
<snmpv3_securityname/>
<snmpv3_securitylevel>0</snmpv3_securitylevel>
<snmpv3_authprotocol>0</snmpv3_authprotocol>
<snmpv3_authpassphrase/>
<snmpv3_privprotocol>0</snmpv3_privprotocol>
<snmpv3_privpassphrase/>
<formula>1</formula>
<delay_flex/>
<params/>
<ipmi_sensor/>
<data_type>0</data_type>
<authtype>0</authtype>
<username/>
<password/>
<publickey/>
<privatekey/>
<port/>
<description/>
<inventory_link>0</inventory_link>
<applications>
<application>
<name>Security</name>
</application>
</applications>
<valuemap/>
</item_prototype>
<item_prototype>
<name>Fail2ban $1 total banned ips</name>
<type>0</type>
<snmp_community/>
<multiplier>0</multiplier>
<snmp_oid/>
<key>fail2ban.banned_total[{#F2BJAIL}]</key>
<delay>60</delay>
<history>7</history>
<trends>365</trends>
<status>0</status>
<value_type>3</value_type>
<allowed_hosts/>
<units>count</units>
<delta>0</delta>
<snmpv3_contextname/>
<snmpv3_securityname/>
<snmpv3_securitylevel>0</snmpv3_securitylevel>
<snmpv3_authprotocol>0</snmpv3_authprotocol>
<snmpv3_authpassphrase/>
<snmpv3_privprotocol>0</snmpv3_privprotocol>
<snmpv3_privpassphrase/>
<formula>1</formula>
<delay_flex/>
<params/>
<ipmi_sensor/>
<data_type>0</data_type>
<authtype>0</authtype>
<username/>
<password/>
<publickey/>
<privatekey/>
<port/>
<description/>
<inventory_link>0</inventory_link>
<applications>
<application>
<name>Security</name>
</application>
</applications>
<valuemap/>
</item_prototype>
</item_prototypes>
<trigger_prototypes/>
<graph_prototypes/>
<host_prototypes/>
</discovery_rule>
</discovery_rules>
<macros/>
<templates/>
<screens/>
</template>
</templates>
</zabbix_export>

6
openssh/control.zaf
View File

@ -4,7 +4,7 @@ Description::
Plugin which will discover openssh config options and will return their values.
::
Version: 0.1
Version: 0.2
Url: https://raw.githubusercontent.com/limosek/zaf-plugins/master/openssh
Web: https://github.com/limosek/zaf-plugins/
Maintainer: Lukas Macura <lukas@macura.cz>
@ -13,7 +13,7 @@ Maintainer: Lukas Macura <lukas@macura.cz>
Depends-dpkg: dash
Depens-opkg: busybox
Depends-rpm: grep
Depends-bin: grep tr
Depends-bin: grep tr sort uniq
Item discovery:
Description::
@ -35,7 +35,7 @@ Script::
grep -v '^#' "$cfg" | tr -s '\n' | \
while read opt; do
[ -n "$opt" ] && echo $opt
done | zaf_discovery '{#OPTION}'
done | sort | uniq | zaf_discovery '{#OPTION}'
::
/Item