European-Airports
/
master
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Added CheckMk files

master
Florian Meissner 2023-08-25 13:16:26 +02:00
parent 0058b5e483
commit 6770680e65
10 changed files with 1756 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
checkmk/README.md Normal file
View File

@ -0,0 +1,24 @@
```
***************************************************
* ___ _ _ ,__ __ _ *
* / (_)| | | | /| | | | | *
* | | | _ __ | | | | | | | *
* | |/ \ |/ / |/_) | | | |/_) *
* \___/| |_/|__/\___/| \_/| | |_/| \_/ *
* *
***************************************************
```
# Installation and configuration files for CheckMk
The files in this folder are needed to enable a suitable monitoring of this container and its
services by CheckMk.
First of all the agent's DEB package must be installed into the container. Furthermore the agent's
plugins and plugin configurations must be copied into the container.
- plugins: /usr/lib/check_mk_agent/plugins
- config: /etc/check_mk
Florian Meissner, DL1MRV

40
checkmk/README_CheckMk.txt Normal file
View File

@ -0,0 +1,40 @@
Agent Plugins
=============
These plugins can be installed in the plugins directory of the Linux agent
in /usr/lib/check_mk_agent/plugins/. Please only install the plugins that
you really need.
If you want a plugin to be run asynchronously and also in
a larger interval then the normal check interval, then you can copy it to
a subdirectory named after a number of *seconds*, e.g.:
/usr/lib/check_mk_agent/plugins/60/mk_zypper
In that case the agent will:
- Run this plugin in the background and wait not for it to finish.
- Store the result of the plugin in a cache file below /etc/check_mk/cache.
- Use that file for one hour before running the script again.
How to write a parametrized Agent Plugin
----------------------------------------
For a working Agent Plugin you need:
* an Agent Plugin
The `Agent Plugin` and a `configuration file` will be deployed to the monitored machine.
* a Bakery Plugin - this creates the `configuration file` by using the `WATO Rule` to get the data from the user.
* a WATO rule - to define the shape and set of data which the Agent Plugin needs
The format in which the Bakery-Plugin writes and the Agent-Plugin reads the configuration is not specified, but
for new Plugins a `ConfigParser` solution would be preferable.
You should also create an example configuration in ``agents/cfg_examples/`` so
users of checkmk raw edition know how to configure the Agent-Plugin without
being able to bake agents.
Recent Examples:
* mk_docker.py
* mk_mongodb.py

BIN
checkmk/check-mk-agent_2.1.0p18-1_all.deb Normal file
View File

Binary file not shown.

141
checkmk/config/logwatch.cfg Normal file
View File

@ -0,0 +1,141 @@
# ================================================================================================================================
# mk_logwatch.cfg
# This file configures mk_logwatch.
# ================================================================================================================================
# Documentaion/Examples:
# https://github.com/tribe29/checkmk/blob/master/agents/cfg_examples/logwatch.cfg
# https://linuxthrill.blogspot.com/2016/04/how-checkmk-monitors-logfiles.html
#
# Parameter examples:
# ---------------------------
# I = Informational
# W = Warning
# C = Critical
#
# nocontext=1/0/True/False/Yes/No
# maxlines=1000
# maxtime=3
# overflow=W/C/I
# maxlinesize=2000
# maxfilesize=400
# maxoutputsize=500000
# maxcontextlines=3,4
# encoding=utf-16/utf-16be/utf-8
# fromstart=True/False
#
# mk_logwatch.pylint
# -----------------------------
#class Options(object): # pylint: disable=useless-object-inheritance
# """Options w.r.t. logfile patterns (not w.r.t. cluster mapping)."""
# MAP_OVERFLOW = {'C': 2, 'W': 1, 'I': 0, 'O': 0}
# MAP_BOOL = {'true': True, 'false': False, '1': True, '0': False, 'yes': True, 'no': False}
# DEFAULTS = {
# 'encoding': None,
# 'maxfilesize': None,
# 'maxlines': None,
# 'maxtime': None,
# 'maxlinesize': None,
# 'regex': None,
# 'overflow': 'C',
# 'nocontext': None,
# 'maxcontextlines': None,
# 'maxoutputsize': 500000, # same as logwatch_max_filesize in check plugin
# 'fromstart': False,
# }
#
# The options have the following meanings:
#================================================
#maxlines (2) the maximum number of new log messages that will by parsed in one turn in this logfile
#
#maxtime (2) the maximum time in seconds that will be spent parsing the new lines in this logfile
#
#overflow (1) When either the number of lines or the time is exceeded, an artificial logfile message
# will be appended, so that you will be warned. The class of that message is per default C,
# but you can also set it to W or I. Setting overflow=I will silently ignore any succeeding
# messages. If you leave out this option, then a C is assumed.
#
#nocontext This option can be used to disable processing of context log messages, which occur together
# with a pattern matched line. To disable processing, add nocontext=1 as option.
#
#
#maxcontextlines https://lists.mathias-kettner.de/pipermail/checkmk-commits/2019-November/030352.html
# If the plugin mk_logwatch is configured to send context along with found messages,
# the amount of data can become quite large. This werk adds the option of limiting
# the context given for every warning or critical message to a given number of lines
# befor and after the message. For instance, to limit the context to 3 lines before
# and four lines after the message, set the option "maxcontextlines=3,4".
#
#
#maxlinesize The maximum number of characters that are processed of each line of the file. If a line is
# longer than this, the rest of the line is being truncated and the word [TRUNCATED]is being
# appended to the line. You can filter for that word in the expressions if you like.
#
#maxfilesize The maximum number of bytes the logfile is expected to be in size. If the size is exceeded,
# then once there is created an artificial logfile message with the classification W. The text
# of this warning will be: Maximum allowed logfile size (12345 bytes) exceeded. You cannot do
# any classification of this line right in the configuration of the plugin. If you need a
# reclassification then please do this on the Check_MK server.
#
#maxoutputsize the value of 500000 has been the same in both cases, the maxoutputsize is limits the bytes that are sent by a single execution of the plugin
#
#fromstart https://lists.mathias-kettner.de/pipermail/checkmk-commits/2019-July/027904.html
# process new files from the beginning
# If a new logfile is found we usually skip to its end to avoid processing ancient log messages.
# You can now configure mk_logwatch to start processing the file from the beginning and see all
# messages that may already be present.
#
# To enable this behaviour, either set the corresponding flag in the agent bakery rule, or add
# 'fromstart=True' to your configuration file.
#
#
#Note (1): when the number of new messages or the processing time is exceeded, the non-processed new log
# messages will be skipped and not parsed even in the next run. That way the agent always keeps
# in sync with the current end of the logfile. From that follows that you might have to manually
# check the contents of the logfile if an overflow happened. We propose letting the overflow level set to C.
#Note (2): It is not neccessary to specify both maxlines and maxtime. It also allowed to specify only one
# limit. The default is not to impose any limit at all.
#-----------------------------------------------------------------------------------------------------------------------
#/var/log/foobar.log maxlines=10000 maxtime=3 overflow=W nocontext=True
# C critical.*error
# W warning.*something
# I ignore.*some.*thing
# O ok.*rest
# ================================================================================================================================
# Copyright (C) 2019 tribe29 GmbH - License: GNU General Public License v2
# This file is part of Checkmk (https://checkmk.com). It is subject to the terms and
# conditions defined in the file COPYING, which is part of this source code package.
# logwatch.cfg
# This file configures mk_logwatch. Define your logfiles
# and patterns to be looked for here.
# Name one or more logfiles, and the options to be applied (if any)
# Patterns are indented with one space are prefixed with:
# C: Critical messages
# W: Warning messages
# I: ignore these lines (OK)
# R: Rewrite the output previous match. You can use \1, \2 etc. for
# refer to groups (.*) of this match
# The first match decides. Lines that do not match any pattern
# are ignored
"/var/log/messages" maxlinesize=1024 encoding=utf-8
C Fail event detected on md device
I mdadm.*: Rebuild.*event detected
W mdadm\[
W ata.*hard resetting link
W ata.*soft reset failed (.*FIS failed)
W device-mapper: thin:.*reached low water mark
C device-mapper: thin:.*no free space
C Error: (.*)
"/var/log/mysql/error.log"
W Warning
C ERROR
C mysqld_safe mysqld from pid file /var/run/mysql/mysqld.pid ended
#"/var/log/mysql/slow.log"
# W .*

33
checkmk/config/mysql.cfg Normal file
View File

@ -0,0 +1,33 @@
# Copyright (C) 2022 tribe29 GmbH - License: GNU General Public License v2
# This file is part of Checkmk (https://checkmk.com). It is subject to the terms and
# conditions defined in the file COPYING, which is part of this source code package.
# Created by Check_MK Agent Bakery.
# This file is managed via WATO, do not edit manually or you
# lose your changes next time when you update the agent.
[client]
user=checkmk
password="" # The password will be filled in here from the
# Docker secret during the entrypoint script.
socket=/var/run/mysqld/mysqld.sock
socket=/var/run/mysqld/mysqld2.sock
host=127.0.0.1
!include /etc/check_mk/mysql.local.cfg
[check_mk]
aliases=Alias1,Alias2
# There is always one alias per socket which can also be empty
# Example with three sockets, the second one has an empty alias:
# [client]
# user=monitoring
# password="password"
# socket=/var/run/mysqld/mysqld.sock
# socket=/var/run/mysqld/mysqld2.sock
# socket=/var/run/mysqld/mysqld3.sock
# host=127.0.0.1
# !include /etc/check_mk/mysql.local.cfg
# [check_mk]
# aliases=Alias1,,Alias3

58
checkmk/mk-job Executable file
View File

@ -0,0 +1,58 @@
#!/bin/bash
# Copyright (C) 2019 tribe29 GmbH - License: GNU General Public License v2
# This file is part of Checkmk (https://checkmk.com). It is subject to the terms and
# conditions defined in the file COPYING, which is part of this source code package.
export MK_VARDIR=/var/lib/check_mk_agent
help() {
echo "Usage: mk-job IDENT PROGRAM [ARGS...]"
echo ""
echo "Execute PROGRAM as subprocess while measuring performance information"
echo "about the running process and writing it to an output file. This file"
echo "can be monitored using Check_MK. The Check_MK Agent will forward the"
echo "information of all job files to the monitoring server."
echo ""
echo "This file is being distributed with the Check_MK Agent."
}
if [ $# -lt 2 ]; then
help >&2
exit 1
fi
MYSELF=$(id -nu)
OUTPUT_PATH=$MK_VARDIR/job/$MYSELF
IDENT=$1
RUNNING_FILE="$OUTPUT_PATH/$IDENT.$$running"
shift
if [ ! -d "$OUTPUT_PATH" ]; then
if [ "$MYSELF" = root ]; then
mkdir -p "$OUTPUT_PATH"
else
echo "ERROR: Missing output directory $OUTPUT_PATH for non-root user '$MYSELF'." >&2
exit 1
fi
fi
if ! type "$1" >/dev/null 2>&1; then
echo -e "ERROR: Cannot run $1. Command not found.\n" >&2
help >&2
exit 1
fi
date +"start_time %s" >"$RUNNING_FILE" 2>/dev/null
if [ ! -w "$RUNNING_FILE" ]; then
# Looks like we are lacking the permissions to create this file..
# In this scenario no mk-job status file is created. We simply execute the command
exec "$@"
fi
/usr/bin/time -o "$RUNNING_FILE" --append \
-f "exit_code %x\nreal_time %E\nuser_time %U\nsystem_time %S\nreads %I\nwrites %O\nmax_res_kbytes %M\navg_mem_kbytes %K\ninvol_context_switches %c\nvol_context_switches %w" "$@"
RC=$?
mv "$RUNNING_FILE" "$OUTPUT_PATH/$IDENT"
exit $RC

51
checkmk/plugins/3600/mk_apt Executable file
View File

@ -0,0 +1,51 @@
#!/bin/bash
# Copyright (C) 2019 tribe29 GmbH - License: GNU General Public License v2
# This file is part of Checkmk (https://checkmk.com). It is subject to the terms and
# conditions defined in the file COPYING, which is part of this source code package.
# Reason for this no-op: shellcheck disable=... before the first command disables the error for the
# entire script.
:
# Disable unused variable error (needed to keep track of version)
# shellcheck disable=SC2034
CMK_VERSION="2.1.0p18"
# Check for APT updates (Debian, Ubuntu)
# TODO:
# Einstellungen:
# - upgrade oder dist-upgrade
# - vorher ein update machen
# Bakery:
# - Bakelet anlegen
# - Async-Zeit einstellbar machen und das Ding immer async laufen lassen
# Check programmieren:
# * Schwellwerte auf Anzahlen
# * Regexen auf Pakete, die zu CRIT/WARN führen
# - Graph malen mit zwei Kurven
# This variable can either be "upgrade" or "dist-upgrade"
UPGRADE=upgrade
DO_UPDATE=yes
check_apt_update() {
if [ "$DO_UPDATE" = yes ]; then
# NOTE: Even with -qq, apt-get update can output several lines to
# stderr, e.g.:
#
# W: There is no public key available for the following key IDs:
# 1397BC53640DB551
apt-get update -qq 2>/dev/null
fi
apt-get -o 'Debug::NoLocking=true' -o 'APT::Get::Show-User-Simulation-Note=false' -s -qq "$UPGRADE" | grep -v '^Conf'
}
if type apt-get >/dev/null; then
echo '<<<apt:sep(0)>>>'
out=$(check_apt_update)
if [ -z "$out" ]; then
echo "No updates pending for installation"
else
echo "$out"
fi
fi

17
checkmk/plugins/mk_logins Executable file
View File

@ -0,0 +1,17 @@
#!/bin/bash
# Copyright (C) 2019 tribe29 GmbH - License: GNU General Public License v2
# This file is part of Checkmk (https://checkmk.com). It is subject to the terms and
# conditions defined in the file COPYING, which is part of this source code package.
# Reason for this no-op: shellcheck disable=... before the first command disables the error for the
# entire script.
:
# Disable unused variable error (needed to keep track of version)
# shellcheck disable=SC2034
CMK_VERSION="2.1.0p18"
if type who >/dev/null; then
echo "<<<logins>>>"
who | wc -l
fi

1315
checkmk/plugins/mk_logwatch.py Executable file
View File

File diff suppressed because it is too large Load Diff

77
checkmk/plugins/mk_mysql Executable file
View File

@ -0,0 +1,77 @@
#!/bin/bash
# Copyright (C) 2019 tribe29 GmbH - License: GNU General Public License v2
# This file is part of Checkmk (https://checkmk.com). It is subject to the terms and
# conditions defined in the file COPYING, which is part of this source code package.
# Reason for this no-op: shellcheck disable=... before the first command disables the error for the
# entire script.
:
# Disable unused variable error (needed to keep track of version)
# shellcheck disable=SC2034
CMK_VERSION="2.1.0p18"
# gets optional socket as argument
do_query() {
# we use the sockets full name as instance name:
INSTANCE_HEADER="[[$2]]"
# Check if mysqld is running and root password setup
echo "<<<mysql_ping>>>"
echo "$INSTANCE_HEADER"
mysqladmin --defaults-extra-file="$MK_CONFDIR"/mysql.cfg ${1:+--socket="$1"} ping 2>&1 || return
echo "<<<mysql>>>"
echo "$INSTANCE_HEADER"
mysql --defaults-extra-file="$MK_CONFDIR"/mysql.cfg ${1:+--socket="$1"} -sN \
-e "show global status ; show global variables ;"
echo "<<<mysql_capacity>>>"
echo "$INSTANCE_HEADER"
mysql --defaults-extra-file="$MK_CONFDIR"/mysql.cfg ${1:+--socket="$1"} -sN \
-e "SELECT table_schema, sum(data_length + index_length), sum(data_free)
FROM information_schema.TABLES GROUP BY table_schema"
echo "<<<mysql_slave>>>"
echo "$INSTANCE_HEADER"
mysql --defaults-extra-file="$MK_CONFDIR"/mysql.cfg ${1:+--socket="$1"} -s \
-e "show slave status\G"
}
if [ ! -f "${MK_CONFDIR}/mysql.local.cfg" ]; then
cat <<EOF >"${MK_CONFDIR}/mysql.local.cfg"
# This file is created because some versions of mysqladmin
# issue a warning if there are missing includes.
EOF
fi
if type mysqladmin >/dev/null; then
mysql_socket_string=$(grep -F -h socket "$MK_CONFDIR"/mysql{.local,}.cfg | sed -ne 's/.*socket=\([^ ]*\).*/\1/p')
alias_string=$(grep -F -h alias "$MK_CONFDIR"/mysql{.local,}.cfg | sed -ne 's/.*aliases=\([^ ]*\).*/\1/p')
if [ -z "$mysql_socket_string" ]; then
mysql_socket_string=$(ps -fww -C mysqld | grep "socket" | sed -ne 's/.*socket=\([^ ]*\).*/\1/p')
fi
if [ -z "$mysql_socket_string" ]; then
do_query "" ""
else
IFS=" " mapfile -t mysql_sockets <<<"$mysql_socket_string"
IFS="," read -r -a aliases <<<"$alias_string"
for i in "${!mysql_sockets[@]}"; do
socket="${mysql_sockets[i]}"
alias="${aliases[i]}"
if [ -z "$alias" ]; then
do_query "$socket" "$socket"
else
do_query "$socket" "$alias"
fi
done
fi
# In async execution the cache file would be removed if the plugin exits with non-zero exit code.
# Avoid this from happening, just because the last mysql command failed (due to missing permissions).
exit 0
fi