swedenconnect/eid-ops
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Changed script nagios check for checking countires in eIDAS

Browse source
This commit is contained in:
Maria Haider 2020-06-02 14:08:23 +02:00
parent ad7e20a58c
commit a49391b915
Signed by: mariah
GPG key ID: 7414A760CA747E57
1 changed files with 48 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

56
global/overlay/usr/lib/nagios/plugins/check_eidas_country_count.sh
View file

@ -1,33 +1,73 @@
#!/bin/bash #!/bin/bash
set +x
. /usr/lib/nagios/plugins/utils.sh . /usr/lib/nagios/plugins/utils.sh
abs() { abs() {
[[ $[ $@ ] -lt 0 ]] && echo "$[ ($@) * -1 ]" || echo "$[ $@ ]" [[ $[ $@ ] -lt 0 ]] && echo "$[ ($@) * -1 ]" || echo "$[ $@ ]"
} }
count=$(wget -qO- https://$1/role/idp.xml | xmllint --format - | grep eidas:NodeCountry | wc -l) tmpx=$(mktemp)
finish() {
rm -f $tmpx
}
trap finish EXIT
cat>$tmpx<<EOF
<?xml version="1.0"?>
<xsl:stylesheet version="1.0"
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
xmlns:shibmeta="urn:mace:shibboleth:metadata:1.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
xmlns:exsl="http://exslt.org/common"
extension-element-prefixes="exsl"
xmlns:xi="http://www.w3.org/2001/XInclude"
xmlns:eidas="http://eidas.europa.eu/saml-extensions"
xmlns:shibmd="urn:mace:shibboleth:metadata:1.0">
<xsl:output method="text" indent="yes" encoding="UTF-8"/>
<xsl:template match="md:EntitiesDescriptor"><xsl:apply-templates select="//eidas:NodeCountry"/></xsl:template>
<xsl:template match="eidas:NodeCountry">
<xsl:value-of select="text()"/><xsl:text> </xsl:text>
</xsl:template>
<xsl:template match="*"></xsl:template>
</xsl:stylesheet>
EOF
missing() {
m=""
for x in $1; do
echo $2 | grep -q $x || m="$m $x"
done
echo $m
}
list=$(wget -qO- https://$1/role/idp.xml | xsltproc $tmpx -)
if [ $? -ne 0 ]; then if [ $? -ne 0 ]; then
echo "CRITICAL - Service FAIL" echo "CRITICAL - Service FAIL"
echo $status echo $status
exit $STATE_CRITICAL exit $STATE_CRITICAL
fi fi
count_expected=$2 list_expected=$2
list_missing=$(missing "$list_expected" "$list")
count=$(echo $list_missing | wc -w)
count_diff_warn=$3 count_diff_warn=$3
count_diff_crit=$4 count_diff_crit=$4
d=$(abs $count - $count_expected) if [ $count -ge $count_diff_crit ]; then
if [ $d -ge $count_diff_crit ]; then echo "CRITICAL - $count countries missing: $list_missing"
echo "CRITICAL - country count is $count expected $count_expected"
echo $status echo $status
exit $STATE_CRITICAL exit $STATE_CRITICAL
elif [ $d -ge $count_diff_warn ]; then elif [ $count -ge $count_diff_warn ]; then
echo "WARNING - country count is $count expected $count_expected" echo "WARNING - $count countries missing: $list_missing"
echo $status echo $status
exit $STATE_WARNING exit $STATE_WARNING
else else
echo "OK - Service healthy ($count countries)" echo "OK - Service healthy"
echo $status echo $status
exit $STATE_OK exit $STATE_OK
fi fi