Delta Between Two Patch Sets: check_ssl_cert.sh
Issue 29792596:
#3298 - SSL monitoring script for icinga (Closed)
Left Patch Set: #3298 - SSL monitoring script for icinga
Created June 6, 2018, 10:47 a.m.
Right Patch Set: #3298 - SSL monitoring script for icinga
Created July 4, 2018, 2:33 p.m.
| Left: | ||
| Right: |
Use n/p to move between diff chunks;
N/P to move between comments.
« no previous file with change/comment
|
« no previous file
|
no next file »
|
no next file with change/comment »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')
| LEFT | RIGHT |
|---|---|
| 1 #!/bin/sh | 1 #!/bin/sh |
| 2 | 2 |
| 3 # Icinga plugin that checks how many days are left until SSL certificate expires | 3 # Icinga plugin that checks how many days are left |
| 4 # Usage: <PluginDir>/check_ssl_cert -H <HOSTNAME> -P <PORT> -c <CRITICAL> -w <WA RNING> | 4 # until SSL certificate expires. |
| 5 # Usage: | |
| 6 # $PLUGIN_DIR/check_ssl_cert.sh -H $HOST -P $PORT -c $CRITICAL -w $WARNING | |
| 5 | 7 |
| 6 get_ssl_expiry_date() { | 8 get_ssl_expiry_date() { |
| 7 echo `openssl s_client -connect "$1":"$2" </dev/null 2>/dev/null | openssl x50 9 -noout -enddate 2>/dev/null` | 9 openssl s_client -connect "$1:$2" </dev/null 2>/dev/null \ |
|
mathias
2018/06/11 14:14:03
The surrounding `echo ...` is not necessary. The o
| |
| 10 | openssl x509 -noout -enddate 2>/dev/null | |
| 8 } | 11 } |
| 9 | |
| 10 PATH="/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin" | |
|
mathias
2018/06/11 14:14:02
Why do you set a custom $PATH here and not use the
| |
| 11 | 12 |
| 12 CURRENT_DATE=`date +%y%m%d` | 13 CURRENT_DATE=`date +%y%m%d` |
| 13 HOST="$2" | 14 HOST="$2" |
| 14 PORT="$4" | 15 PORT="$4" |
| 15 CRITICAL="$6" | 16 CRITICAL="$6" |
| 16 WARNING="$8" | 17 WARNING="$8" |
| 17 STATE_OK=0 | 18 STATE_OK=0 |
| 18 STATE_WARNING=1 | 19 STATE_WARNING=1 |
| 19 STATE_CRITICAL=2 | 20 STATE_CRITICAL=2 |
| 20 STATE_UNKNOWN=3 | 21 STATE_UNKNOWN=3 |
| 21 OUTPUT=`get_ssl_expiry_date "$HOST" "$PORT"` | 22 OUTPUT=`get_ssl_expiry_date "$HOST" "$PORT"` |
| 22 | 23 |
| 23 if [ ! "$OUTPUT" ] | 24 if [ -z "$OUTPUT" ] |
| 24 then | 25 then |
| 25 echo "UNKNOWN - Could not connect to $HOST via port $PORT" | 26 echo "UNKNOWN - Could not connect to $HOST via port $PORT" |
| 26 exit "$STATE_UNKNOWN" | 27 exit "$STATE_UNKNOWN" |
| 27 fi | 28 fi |
| 28 | 29 |
| 29 DAY=`echo "$OUTPUT" | awk '{print $2}'` | 30 DAY=`echo "$OUTPUT" | awk '{printf "02d", $2}'` |
| 30 MONTH=`echo "$OUTPUT" | awk '{print $1}' | cut -c 10-` | 31 MONTH=`echo "$OUTPUT" | awk '{print $1}' | cut -c 10-` |
| 31 YEAR=`echo "$OUTPUT" | awk '{print $4}'` | 32 YEAR=`echo "$OUTPUT" | awk '{print $4}'` |
| 32 | 33 |
| 33 case "$MONTH" in | 34 case "$MONTH" in |
| 34 | 35 |
| 35 "Jan") | 36 "Jan") |
| 36 MONTH="01" | 37 MONTH="01" |
| 37 ;; | 38 ;; |
| 38 "Feb") | 39 "Feb") |
| 39 MONTH="02" | 40 MONTH="02" |
| (...skipping 29 matching lines...) Expand all Loading... | |
| 69 MONTH="12" | 70 MONTH="12" |
| 70 ;; | 71 ;; |
| 71 "*") | 72 "*") |
| 72 echo "An error occured" | 73 echo "An error occured" |
| 73 exit 1 | 74 exit 1 |
| 74 ;; | 75 ;; |
| 75 esac | 76 esac |
| 76 | 77 |
| 77 EXPIRY_DATE_IN_SEC=`date -d "${YEAR}${MONTH}${DAY}" +%s` | 78 EXPIRY_DATE_IN_SEC=`date -d "${YEAR}${MONTH}${DAY}" +%s` |
| 78 CURRENT_DATE_IN_SEC=`date -d "$CURRENT_DATE" +%s` | 79 CURRENT_DATE_IN_SEC=`date -d "$CURRENT_DATE" +%s` |
| 79 DIFF=`expr "$EXPIRY_DATE_IN_SEC" - "$CURRENT_DATE_IN_SEC"` | 80 DIFFERENCE=`expr \( "$EXPIRY_DATE_IN_SEC" - "$CURRENT_DATE_IN_SEC" \) / 86400` |
| 80 DIFF=`expr "$DIFF" / 86400` | |
| 81 | 81 |
| 82 if [ "$DIFF" -le "$CRITICAL" ] | 82 if [ "$DIFFERENCE" -le "$CRITICAL" ] |
| 83 then | 83 then |
| 84 echo "CRITICAL - $HOST: SSL certificate has been expired!" | 84 echo "CRITICAL - $HOST: SSL certificate has been expired!" |
| 85 exit "$STATE_CRITICAL" | 85 exit "$STATE_CRITICAL" |
| 86 elif [ "$DIFF" -le "$WARNING" ] | 86 elif [ "$DIFFERENCE" -le "$WARNING" ] |
| 87 then | 87 then |
| 88 echo "WARNING - $HOST: SSL certificate will be expired in $DIFF days!" | 88 echo "WARNING - $HOST: SSL certificate will be expired in $DIFFERENCE days!" |
| 89 exit "$STATE_WARNING" | 89 exit "$STATE_WARNING" |
| 90 elif [ "$DIFF" -gt "$WARNING" ] | 90 elif [ "$DIFFERENCE" -gt "$WARNING" ] |
| 91 then | 91 then |
| 92 echo "OK - $HOST: SSL certificate will be expired in $DIFF days" | 92 echo "OK - $HOST: SSL certificate will be expired in $DIFFERENCE days" |
| 93 exit "$STATE_OK" | 93 exit "$STATE_OK" |
| 94 else | 94 else |
| 95 echo "UNKNOWN - $HOST: Could not retrieve data" | 95 echo "UNKNOWN - $HOST: Could not retrieve data" |
| 96 exit "$STATE_UNKNOWN" | 96 exit "$STATE_UNKNOWN" |
| 97 fi | 97 fi |
| LEFT | RIGHT |
« no previous file
|
no next file »
|
Toggle Intra-line Diffs ('i')
|
Expand Comments ('e')
|
Collapse Comments ('c')
|
Toggle Comments ('s')
