Skip to content

Instantly share code, notes, and snippets.

@adionditsak
Last active February 2, 2017 13:48
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save adionditsak/69f7db61fa3e02de659a to your computer and use it in GitHub Desktop.
Save adionditsak/69f7db61fa3e02de659a to your computer and use it in GitHub Desktop.
Check_mk plugin to check for last log from Elasticsearch compared to current time
#!/usr/bin/env python
import requests
import datetime
import json
import os
"""
Check_mk plugin to check for last log from Elasticsearch compared to current time
"""
class lastlog_check(object):
def __init__(self):
os.environ['TZ'] = 'UTC'
self.host = "localhost"
self.es_port = "9200"
self.log_dir = "/usr/lib/check_mk_agent/local/log/"
def logit(self, filename, content):
with open(filename, "a") as log:
log.write(content)
def run(self):
self.get_last_arr = self.get_last()
self.diff = self.get_last_arr[1] - self.get_last_arr[0]
self.seconds_difference = int(self.diff.seconds)
if self.seconds_difference > 600:
return (2, self.seconds_difference, "Critical - %ss since last log" % self.seconds_difference)
elif self.seconds_difference > 300:
return (1, self.seconds_difference, "WARN - %ss since last log" % self.seconds_difference)
else:
return (0, self.seconds_difference, "OK - %ss since last log" % self.seconds_difference)
return (3, "No status")
def get_last(self):
self.url = "http://{0}:{1}/_search?pretty&fields=source,timestamp".format(self.host, self.es_port)
self.headers = {"Content-type": "application/json", "Accept": "text/plain"}
self.data = {
"query": {
"match_all": {}
},
"size": 1,
"sort": [
{
"timestamp": {
"order": "desc"
}
}
]
}
self.r = requests.post(self.url, data=json.dumps(self.data), headers=self.headers)
self.json_output = self.r.json()
self.json_timestamp = self.json_output["hits"]["hits"][0]['fields']['timestamp'][0]
self.timestamp_lastlog = datetime.datetime.strptime(self.json_timestamp, "%Y-%m-%d %H:%M:%S.%f")
self.timestamp_now = datetime.datetime.now()
self.result = [self.timestamp_lastlog, self.timestamp_now]
# Logging delayed logs
diff = self.result[1] - self.result[0]
minutes_difference = int(diff.seconds)
if minutes_difference > 600:
self.logit("%sdelayed_logs.log" % self.log_dir, "%s\n" % str(self.json_output))
self.logit("%sdelayed_logs.log" % self.log_dir, "%s\n" % self.timestamp_lastlog)
self.logit("%sdelayed_logs.log" % self.log_dir, "%s\n\n\n" % self.timestamp_now)
return self.result
llc = lastlog_check()
llc_arr = llc.run()
print("%s Elasticsearch_lastlog seconds_since_last_log=%s %s" % (llc_arr[0], llc_arr[1], llc_arr[2]))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment