Last active
March 22, 2018 11:58
-
-
Save djjudas21/cd1e7bfee44fb879855d to your computer and use it in GitHub Desktop.
Nagios plugin to check RADIUS status
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/perl -w | |
use strict; | |
use Config::Tiny; | |
# Sample command | |
# echo "Message-Authenticator = 0x00, FreeRADIUS-Statistics-Type = 7" | radclient HOSTNAME:PORT status SECRET | |
# Sample response | |
# Received response ID 183, code 2, length = 344 | |
# FreeRADIUS-Total-Access-Requests = 517 | |
# FreeRADIUS-Total-Access-Accepts = 1047 | |
my $ip = $ARGV[0]; | |
my $port = $ARGV[1]; | |
my $secret = $ARGV[2]; | |
if ((!$ip) && (!$port)) { | |
print "UNKNOWN - Must provide IP address and port number"; | |
exit 3; | |
} | |
chomp $ip; | |
chomp $port; | |
# Load saved values from last time | |
my $filename = "/tmp/radius-stats-$ip.ini"; | |
my $inifile = Config::Tiny->new(); | |
$inifile = Config::Tiny->read($filename); | |
# Grab the stats from FreeRADIUS | |
my $return = `/bin/echo "Message-Authenticator = 0x00, FreeRADIUS-Statistics-Type = 7" | /usr/bin/radclient $ip:$port status $secret`; | |
# Split our multiline return variable into an array and shift the RADIUS status message | |
my @lines = split /\n/, $return; | |
my $message = shift(@lines); | |
# If the status message indicates success... | |
if ($message && $message =~ m/^Received response ID/) { | |
# Prepare to get new data | |
my %newdata; | |
my %diff; | |
# Add in the timestamp as a virtual RADIUS attribute | |
my $timestamp = time; | |
push (@lines, "time=$timestamp"); | |
foreach my $line (@lines) { | |
# Skip lines that aren't in key-value format | |
if ($line =~ m/=/ && $line !~ m/^Received response ID/) { | |
# Kill all tabs and spaces | |
$line =~ s/[\t\ ]//g; | |
# Stuff the keys and values into a hash | |
my @split = split(/=/, $line); | |
$newdata{$split[0]} = $split[1]; | |
# Do comparison with previous dataset | |
# Save the results in the diff hash | |
# If you restart the server you get a negative result, so we zero that out | |
if (defined $inifile->{'radius'}->{$split[0]}) { | |
$diff{$split[0]} = $newdata{$split[0]} - $inifile->{'radius'}->{$split[0]}; | |
if ($diff{$split[0]} < 0) { | |
$diff{$split[0]} = 0; | |
} | |
} | |
# Write the new data back to the old file for next time | |
$inifile->{'radius'}->{$split[0]} = $newdata{$split[0]}; | |
} | |
} | |
# Commit data file back to disk for next time | |
$inifile->write($filename); | |
# Loop through the diff hash, calculate the rate, and build output | |
my %rate; | |
my $perfdata; | |
while (my ($key, $value) = each(%diff)){ | |
next if $key eq 'time'; | |
$rate{$key} = $diff{$key}/$diff{'time'}; | |
$perfdata .= "$key=$rate{$key} "; | |
} | |
# Delete the spare comma and space | |
chop $perfdata; | |
print "OK - RADIUS status server is responsive | $perfdata"; | |
exit 0; | |
} else { | |
print "UNKNOWN - Could not interrogate RADIUS server status"; | |
exit 3; | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
define command { | |
command_line $USER1$/check_radius_status $HOSTADDRESS$ $ARG1$ $ARG2$ | |
command_name check_radius_status | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
define service { | |
check_command check_radius_status!18012!Secret | |
host_name radius01.example.com | |
service_description RADIUS statistics | |
use generic-service | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment