Nagios plugin to check RADIUS status

check_radius_status.pl

#!/usr/bin/perl -w

use strict;
use Config::Tiny;

# Sample command
# echo "Message-Authenticator = 0x00, FreeRADIUS-Statistics-Type = 7" | radclient HOSTNAME:PORT status SECRET

# Sample response
# Received response ID 183, code 2, length = 344
# FreeRADIUS-Total-Access-Requests = 517
# FreeRADIUS-Total-Access-Accepts = 1047

my $ip = $ARGV[0];
my $port = $ARGV[1];
my $secret = $ARGV[2];

if ((!$ip) && (!$port)) {
        print "UNKNOWN - Must provide IP address and port number";
        exit 3;
}

chomp $ip;
chomp $port;

# Load saved values from last time
my $filename = "/tmp/radius-stats-$ip.ini";
my $inifile = Config::Tiny->new();
$inifile = Config::Tiny->read($filename);

# Grab the stats from FreeRADIUS
my $return = `/bin/echo "Message-Authenticator = 0x00, FreeRADIUS-Statistics-Type = 7" | /usr/bin/radclient $ip:$port status $secret`;

# Split our multiline return variable into an array and shift the RADIUS status message
my @lines = split /\n/, $return;
my $message = shift(@lines);

# If the status message indicates success...
if ($message && $message =~ m/^Received response ID/) {
        # Prepare to get new data
        my %newdata;
        my %diff;

        # Add in the timestamp as a virtual RADIUS attribute
        my $timestamp = time;
        push (@lines, "time=$timestamp");

        foreach my $line (@lines) {
                # Skip lines that aren't in key-value format
                if ($line =~ m/=/ && $line !~ m/^Received response ID/) {
                        # Kill all tabs and spaces
                        $line =~ s/[\t\ ]//g;
                        # Stuff the keys and values into a hash
                        my @split = split(/=/, $line);
                        $newdata{$split[0]} = $split[1];
        
                        # Do comparison with previous dataset
                        # Save the results in the diff hash
                        # If you restart the server you get a negative result, so we zero that out
                        if (defined $inifile->{'radius'}->{$split[0]}) {
                                $diff{$split[0]} = $newdata{$split[0]} - $inifile->{'radius'}->{$split[0]};
                                if ($diff{$split[0]} < 0) {
                                        $diff{$split[0]} = 0;
                                }
                        }
                        # Write the new data back to the old file for next time
                        $inifile->{'radius'}->{$split[0]} = $newdata{$split[0]};
                }
        }

        # Commit data file back to disk for next time
        $inifile->write($filename);

        # Loop through the diff hash, calculate the rate, and build output
        my %rate;
        my $perfdata;
        while (my ($key, $value) = each(%diff)){
                next if $key eq 'time';
                $rate{$key} = $diff{$key}/$diff{'time'};
                $perfdata .= "$key=$rate{$key} ";
        }
        # Delete the spare comma and space
        chop $perfdata;

        print "OK - RADIUS status server is responsive | $perfdata";
        exit 0;
} else {
        print "UNKNOWN - Could not interrogate RADIUS server status";
        exit 3;
}

nagios_command

define command {
    command_line                   $USER1$/check_radius_status $HOSTADDRESS$ $ARG1$ $ARG2$
    command_name                   check_radius_status
}

nagios_service

define service {
    check_command                  check_radius_status!18012!Secret
    host_name                      radius01.example.com
    service_description            RADIUS statistics
    use                            generic-service
}