Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Nagios plugin to check RADIUS status
#!/usr/bin/perl -w
use strict;
use Config::Tiny;
# Sample command
# echo "Message-Authenticator = 0x00, FreeRADIUS-Statistics-Type = 7" | radclient HOSTNAME:PORT status SECRET
# Sample response
# Received response ID 183, code 2, length = 344
# FreeRADIUS-Total-Access-Requests = 517
# FreeRADIUS-Total-Access-Accepts = 1047
my $ip = $ARGV[0];
my $port = $ARGV[1];
my $secret = $ARGV[2];
if ((!$ip) && (!$port)) {
print "UNKNOWN - Must provide IP address and port number";
exit 3;
}
chomp $ip;
chomp $port;
# Load saved values from last time
my $filename = "/tmp/radius-stats-$ip.ini";
my $inifile = Config::Tiny->new();
$inifile = Config::Tiny->read($filename);
# Grab the stats from FreeRADIUS
my $return = `/bin/echo "Message-Authenticator = 0x00, FreeRADIUS-Statistics-Type = 7" | /usr/bin/radclient $ip:$port status $secret`;
# Split our multiline return variable into an array and shift the RADIUS status message
my @lines = split /\n/, $return;
my $message = shift(@lines);
# If the status message indicates success...
if ($message && $message =~ m/^Received response ID/) {
# Prepare to get new data
my %newdata;
my %diff;
# Add in the timestamp as a virtual RADIUS attribute
my $timestamp = time;
push (@lines, "time=$timestamp");
foreach my $line (@lines) {
# Skip lines that aren't in key-value format
if ($line =~ m/=/ && $line !~ m/^Received response ID/) {
# Kill all tabs and spaces
$line =~ s/[\t\ ]//g;
# Stuff the keys and values into a hash
my @split = split(/=/, $line);
$newdata{$split[0]} = $split[1];
# Do comparison with previous dataset
# Save the results in the diff hash
# If you restart the server you get a negative result, so we zero that out
if (defined $inifile->{'radius'}->{$split[0]}) {
$diff{$split[0]} = $newdata{$split[0]} - $inifile->{'radius'}->{$split[0]};
if ($diff{$split[0]} < 0) {
$diff{$split[0]} = 0;
}
}
# Write the new data back to the old file for next time
$inifile->{'radius'}->{$split[0]} = $newdata{$split[0]};
}
}
# Commit data file back to disk for next time
$inifile->write($filename);
# Loop through the diff hash, calculate the rate, and build output
my %rate;
my $perfdata;
while (my ($key, $value) = each(%diff)){
next if $key eq 'time';
$rate{$key} = $diff{$key}/$diff{'time'};
$perfdata .= "$key=$rate{$key} ";
}
# Delete the spare comma and space
chop $perfdata;
print "OK - RADIUS status server is responsive | $perfdata";
exit 0;
} else {
print "UNKNOWN - Could not interrogate RADIUS server status";
exit 3;
}
define command {
command_line $USER1$/check_radius_status $HOSTADDRESS$ $ARG1$ $ARG2$
command_name check_radius_status
}
define service {
check_command check_radius_status!18012!Secret
host_name radius01.example.com
service_description RADIUS statistics
use generic-service
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment