MONITORING BGP WITH NAGIOS

-

  1. Make perl script given below.
  2. Go to command.cfg. 
  3. define command{
           command_name    check-bgp17
           command_line    $USER1$/check_bgp1.pl -H $HOSTADDRESS$ -C <SNMP STRING> -p $ARG1$
          }
  4. Use the command in services.cfg
  5. Used the same with Version 3.2.3




Use the following Perl Script

#!/usr/bin/perl

use strict;
use warnings;
use lib "/usr/local/nagios/libexec"  ;
use utils qw($TIMEOUT %ERRORS &print_revision &support);
use vars qw($PROGNAME);

# Just in case of problems, let's not hang Nagios
$SIG{'ALRM'} = sub {
    print ("ERROR: Plugin took too long to complete (alarm)\n");
    exit $ERRORS{"UNKNOWN"};
};
alarm($TIMEOUT);

my $PROGNAME = "check_bgp.pl";
sub print_help ();
sub print_usage ();
use POSIX qw(floor);
sub seconds_to_string($);

my ($opt_h,$opt_V);
my $community = "public";
my $snmp_version = 2;
my ($hostname,$bgppeer);;

use Getopt::Long;
&Getopt::Long::config('bundling');
GetOptions(
    "V"   => \$opt_V,    "version"    => \$opt_V,
    "h"   => \$opt_h,    "help"       => \$opt_h,
    "C=s" => \$community,    "community=s" => \$community,
    "H=s" => \$hostname,    "hostname=s" => \$hostname,
    "p=s" => \$bgppeer,    "peer=s" => \$bgppeer,
    "v=i" => \$snmp_version,"snmp_version=i" => \$snmp_version
);
# -h & --help print help
if ($opt_h) { print_help(); exit $ERRORS{'OK'}; }
# -V & --version print version
if ($opt_V) { print_revision($PROGNAME,'$Revision: 0.2 $ '); exit $ERRORS{'OK'}; }
# Invalid hostname print usage
if (!utils::is_hostname($hostname)) { print_usage(); exit $ERRORS{'UNKNOWN'}; }
# No BGP peer specified, print usage
if (!defined($bgppeer)) { print_usage(); exit $ERRORS{'UNKNOWN'}; }

# Setup SNMP object
use Net::SNMP qw(INTEGER OCTET_STRING IPADDRESS OBJECT_IDENTIFIER NULL);
my ($snmp, $snmperror);
if ($snmp_version != 1) {
    ($snmp, $snmperror) = Net::SNMP->session(
        -hostname => $hostname,
        -version => "snmpv2c",
        -community => $community
    );
} else {
    ($snmp, $snmperror) = Net::SNMP->session(
        -hostname => $hostname,
        -version => "snmpv1",
        -community => $community
    );
}

my $state = 'UNKNOWN';
my $output = "$bgppeer status retrieval failed.";
# Begin plugin check code
{
    my $bgpPeerState = "1.3.6.1.2.1.15.3.1.2";
    my $bgpPeerAdminStatus = "1.3.6.1.2.1.15.3.1.3";
    my $bgpPeerRemoteAs = "1.3.6.1.2.1.15.3.1.9";
    my $bgpPeerLastError = "1.3.6.1.2.1.15.3.1.14";
    my $bgpPeerFsmEstablishedTime = "1.3.6.1.2.1.15.3.1.16";

    my %bgpPeerStates = (
        -1 => 'unknown(-1)',
        1 => 'idle(1)',
        2 => 'connect(2)',
        3 => 'active(3)',
        4 => 'opensent(4)',
        5 => 'openconfirm(5)',
        6 => 'established(6)'
    );

    my %bgpPeerAdminStatuses = (
        1=>'stop(1)',
        2=>'start(2)'
    );

    my %bgpErrorCodes = (
        '01 00' => 'Message Header Error',
        '01 01' => 'Message Header Error - Connection Not Synchronized',
        '01 02' => 'Message Header Error - Bad Message Length',
        '01 03' => 'Message Header Error - Bad Message Type',
        '02 00' => 'OPEN Message Error',
        '02 01' => 'OPEN Message Error - Unsupported Version Number',
        '02 02' => 'OPEN Message Error - Bad Peer AS',
        '02 03' => 'OPEN Message Error - Bad BGP Identifier',
        '02 04' => 'OPEN Message Error - Unsupported Optional Parameter',
        '02 05' => 'OPEN Message Error', #deprecated
        '02 06' => 'OPEN Message Error - Unacceptable Hold Time',
        '03 00' => 'UPDATE Message Error',
        '03 01' => 'UPDATE Message Error - Malformed Attribute List',
        '03 02' => 'UPDATE Message Error - Unrecognized Well-known Attribute',
        '03 03' => 'UPDATE Message Error - Missing Well-known Attribute',
        '03 04' => 'UPDATE Message Error - Attribute Flags Error',
        '03 05' => 'UPDATE Message Error - Attribute Length Erro',
        '03 06' => 'UPDATE Message Error - Invalid ORIGIN Attribute',
        '03 07' => 'UPDATE Message Error', #deprecated
        '03 08' => 'UPDATE Message Error - Invalid NEXT_HOP Attribute',
        '03 09' => 'UPDATE Message Error - Optional Attribute Error',
        '03 0A' => 'UPDATE Message Error - Invalid Network Field',
        '03 0B' => 'UPDATE Message Error - Malformed AS_PATH',
        '04 00' => 'Hold Timer Expired',
        '05 00' => 'Finite State Machine Error',
        '06 00' => 'Cease',
        '06 01' => 'Cease - Maximum Number of Prefixes Reached',
        '06 02' => 'Cease - Administrative Shutdown',
        '06 03' => 'Cease - Peer De-configured',
        '06 04' => 'Cease - Administrative Reset',
        '06 05' => 'Cease - Connection Rejected',
        '06 06' => 'Cease - Other Configuration Change',
        '06 07' => 'Cease - Connection Collision Resolution',
        '06 08' => 'Cease - Out of Resources'
    );

    my @snmpoids;
    push (@snmpoids,"$bgpPeerState.$bgppeer");
    push (@snmpoids,"$bgpPeerAdminStatus.$bgppeer");
    push (@snmpoids,"$bgpPeerRemoteAs.$bgppeer");
    push (@snmpoids,"$bgpPeerLastError.$bgppeer");
    push (@snmpoids,"$bgpPeerFsmEstablishedTime.$bgppeer");
    my $result = $snmp->get_request(
        -varbindlist => \@snmpoids
    );
    if (!defined($result)) {
        my $answer = $snmp->error;
        $snmp->close;
        print ("UNKNOWN: SNMP error: $answer\n");
        exit $ERRORS{'UNKNOWN'};
    }

    if ($result->{"$bgpPeerState.$bgppeer"} ne "noSuchInstance") {
        $output = "$bgppeer (AS".
            $result->{"$bgpPeerRemoteAs.$bgppeer"}.
            ") state is ".
            $bgpPeerStates{$result->{"$bgpPeerState.$bgppeer"}};

        my $lasterror;
        my $lasterrorcode = $result->{"$bgpPeerLastError.$bgppeer"};
        if (hex($lasterrorcode) != 0) {
            $lasterrorcode = substr($lasterrorcode,2,2)." ".substr($lasterrorcode,4,2);
            my ($code,$subcode) = split(" ",$lasterrorcode);
            if (!defined($bgpErrorCodes{$lasterrorcode})) {
                $lasterror = $bgpErrorCodes{"$code 00"};
            } else {
                $lasterror = $bgpErrorCodes{$lasterrorcode};
            }
            if (!defined($lasterror)) {
                $lasterror = "Unknown ($code $subcode)";
            }
        }

        my $establishedtime = seconds_to_string($result->{"$bgpPeerFsmEstablishedTime.$bgppeer"});

        if ($result->{"$bgpPeerState.$bgppeer"} == 6) {
            $state = 'OK';
            $output .= ". Established for $establishedtime.";
        } elsif ($result->{"$bgpPeerAdminStatus.$bgppeer"} == 1) { #stop
            $state = 'WARNING'; # admin down do warning
            $output .= " (administratively down). Last established $establishedtime.";
        } else {
            $state = 'CRITICAL';
            $output .= ". Last established $establishedtime.";
        }

        if (defined($lasterror)) {
            $output .= " Last error \"$lasterror\".";
        }
    }
}
print "$state - $output\n";
exit $ERRORS{$state};

sub print_help() {
    print_revision($PROGNAME,'$Revision: 0.2 $ ');
    print "Copyright (c) 2006 Larry Low\n";
    print "This program is licensed under the terms of the\n";
    print "GNU General Public License\n(check source code for details)\n";
    print "\n";
    printf "Check BGP peer status via SNMP.\n";
    print "\n";
    print_usage();
    print "\n";
    print " -H (--hostname)   Hostname to query - (required)\n";
    print " -C (--community)  SNMP read community (defaults to public)\n";
    print " -v (--snmp_version) 1 for SNMP v1\n";
    print "                     2 for SNMP v2c (default)\n";
    print " -p {--peer}       IP of BGP Peer\n";
    print " -V (--version)    Pluging version\n";
    print " -h (--help)       usage help\n";
    print "\n";
    support();
}

sub print_usage() {
    print "Usage: \n";
    print "  $PROGNAME -H <HOSTNAME> [-C <community>] -p <bgppeer>\n";
    print "  $PROGNAME [-h | --help]\n";
    print "  $PROGNAME [-V | --version]\n";
}

sub seconds_to_string($) {
    my $time = shift;
    my $timestr = "";
    if ($time > (365.24225*24*60*60)) {
        my $years = floor($time / (365.24225*24*60*60));
        $time -= $years*365.24225*24*60*60;
        $timestr .= $years."y";
    }
    if ($time > (24*60*60)) {
        my $days = floor($time / (24*60*60));
        $time -= $days*24*60*60;
        $timestr .= $days."d";
    }
    if ($time > (60*60)) {
        my $hours = floor($time / (60*60));
        $time -= $hours*60*60;
        $timestr .= $hours."h";
    }
    if ($time > 60) {
        my $minutes = floor($time / 60);
        $time -= $minutes*60;
        $timestr .= $minutes."m";
    }
    $timestr .= $time."s";
    return $timestr;
}

Comments

Post a Comment

Popular posts from this blog

Traffic Shaping With Fortigate

-
FortiGate v4.0 Description This article describes the Traffic Shaping features that have been implemented in FortiOS 4.0 In FortiOS version 4.0, the traffic shaping has been enhanced. Diagnose commands allowing to verify each traffic shaper's usage and giving more configuration flexibility. See also the related articles at the end of this page for additional information. Solution Summary 1- Traffic shaping configuration is dissociated from the Firewall policies allowing multiple policies to use common configurations 2- Possibility to use independent configurations in policies for forward and reverse traffic directions 3- The P2P shaping capabilities are now defined at the application control level 4- Troubleshooting packet loss with statistics on traffic shaping configurations 5- Troubleshooting packet loss with the debug flow diagnose commands 6- Session list details with dual traffic shaper (forward and reverse traffic) 1- Traffic shaping configuration is di
Read more

DIAGNOSE FORTIGATE HIGH CPU PROBLEM

-
#diagnose system top 5 10. Use this command to display: • up time (Run Time) • current total processor and memory usage • current free memory • a list of the top most resource-intense currently running system processes and daemons, with respect to their memory (RAM) and processor (CPU) usage The first two lines of the display indicate the up time, and the processor and memory usage. Processor and memory usages on the second line have abbreviated labels, highlighted below in bold. Run Time: 0 days, 21 hours and 3 minutes 0U, 4S, 95I; 1035792T, 646920F Table 10: Abbreviations for processor and memory usage Letter Description U User CPU usage (%) S System CPU usage (%) I Idle CPU usage (%) T Total memory (KB) F Free memory (KB) The remaining lines contain the process list, which has the following columns. Table 11: Process list columns Column 1
Read more