CustoSec:Check SNMP Status Wrapper
|Basic Information on Check|
|Name of Check||SNMP-Status||Technical Name||check_snmp_status_wrapper|
|Available in||Standard||Number of Arguments||7|
|From Version||ARANSEC 2.40||Compability||All ARANSEC and CustoSec|
Scope of Check
This is a complex check that allows to interpret all kind of status codes returned by a snmp query into an OK, Warn, Critical or Unknown-Value. It provides the possibility to define a list of complex strings or regular expression patterns for every possible status code returned by the snmp query (read more about Regular Expressions).
For the check to work properly the following requirements must be met:
- The check is configured as a service check on the target host that should be monitored
- SNMP must be activated on the target host (read only and a community name; It is also recommended to allow only the ARANSEC/CustoSec IP-Address to read SNMP information on the host). SNMP can easily be checked by starting a second session in a second browser tab and do a SNMP-Walk from ARANSEC's SNMP-Walk function (bottom entry in the left hand menu).
- When working with OID's it might prove useful to have an explanation on individual OID's at hand. A good resource for this is i.e. the OID Repository where more information on OID's can be found.
To configure the check, the following arguments are available:
|Argument No.||Argument Name||Allowed Arguments||Explanation||Examples|
|Arg1||snmp-community||string||Community name for the SNMP agent. It is strongly recommended to change the default community on most systems from "public" to something like "aransec".
Must be entered or check cannot find OID.
|Arg2||OID||string||List of Object Identifier(s) or SNMP variable(s) that are to be queried. Those can be obtained either by doing a SNMP-Walk on the target system or a search within MIB-Databases. Must be entered or check will time out. OID's (or SNMP Variables) must be separated by the pipe character "|".||ifOperStatus.6|
|Arg3||port||string||Port number of the snmp-service on the particular host. Default is 161. Must be entered!||161|
|Arg4||OK||string||List of values or regex patterns on which OK should be returned. Use the pipe character "|" as list item separator.|
|Arg5||WARNING||integer||List of values or regex patterns on which WARNING should be returned. Use the pipe character "|" as list item separator.|
|Arg6||CRITICAL||integer||List of values or regex patterns on which CRITICAL should be returned. Use the pipe character "|" as list item separator.|
|Arg7||UNKNOWN||integer||List of values or regex patterns on which UNKNOWN should be returned. Use the pipe character "|" as list item separator.|
Rules of status evaluation
Status evaluation will be performed according to the following rules:
- If the specified OID does not lead to a result, CRITICAL will be returned.
- If UNKNOWN is specified, every value matching one of the "UNKNOWN" patterns will lead to status UNKNOWN.
- Also if the returned value queried by the OID does not match any of the list values specified by "OK", "WARNING" or "CRITICAL", UNKNOWN will be returned.
- For overlapping ranges it is important to know, that the evaluation order is "CRITICAL", "WARNING" and "OK". The first match will produce the result.
The following examples should explain the usage of the check and how the arguments should be entered in CustoSec / ARANSEC.
(Please Note: Pipe Character in the fields of this table divide different options. Exception: Within the "Output" lines in the "Output" field, the pipe character is real and shows the division between the checks output and the checks performance data)
|!custosec!ifOperStatus.6!161!up.*|.*1.*|up\(1\)!.*.*!.*2.*![\D]||Checks a network interface (port 6 of a switch in this case), making extensive use of perl regular expressions as a demonstration
(read more about Pearl Regular Expressions)