oxidized 0.26.3 → 0.27.0

data/docs/Troubleshooting.md

@@ -0,0 +1,66 @@
+# Troubleshooting
+
+## Oxidized connects to a supported device but no (or partial) configuration is collected
+
+A common reason for configuration collection to fail after successful authentication is prompt mismatches. The symptoms typically fall into one of two categories:
+
+* Oxidized successfully logs into the device, then reports a timeout without collecting configuration. This can be caused by an unmatched prompt.
+* Only partial output is collected and collection stops abruptly. This can be caused by overly greedy prompt being matched against non-prompt output.
+
+*Troubleshooting an unmatched prompt:*
+
+Log in manually into the device. Use the same username and password or key configured for Oxidized. Observe the prompt returned by the device.
+
+```text
+Logging into this device is dangerous! Do so at your own risk.
+
+Username: superuser
+Password: *********
+
+Welcome to the advanced nuclear launchinator 5A-X20. Proceed with caution.
+
+SEKRET-5A-X20#
+```
+
+Review the relevant device model file and identify the defined prompt. You can find the device models in the `lib/oxidized/model` sub-folder of the repository. For example, the Cisco IOS model, `ios.rb` may use the following prompt:
+
+```text
+  prompt /^([\w.@()-]+[#>]\s?)$/
+```
+
+Use IRB to verify if the prompt you've observed would match:
+
+An example of a successful match:
+
+```shell
+# irb
+irb(main):001:0> 'SEKRET-5A-X20#'.match /^([\w.@()-]+[#>]\s?)$/
+=> #<MatchData "SEKRET-5A-X20#" 1:"SEKRET-5A-X20#">
+irb(main):002:0>
+```
+
+An example of an unsuccessful match, for the prompt `$EKRET-5A-X20#` ($ used instead of capital S at the beginning of the prompt):
+
+```shell
+irb(main):002:0> '$EKRET-5A-X20#'.match /^([\w.@()-]+[#>]\s?)$/
+=> nil
+```
+
+The prompt can then be adapted and re-tested, for example, by allowing the $ character as part of the prompt via `/^([\$\w.@()-]+[#>]\s?)$/`
+
+```shell
+irb(main):003:0> '$EKRET-5A-X20#'.match /^([\$\w.@()-]+[#>]\s?)$/
+=> #<MatchData "$EKRET-5A-X20#" 1:"$EKRET-5A-X20#">
+```
+
+The new prompt now matches. You can copy the current model into the `~/.config/oxidized/` directory (keeping the original file name), and modify the prompt within the model file. After restarting Oxidized, the adapted model will be used.
+
+*Troubleshooting an overly greedy prompt:*
+
+Log in manually into the device. Use the same username and password or key configured for Oxidized. Execute the last command (which may be the first command to run) from which partial output is collected.
+
+Compare the output to the partial output collected by Oxidized, focusing on the the difference that has been truncated. You can evaluate if this output could have matched the prompt regexp unexpectedly with IRB in a manner similar to the outlined in the previous section.
+
+Adapt the prompt regexp to be more conservative if necessary in a local model override file.
+
+*We encourage you to submit a PR for any prompt issues you encounter.*

data/extra/nagios_check_failing_nodes.rb

@@ -10,8 +10,11 @@ pending = false
 critical_nodes = []
 pending_nodes = []
 
-json = JSON.parse(open("http://localhost:8888/nodes.json"))
+json = JSON.parse(open("http://localhost:8888/nodes.json").read)
 json.each do |node|
+  unless ARGV.empty?
+    next if ARGV[0] != node['name']
+  end
   if not node['last'].nil?
     if node['last']['status'] != 'success'
       critical_nodes << node['name']
@@ -30,6 +33,10 @@ elsif pending
   puts '[WARN] Pending backup: ' + pending_nodes.join(',')
   exit 1
 else
-  puts '[OK] Backup of all nodes completed successfully.'
+  if ARGV.empty?
+    puts '[OK] Backup of all nodes completed successfully.'
+  else
+    puts '[OK] Backup of node ' + ARGV[0] + ' completed successfully.'
+  end
   exit 0
 end

data/extra/oxidized.service

@@ -18,6 +18,8 @@ ExecStart=/usr/local/bin/oxidized
 User=oxidized
 KillSignal=SIGKILL
 #Environment="OXIDIZED_HOME=/etc/oxidized"
+Restart=on-failure
+RestartSec=300s
 
 [Install]
 WantedBy=multi-user.target

data/extra/syslog.rb

@@ -36,6 +36,10 @@ module Oxidized
   CFGS.default.syslogd.port        = 514
   CFGS.default.syslogd.file        = 'messages'
   CFGS.default.syslogd.resolve     = true
+  CFGS.default.syslogd.dns_map     = {
+    '(.*)\.strip\.this\.domain\.com' => '\\1',
+    '(.*)\.also\.this\.net'          => '\\1'
+  }
 
   begin
     CFGS.load
@@ -46,15 +50,12 @@ module Oxidized
   end
 
   class SyslogMonitor
-    NAME_MAP = {
-      /(.*)\.ip\.tdc\.net/ => '\1',
-      /(.*)\.ip\.fi/       => '\1'
-    }.freeze
     MSG = {
       ios:   /%SYS-(SW[0-9]+-)?5-CONFIG_I:/,
       junos: 'UI_COMMIT:',
       eos:   /%SYS-5-CONFIG_I:/,
-      nxos:  /%VSHD-5-VSHD_SYSLOG_CONFIG_I:/
+      nxos:  /%VSHD-5-VSHD_SYSLOG_CONFIG_I:/,
+      aruba: 'Notice-Type=\'Running'
     }.freeze
 
     class << self
@@ -82,30 +83,34 @@ module Oxidized
       Oxidized::RestClient.next opt
     end
 
-    def ios(ipaddr, log, index)
+    def ios(log, index, **opts)
       # TODO: we need to fetch 'ip/name' in mode == :file here
-      user = log[index + 5]
-      from = log[-1][1..-2]
-      rest(user: user, from: from, model: 'ios', ip: ipaddr,
-           name: getname(ipaddr))
+      opts[:user] = log[index + 5]
+      opts[:from] = log[-1][1..-2]
+      opts
     end
+    alias nxos ios
+    alias eos ios
 
-    def jnpr(ipaddr, log, index)
+    def junos(log, index, **opts)
       # TODO: we need to fetch 'ip/name' in mode == :file here
-      user = log[index + 2][1..-2]
-      msg  = log[(index + 6)..-1].join(' ')[10..-2]
-      msg  = nil if msg == 'none'
-      rest(user: user, msg: msg, model: 'jnpr', ip: ipaddr,
-           name: getname(ipaddr))
+      opts[:user] = log[index + 2][1..-2]
+      opts[:msg] = log[(index + 6)..-1].join(' ')[10..-2]
+      opts.delete(:msg) if opts[:msg] == 'none'
+      opts
+    end
+
+    def aruba(log, index, **opts)
+      opts.merge user: log[index + 2].split('=')[4].split(',')[0][1..-2]
     end
 
     def handle_log(log, ipaddr)
       log = log.to_s.split ' '
-      if (i = log.find_index { |e| e.match(MSG[:ios]) })
-        ios ipaddr, log,  i
-      elsif (i = log.index(MSG[:junos]))
-        jnpr ipaddr, log, i
+      index, vendor = MSG.find do |key, value|
+        index = log.find_index { |e| e.match value }
+        break index, key if index
       end
+      rest send(vendor, log, index, ip: ipaddr, name: getname(ipaddr), model: vendor.to_s) if index
     end
 
     def run(io)
@@ -129,10 +134,10 @@ module Oxidized
 
     def getname(ipaddr)
       if Oxidized::CFG.syslogd.resolve == false
-        ipddr
+        ipaddr
       else
-        name = (Resolv.getname ipaddr.to_s rescue ipadr)
-        NAME_MAP.each { |re, sub| name.sub! re, sub }
+        name = (Resolv.getname ipaddr.to_s rescue ipaddr)
+        Oxidized::CFG.syslogd.dns_map.each { |re, sub| name.sub! Regexp.new(re.to_s), sub }
         name
       end
     end

data/lib/oxidized/cli.rb

@@ -41,20 +41,24 @@ module Oxidized
     end
 
     def parse_opts
-      opts = Slop.new(help: true) do
-        on 'd', 'debug', 'turn on debugging'
-        on 'daemonize',  'Daemonize/fork the process'
-        on 'show-exhaustive-config', 'output entire configuration, including defaults' do
+      opts = Slop.parse do |opt|
+        opt.on '-d', '--debug', 'turn on debugging'
+        opt.on '--daemonize', 'Daemonize/fork the process'
+        opt.on '-h', '--help', 'show usage' do
+          puts opt
+          exit
+        end
+        opt.on '--show-exhaustive-config', 'output entire configuration, including defaults' do
           asetus = Config.load
           puts asetus.to_yaml asetus.cfg
           Kernel.exit
         end
-        on 'v', 'version', 'show version' do
+        opt.on '-v', '--version', 'show version' do
           puts Oxidized::VERSION_FULL
           Kernel.exit
         end
       end
-      [opts.parse!, opts]
+      [opts.arguments, opts]
     end
 
     attr_reader :pidfile

data/lib/oxidized/config/vars.rb

@@ -1,15 +1,14 @@
 module Oxidized::Config::Vars
   # convenience method for accessing node, group or global level user variables
-  # nil values will be ignored
   def vars(name)
-    r = @node.vars[name] unless @node.vars.nil?
-    if Oxidized.config.groups.has_key?(@node.group)
-      r ||= Oxidized.config.groups[@node.group].vars[name.to_s] if Oxidized.config.groups[@node.group].vars.has_key?(name.to_s)
+    if @node.vars&.has_key?(name)
+      @node.vars[name]
+    elsif Oxidized.config.groups.has_key?(@node.group) && Oxidized.config.groups[@node.group].vars.has_key?(name.to_s)
+      Oxidized.config.groups[@node.group].vars[name.to_s]
+    elsif Oxidized.config.models.has_key(@node.model.class.name.to_s.downcase) && Oxidized.config.models[@node.model.class.name.to_s.downcase].vars.has_key?(name.to_s)
+      Oxidized.config.models[@node.model.class.name.to_s.downcase].vars[name.to_s]
+    elsif Oxidized.config.vars.has_key?(name.to_s)
+      Oxidized.config.vars[name.to_s]
     end
-    if Oxidized.config.models.has_key?(@node.model.class.name.to_s.downcase)
-      r ||= Oxidized.config.models[@node.model.class.name.to_s.downcase].vars[name.to_s] if Oxidized.config.models[@node.model.class.name.to_s.downcase].vars.has_key?(name.to_s)
-    end
-    r ||= Oxidized.config.vars[name.to_s] if Oxidized.config.vars.has_key?(name.to_s)
-    r
   end
 end

data/lib/oxidized/hook/githubrepo.rb

@@ -19,7 +19,7 @@ class GithubRepo < Oxidized::Hook
     log result.inspect, :debug
 
     unless result[:total_deltas].positive?
-      log "nothing recieved after fetch", :debug
+      log "nothing received after fetch", :debug
       return
     end
 

data/lib/oxidized/input/exec.rb

@@ -0,0 +1,28 @@
+module Oxidized
+  require "oxidized/input/cli"
+
+  class Exec < Input
+    include Input::CLI
+
+    def connect(node)
+      @node = node
+      @node.model.cfg["exec"].each { |cb| instance_exec(&cb) }
+      @log = File.open(Oxidized::Config::Log + "/#{@node.ip}-exec", "w") if Oxidized.config.input.debug?
+    end
+
+    def cmd(cmd_str)
+      Oxidized.logger.debug "EXEC: #{cmd_str} @ #{@node.name}"
+      # I'd really like to do popen3 with separate arguments, but that would
+      # require refactoring cmd to take parameters
+      %x(#{cmd_str})
+    end
+
+    private
+
+    def disconnect
+      true
+    ensure
+      @log.close if Oxidized.config.input.debug?
+    end
+  end
+end

data/lib/oxidized/input/telnet.rb

@@ -35,7 +35,7 @@ module Oxidized
     end
 
     def cmd(cmd_str, expect = @node.prompt)
-      return send(cmd_str + "\n") unless expect
+      return send(cmd_str + "\r\n") unless expect
 
       Oxidized.logger.debug "Telnet: #{cmd_str} @#{@node.name}"
       args = { 'String'  => cmd_str,

data/lib/oxidized/model/adtran.rb

@@ -3,6 +3,10 @@ class Adtran < Oxidized::Model
 
   prompt /([\w.@-]+[#>]\s?)$/
 
+  cmd :all do |cfg|
+    cfg.each_line.to_a[2..-2].map { |line| line.delete("\r").rstrip }.join("\n") + "\n"
+  end
+
   cmd :secret do |cfg|
     cfg.gsub!(/password (\S+)/, 'password <hidden>')
     cfg

data/lib/oxidized/model/airfiber.rb

@@ -0,0 +1,22 @@
+class Airfiber < Oxidized::Model
+  # Ubiquiti Airfiber (tested with Airfiber 11FX)
+
+  prompt /^AF[\w\.]+#/
+
+  cmd :all do |cfg|
+    cfg.cut_both
+  end
+
+  pre do
+    cmd 'cat /tmp/system.cfg'
+  end
+
+  cfg :telnet do
+    username /^[\w\W]+\slogin:\s$/
+    password /^[p:P]assword:\s$/
+  end
+
+  cfg :telnet, :ssh do
+    pre_logout 'exit'
+  end
+end

data/lib/oxidized/model/aos.rb

@@ -21,6 +21,14 @@ class AOS < Oxidized::Model
     comment cfg
   end
 
+  cmd 'show license info' do |cfg|
+    comment cfg
+  end
+
+  cmd 'show license file' do |cfg|
+    comment cfg
+  end
+
   cmd 'show configuration snapshot' do |cfg|
     cfg
   end

data/lib/oxidized/model/aosw.rb

@@ -10,7 +10,7 @@ class AOSW < Oxidized::Model
   # All IAPs connected to a Instant Controller will have the same config output. Only the controller needs to be monitored.
 
   comment  '# '
-  prompt /^\(?.+\)?\s[#>]/
+  prompt /^([\w\(:.@-]+(\)?\s?)[#>]\s?)$/
 
   cmd :all do |cfg|
     cfg.cut_both

data/lib/oxidized/model/c4cmts.rb

@@ -17,7 +17,7 @@ class C4CMTS < Oxidized::Model
   end
 
   cmd 'show environment' do |cfg|
-    cfg.gsub! /\s+[\-\d]+\s+C\s+[(\s\d]+\s+F\)/, ''	# remove temperature readings
+    cfg.gsub! /\s+[\-\d]+\s+C\s+[(\s\d]+\s+F\)/, '' # remove temperature readings
     comment cfg.cut_both
   end
 

data/lib/oxidized/model/cambium.rb

@@ -7,6 +7,7 @@ class Cambium < Oxidized::Model
   end
 
   cmd cfg_cb do |cfg|
+    cfg.gsub! /"cfgUtcTimestamp":.*?,\n/, ''
     cfg
   end
 

data/lib/oxidized/model/ciscosmb.rb

@@ -29,11 +29,6 @@ class CiscoSMB < Oxidized::Model
     comment cfg
   end
 
-  cmd 'show system' do |cfg|
-    cfg.gsub! /System Up Time.*\n/, ''
-    comment cfg
-  end
-
   cmd 'show bootvar' do |cfg|
     comment cfg
   end

data/lib/oxidized/model/comware.rb

@@ -21,12 +21,13 @@ class Comware < Oxidized::Model
   cmd :secret do |cfg|
     cfg.gsub! /^( snmp-agent community).*/, '\\1 <configuration removed>'
     cfg.gsub! /^( password hash).*/, '\\1 <configuration removed>'
+    cfg.gsub! /^( password cipher).*/, '\\1 <configuration removed>'
     cfg
   end
 
   cfg :telnet do
-    username /^Username:$/
-    password /^Password:$/
+    username /^(Username|login):/
+    password /^Password:/
   end
 
   cfg :telnet, :ssh do
@@ -35,12 +36,15 @@ class Comware < Oxidized::Model
     # the pager cannot be disabled before _cmdline-mode on.
     if vars :comware_cmdline
       post_login do
-        send "_cmdline-mode on\n"
-        send "y\n"
-        send vars(:comware_cmdline) + "\n"
-        send "xtd-cli-mode on\n"
-        send "y\n"
-        send vars(:comware_cmdline) + "\n"
+        # HP V1910, V1920
+        cmd '_cmdline-mode on', /(#{@node.prompt}|Continue)/
+        cmd 'y', /(#{@node.prompt}|input password)/
+        cmd vars(:comware_cmdline)
+
+        # HP V1950
+        cmd 'xtd-cli-mode on', /(#{@node.prompt}|Continue)/
+        cmd 'y', /(#{@node.prompt}|input password)/
+        cmd vars(:comware_cmdline)
       end
     end
 
@@ -58,6 +62,11 @@ class Comware < Oxidized::Model
     comment cfg
   end
 
+  cmd 'display device manuinfo' do |cfg|
+    cfg = cfg.each_line.reject { |l| l.match 'FF'.hex.chr }.join
+    comment cfg
+  end
+
   cmd 'display current-configuration' do |cfg|
     cfg
   end

data/lib/oxidized/model/dlink.rb

@@ -1,7 +1,7 @@
 class Dlink < Oxidized::Model
   # D-LINK Switches
 
-  prompt /^(\r*[\w.@()\/:-]+[#>]\s?)$/
+  prompt /^(\r*[\w\s.@()\/:-]+[#>]\s?)$/
   comment '# '
 
   cmd :secret do |cfg|