sensu-plugins-aws-boutetnico 1.0.6

data/bin/check-instance-events.rb

@@ -0,0 +1,154 @@
+#! /usr/bin/env ruby
+#
+# check-instance-events
+#
+# DESCRIPTION:
+#   This plugin looks up all instances in an account and alerts if one or more have a scheduled
+#   event (reboot, retirement, etc)
+#
+# OUTPUT:
+#   plain-text
+#
+# PLATFORMS:
+#   Linux
+#
+# DEPENDENCIES:
+#   gem: aws-sdk
+#   gem: sensu-plugin
+#
+# USAGE:
+#   #YELLOW
+#
+# NOTES:
+#
+# LICENSE:
+#   Copyright (c) 2014, Tim Smith, tsmith@chef.io
+#   Released under the same terms as Sensu (the MIT license); see LICENSE
+#   for details.
+#
+
+require 'sensu-plugin/check/cli'
+require 'aws-sdk'
+
+class CheckInstanceEvents < Sensu::Plugin::Check::CLI
+  option :aws_access_key,
+         short: '-a AWS_ACCESS_KEY',
+         long: '--aws-access-key AWS_ACCESS_KEY',
+         description: "AWS Access Key. Either set ENV['AWS_ACCESS_KEY'] or provide it as an option",
+         default: ENV['AWS_ACCESS_KEY']
+
+  option :aws_secret_access_key,
+         short: '-k AWS_SECRET_KEY',
+         long: '--aws-secret-access-key AWS_SECRET_KEY',
+         description: "AWS Secret Access Key. Either set ENV['AWS_SECRET_KEY'] or provide it as an option",
+         default: ENV['AWS_SECRET_KEY']
+
+  option :aws_region,
+         short: '-r AWS_REGION',
+         long: '--aws-region REGION',
+         description: 'AWS Region (defaults to us-east-1).',
+         default: 'us-east-1'
+
+  option :use_iam_role,
+         short: '-u',
+         long: '--use-iam',
+         description: 'Use IAM role authenticiation. Instance must have IAM role assigned for this to work'
+
+  option :instance_id,
+         short: '-i INSTANCE_IDS',
+         long: '--instances INSTANCES_IDS',
+         description: 'Comma separated list of instances ids to check. Defaults to all instances in the region',
+         proc: proc { |a| a.split(',') },
+         default: []
+
+  option :include_name,
+         short: '-n',
+         long: '--include-name',
+         description: "Includes any offending instance's 'Name' tag in the check output",
+         default: false
+
+  def aws_config
+    { access_key_id: config[:aws_access_key],
+      secret_access_key: config[:aws_secret_access_key],
+      region: config[:aws_region] }
+  end
+
+  def ec2_regions
+    Aws.partition('aws').regions.map(&:name)
+  end
+
+  def run
+    event_instances = []
+    aws_config = {}
+
+    aws_regions = ec2_regions
+
+    unless config[:aws_region].casecmp('all').zero?
+      if aws_regions.include? config[:aws_region]
+        aws_regions.clear.push(config[:aws_region])
+      else
+        critical 'Invalid region specified!'
+      end
+    end
+
+    if config[:use_iam_role].nil?
+      aws_config[:access_key_id] = config[:aws_access_key]
+      aws_config[:secret_access_key] = config[:aws_secret_access_key]
+    end
+
+    # TODO: come back and refactor this
+    aws_regions.each do |r| # Iterate each possible region # rubocop:disable Metrics/BlockLength)
+      ec2 = Aws::EC2::Client.new(aws_config.merge!(region: r))
+      begin
+        describe_instance_options = {}
+        if config[:instance_id].any?
+          describe_instance_options = describe_instance_options.merge(instance_ids: config[:instance_id])
+        end
+
+        ec2.describe_instance_status(describe_instance_options).instance_statuses.each do |i|
+          next if i[:events].empty?
+
+          # Exclude completed reboots since the events API appearently returns these even after they have been completed:
+          # Example:
+          #  "events_set": [
+          #     {
+          #         "code": "system-reboot",
+          #         "description": "[Completed] Scheduled reboot",
+          #         "not_before": "2015-01-05 12:00:00 UTC",
+          #         "not_after": "2015-01-05 18:00:00 UTC"
+          #     }
+          # ]
+          useful_events =
+            i[:events].reject { |x| (x[:code] =~ /system-reboot|instance-reboot|instance-stop|system-maintenance/) && (x[:description] =~ /\[Completed\]|\[Canceled\]/) }
+
+          unless useful_events.empty?
+            name = ''
+            if config[:include_name]
+              begin
+                instance_desc = ec2.describe_instances(instance_ids: [i[:instance_id]])
+                name_tag = instance_desc.reservations[0].instances[0].tags.find { |tag| tag[:key] == 'Name' }
+                name = name_tag.nil? ? '' : name_tag.value
+              rescue StandardError => e
+                puts "Issue getting instance details for #{i[:instance_id]} (#{r}).  Exception = #{e}"
+              end
+            end
+
+            event_instances << if name.empty?
+                                 "#{i[:instance_id]} (#{r}) (#{i[:events][0][:code]}) #{i[:events][0][:description]}"
+                               else
+                                 "#{name} (#{i[:instance_id]} #{r}) (#{i[:events][0][:code]}) #{i[:events][0][:description]}"
+                               end
+          end
+        end
+      rescue StandardError => e
+        unknown "An error occurred processing AWS EC2 API (#{r}): #{e.message}"
+      end
+    end
+
+    if event_instances.count > 0
+      critical("#{event_instances.count} instance#{event_instances.count > 1 ? 's have' : ' has'} upcoming scheduled events: #{event_instances.join(',')}")
+    else
+      ok
+    end
+  end
+end

data/bin/check-instance-health.rb

@@ -0,0 +1,108 @@
+#! /usr/bin/env ruby
+#
+# check-instance-health
+#
+# DESCRIPTION:
+#   This plugin looks up all instances in an account and checks event data, system status
+#
+# OUTPUT:
+#   plain-text
+#
+# PLATFORMS:
+#   Linux
+#
+# DEPENDENCIES:
+#   gem: aws-sdk
+#   gem: sensu-plugin
+#
+# USAGE:
+#   #YELLOW
+#
+# NOTES:
+#
+# LICENSE:
+#   Shane Starcher
+#   Copyright (c) 2016
+#   Released under the same terms as Sensu (the MIT license); see LICENSE
+#   for details.
+#
+
+require 'sensu-plugins-aws'
+require 'sensu-plugin/check/cli'
+require 'aws-sdk'
+
+class CheckInstanceEvents < Sensu::Plugin::Check::CLI
+  include Common
+
+  option :aws_region,
+         short: '-r AWS_REGION',
+         long: '--aws-region REGION',
+         description: 'AWS Region (defaults to us-east-1).',
+         default: 'us-east-1'
+  option :filter,
+         short: '-f FILTER',
+         long: '--filter FILTER',
+         description: 'String representation of the filter to apply',
+         default: '{}'
+
+  def gather_events(events)
+    useful_events = events.reject { |x| (x[:code] =~ /system-reboot|instance-stop|system-maintenance/) || (x[:description] =~ /\[Completed\]|\[Canceled\]/) }
+    !useful_events.empty?
+  end
+
+  def gather_status(status_checks)
+    ['impaired', 'insufficient-data'].include? status_checks.status
+  end
+
+  def run
+    filter = Filter.parse(config[:filter])
+    options = if filter.empty?
+                {}
+              else
+                { filters: filter }
+              end
+
+    messages = []
+
+    ec2 = Aws::EC2::Client.new
+    instance_ids = []
+
+    instances = ec2.describe_instances(options)
+    instances.reservations.each do |r|
+      r.instances.each do |i|
+        instance_ids.push(i[:instance_id])
+      end
+    end
+
+    begin
+      resp = []
+      instance_ids.each_slice(100) do |batch|
+        resp << ec2.describe_instance_status(instance_ids: batch)
+      end
+      resp.each do |r|
+        r.instance_statuses.each do |item|
+          id = item.instance_id
+          if gather_events(item.events)
+            messages << "#{id} has unscheduled events"
+          end
+
+          if gather_status(item.system_status)
+            messages << "#{id} has failed system status checks"
+          end
+
+          if gather_status(item.instance_status)
+            messages << "#{id} has failed instance status checks"
+          end
+        end
+      end
+    rescue StandardError => e
+      unknown "An error occurred processing AWS EC2 API: #{e.message}"
+    end
+
+    if messages.count > 0
+      critical("#{messages.count} instances #{messages.count > 1 ? 'have' : 'has'}: #{messages.join(',')}")
+    else
+      ok
+    end
+  end
+end

data/bin/check-instance-reachability.rb

@@ -0,0 +1,107 @@
+#! /usr/bin/env ruby
+#
+# check-instance-reachability
+#
+# DESCRIPTION:
+#   This plugin looks up all instances from a filter set and pings
+#
+# OUTPUT:
+#   plain-text
+#
+# PLATFORMS:
+#   Linux
+#
+# DEPENDENCIES:
+#   gem: aws-sdk
+#   gem: sensu-plugin
+#
+# USAGE:
+#   #YELLOW
+#
+# NOTES:
+#
+# LICENSE:
+#   Copyright (c) 2014, Leon Gibat, brendan.gibat@gmail.com
+#   Released under the same terms as Sensu (the MIT license); see LICENSE
+#   for details.
+#
+
+require 'sensu-plugin/check/cli'
+require 'aws-sdk'
+require 'sensu-plugins-aws'
+
+class CheckInstanceReachability < Sensu::Plugin::Check::CLI
+  include Common
+  include Filter
+
+  option :aws_region,
+         short: '-r AWS_REGION',
+         long: '--aws-region REGION',
+         description: 'AWS Region (defaults to us-east-1).',
+         default: 'us-east-1'
+
+  option :filter,
+         short: '-f FILTER',
+         long: '--filter FILTER',
+         description: 'String representation of the filter to apply',
+         default: '{}'
+
+  option :timeout,
+         description: 'Ping timeout in seconds',
+         short: '-t TIMEOUT',
+         long: '--timeout TIMEOUT',
+         default: 5,
+         proc: proc(&:to_i)
+
+  option :count,
+         description: 'Ping count',
+         short: '-c COUNT',
+         long: '--count COUNT',
+         default: 1,
+         proc: proc(&:to_i)
+
+  option :critical_response,
+         description: 'Flag if the response should error on failures',
+         short: '-r',
+         long: '--critical-response',
+         boolean: true,
+         default: false
+
+  def run
+    begin
+      aws_config
+      client = Aws::EC2::Client.new
+
+      filter = Filter.parse(config[:filter])
+
+      options = { filters: filter }
+
+      errors = []
+      instance_ids = []
+      data = client.describe_instances(options)
+
+      data[:reservations].each do |res|
+        res[:instances].each do |i|
+          instance_ids << i[:instance_id]
+          `ping -c #{config[:count]} -W #{config[:timeout]} #{i[:private_ip_address]}`
+          if $CHILD_STATUS.to_i > 0
+            errors << "Could not reach #{i[:instance_id]}"
+          end
+        end
+      end
+    rescue StandardError => e
+      puts "Error: exception: #{e}"
+      critical
+    end
+    if errors.empty?
+      ok "Instances checked: #{instance_ids.join(',')}"
+    else
+      message = errors.join(',')
+      if config[:critical_response]
+        critical message
+      else
+        warning message
+      end
+    end
+  end
+end

data/bin/check-instances-count.rb

@@ -0,0 +1,94 @@
+#! /usr/bin/env ruby
+#
+# check-instances-count
+#
+#
+# DESCRIPTION:
+#   This plugin checks the instances count for a specific auto scale group ( ASG ).
+#   Goal is to allow you to monitor that your ASG isnt out of control
+#
+# OUTPUT:
+#   plain-text
+#
+# PLATFORMS:
+#   Linux
+#
+# DEPENDENCIES:
+#   gem: aws-sdk
+#   gem: sensu-plugin
+#
+# USAGE:
+#     check-instances-count.rb --warn 15 --crit 25 --groupname logstash-instances-auto
+#
+#
+#
+# NOTES:
+#
+# LICENSE:
+#   Copyright (c) 2015, Kevin Bond
+#   Released under the same terms as Sensu (the MIT license); see LICENSE
+#   for details.
+#
+
+require 'sensu-plugins-aws'
+require 'sensu-plugin/check/cli'
+require 'aws-sdk'
+
+# Class to check the instance count
+class CheckInstanceCount < Sensu::Plugin::Check::CLI
+  include Common
+
+  option :groupname,
+         description: 'Name of the AutoScaling group',
+         short: '-g GROUP_NAME',
+         long: '--groupname GROUP_NAME',
+         required: true
+
+  option :aws_region,
+         short: '-r AWS_REGION',
+         long: '--aws-region REGION',
+         description: 'AWS Region (such as us-east-1).',
+         default: 'us-east-1'
+
+  option :warn,
+         short: '-w COUNT',
+         long: '--warn COUNT',
+         proc: proc(&:to_i),
+         default: 15
+
+  option :crit,
+         short: '-c COUNT',
+         long: '--crit COUNT',
+         proc: proc(&:to_i),
+         default: 25
+
+  def instance_count
+    client = Aws::AutoScaling::Client.new
+    resp = client.describe_auto_scaling_groups(
+      auto_scaling_group_names: [config[:groupname]]
+    ).to_h
+    instances = []
+    resp[:auto_scaling_groups].each do |g|
+      g[:instances].each do |i|
+        if i[:lifecycle_state] == 'InService' && i[:health_status] == 'Healthy'
+          instances << i[:instance_id]
+        end
+      end
+    end
+    instances.length
+  rescue StandardError => e
+    critical "There was an error reaching AWS - #{e.message}"
+  end
+
+  def run
+    count = instance_count
+    msg_prefix = "#{count} instances running for ASG [ #{config[:groupname]} ]"
+    if count >= config[:crit]
+      critical "#{msg_prefix} - critical threshold #{config[:crit]}"
+    elsif count >= config[:warn]
+      warning "#{msg_prefix} - warning threshold #{config[:warn]}, critical threshold #{config[:crit]}"
+    else
+      ok msg_prefix
+    end
+  end
+end