sensu-plugins-aws-boutetnico 1.0.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +7 -0
- data/CHANGELOG.md +3 -0
- data/LICENSE +22 -0
- data/README.md +333 -0
- data/bin/check-alb-target-group-health.rb +100 -0
- data/bin/check-asg-instances-created.rb +129 -0
- data/bin/check-asg-instances-inservice.rb +109 -0
- data/bin/check-autoscaling-cpucredits.rb +160 -0
- data/bin/check-beanstalk-elb-metric.rb +123 -0
- data/bin/check-beanstalk-health.rb +123 -0
- data/bin/check-certificate-expiry.rb +123 -0
- data/bin/check-cloudfront-tag.rb +70 -0
- data/bin/check-cloudwatch-alarm.rb +102 -0
- data/bin/check-cloudwatch-alarms.rb +89 -0
- data/bin/check-cloudwatch-composite-metric.rb +199 -0
- data/bin/check-cloudwatch-metric.rb +123 -0
- data/bin/check-configservice-rules.rb +76 -0
- data/bin/check-direct-connect-virtual-interfaces.rb +84 -0
- data/bin/check-dynamodb-capacity.rb +194 -0
- data/bin/check-dynamodb-throttle.rb +188 -0
- data/bin/check-ebs-burst-limit.rb +143 -0
- data/bin/check-ebs-snapshots.rb +104 -0
- data/bin/check-ec2-cpu_balance.rb +139 -0
- data/bin/check-ec2-filter.rb +190 -0
- data/bin/check-ec2-network.rb +133 -0
- data/bin/check-ecs-service-health.rb +155 -0
- data/bin/check-efs-metric.rb +145 -0
- data/bin/check-eip-allocation.rb +64 -0
- data/bin/check-elasticache-failover.rb +113 -0
- data/bin/check-elb-certs.rb +132 -0
- data/bin/check-elb-health-fog.rb +114 -0
- data/bin/check-elb-health-sdk.rb +176 -0
- data/bin/check-elb-health.rb +116 -0
- data/bin/check-elb-instances-inservice.rb +103 -0
- data/bin/check-elb-latency.rb +166 -0
- data/bin/check-elb-nodes.rb +133 -0
- data/bin/check-elb-sum-requests.rb +157 -0
- data/bin/check-emr-cluster.rb +144 -0
- data/bin/check-emr-steps.rb +90 -0
- data/bin/check-eni-status.rb +110 -0
- data/bin/check-expiring-reservations.rb +117 -0
- data/bin/check-instance-events.rb +154 -0
- data/bin/check-instance-health.rb +108 -0
- data/bin/check-instance-reachability.rb +107 -0
- data/bin/check-instances-count.rb +94 -0
- data/bin/check-kms-key.rb +73 -0
- data/bin/check-rds-events.rb +141 -0
- data/bin/check-rds-pending.rb +91 -0
- data/bin/check-rds.rb +382 -0
- data/bin/check-redshift-events.rb +108 -0
- data/bin/check-reserved-instances.rb +80 -0
- data/bin/check-route.rb +122 -0
- data/bin/check-route53-domain-expiration.rb +78 -0
- data/bin/check-s3-bucket-visibility.rb +176 -0
- data/bin/check-s3-bucket.rb +86 -0
- data/bin/check-s3-object.rb +205 -0
- data/bin/check-s3-tag.rb +70 -0
- data/bin/check-sensu-client.rb +184 -0
- data/bin/check-ses-limit.rb +89 -0
- data/bin/check-ses-statistics.rb +149 -0
- data/bin/check-sns-subscriptions.rb +52 -0
- data/bin/check-sqs-messages.rb +168 -0
- data/bin/check-subnet-ip-consumption.rb +234 -0
- data/bin/check-trustedadvisor-service-limits.rb +90 -0
- data/bin/check-vpc-nameservers.rb +87 -0
- data/bin/check-vpc-vpn.rb +98 -0
- data/bin/handler-ec2_node.rb +241 -0
- data/bin/handler-scale-asg-down.rb +131 -0
- data/bin/handler-scale-asg-up.rb +131 -0
- data/bin/handler-ses.rb +107 -0
- data/bin/handler-sns.rb +64 -0
- data/bin/metrics-asg.rb +156 -0
- data/bin/metrics-autoscaling-instance-count.rb +101 -0
- data/bin/metrics-billing.rb +97 -0
- data/bin/metrics-cloudfront.rb +159 -0
- data/bin/metrics-ec2-count.rb +137 -0
- data/bin/metrics-ec2-filter.rb +97 -0
- data/bin/metrics-elasticache.rb +166 -0
- data/bin/metrics-elb.rb +169 -0
- data/bin/metrics-emr-steps.rb +82 -0
- data/bin/metrics-rds.rb +153 -0
- data/bin/metrics-reservation-utilization.rb +84 -0
- data/bin/metrics-s3.rb +107 -0
- data/bin/metrics-ses.rb +62 -0
- data/bin/metrics-sqs.rb +98 -0
- data/bin/metrics-waf.rb +111 -0
- data/lib/sensu-plugins-aws.rb +4 -0
- data/lib/sensu-plugins-aws/cloudwatch-common.rb +92 -0
- data/lib/sensu-plugins-aws/common.rb +35 -0
- data/lib/sensu-plugins-aws/filter.rb +47 -0
- data/lib/sensu-plugins-aws/version.rb +8 -0
- metadata +456 -0
@@ -0,0 +1,86 @@
|
|
1
|
+
#! /usr/bin/env ruby
|
2
|
+
#
|
3
|
+
# check-s3-bucket
|
4
|
+
#
|
5
|
+
# DESCRIPTION:
|
6
|
+
# This plugin checks a bucket and alerts if not exists
|
7
|
+
#
|
8
|
+
# OUTPUT:
|
9
|
+
# plain-text
|
10
|
+
#
|
11
|
+
# PLATFORMS:
|
12
|
+
# Linux
|
13
|
+
#
|
14
|
+
# DEPENDENCIES:
|
15
|
+
# gem: aws-sdk
|
16
|
+
# gem: sensu-plugin
|
17
|
+
#
|
18
|
+
# USAGE:
|
19
|
+
# ./check-s3-bucket.rb --bucket-name mybucket --aws-region eu-west-1
|
20
|
+
#
|
21
|
+
# NOTES:
|
22
|
+
#
|
23
|
+
# LICENSE:
|
24
|
+
# Copyright (c) 2015, Olivier Bazoud, olivier.bazoud@gmail.com
|
25
|
+
# Released under the same terms as Sensu (the MIT license); see LICENSE
|
26
|
+
# for details.
|
27
|
+
#
|
28
|
+
|
29
|
+
require 'sensu-plugin/check/cli'
|
30
|
+
require 'aws-sdk'
|
31
|
+
|
32
|
+
class CheckS3Bucket < Sensu::Plugin::Check::CLI
|
33
|
+
option :aws_access_key,
|
34
|
+
short: '-a AWS_ACCESS_KEY',
|
35
|
+
long: '--aws-access-key AWS_ACCESS_KEY',
|
36
|
+
description: "AWS Access Key. Either set ENV['AWS_ACCESS_KEY'] or provide it as an option",
|
37
|
+
default: ENV['AWS_ACCESS_KEY']
|
38
|
+
|
39
|
+
option :aws_secret_access_key,
|
40
|
+
short: '-k AWS_SECRET_KEY',
|
41
|
+
long: '--aws-secret-access-key AWS_SECRET_KEY',
|
42
|
+
description: "AWS Secret Access Key. Either set ENV['AWS_SECRET_KEY'] or provide it as an option",
|
43
|
+
default: ENV['AWS_SECRET_KEY']
|
44
|
+
|
45
|
+
option :aws_region,
|
46
|
+
short: '-r AWS_REGION',
|
47
|
+
long: '--aws-region REGION',
|
48
|
+
description: 'AWS Region (defaults to us-east-1).',
|
49
|
+
default: 'us-east-1'
|
50
|
+
|
51
|
+
option :bucket_name,
|
52
|
+
short: '-b BUCKET_NAME',
|
53
|
+
long: '--bucket-name',
|
54
|
+
description: 'The name of the S3 bucket to check',
|
55
|
+
required: true
|
56
|
+
|
57
|
+
option :use_iam_role,
|
58
|
+
short: '-u',
|
59
|
+
long: '--use-iam',
|
60
|
+
description: 'Use IAM role authenticiation. Instance must have IAM role assigned for this to work'
|
61
|
+
|
62
|
+
def aws_config
|
63
|
+
{ access_key_id: config[:aws_access_key],
|
64
|
+
secret_access_key: config[:aws_secret_access_key],
|
65
|
+
region: config[:aws_region] }
|
66
|
+
end
|
67
|
+
|
68
|
+
def run
|
69
|
+
aws_config = {}
|
70
|
+
|
71
|
+
if config[:use_iam_role].nil?
|
72
|
+
aws_config[:access_key_id] = config[:aws_access_key]
|
73
|
+
aws_config[:secret_access_key] = config[:aws_secret_access_key]
|
74
|
+
end
|
75
|
+
|
76
|
+
s3 = Aws::S3::Client.new(aws_config.merge!(region: config[:aws_region]))
|
77
|
+
begin
|
78
|
+
s3.head_bucket(bucket: config[:bucket_name])
|
79
|
+
ok "Bucket #{config[:bucket_name]} found"
|
80
|
+
rescue Aws::S3::Errors::NotFound => _
|
81
|
+
critical "Bucket #{config[:bucket_name]} not found"
|
82
|
+
rescue StandardError => e
|
83
|
+
critical "Bucket #{config[:bucket_name]} - #{e.message}"
|
84
|
+
end
|
85
|
+
end
|
86
|
+
end
|
@@ -0,0 +1,205 @@
|
|
1
|
+
#! /usr/bin/env ruby
|
2
|
+
#
|
3
|
+
# check-s3-object
|
4
|
+
#
|
5
|
+
# DESCRIPTION:
|
6
|
+
# This plugin checks if a file exists in a bucket and/or is not too old.
|
7
|
+
#
|
8
|
+
# OUTPUT:
|
9
|
+
# plain-text
|
10
|
+
#
|
11
|
+
# PLATFORMS:
|
12
|
+
# Linux
|
13
|
+
#
|
14
|
+
# DEPENDENCIES:
|
15
|
+
# gem: aws-sdk
|
16
|
+
# gem: sensu-plugin
|
17
|
+
#
|
18
|
+
# USAGE:
|
19
|
+
# ./check-s3-object.rb --bucket-name mybucket --aws-region eu-west-1 --use-iam --key-name "path/to/myfile.txt"
|
20
|
+
# ./check-s3-object.rb --bucket-name mybucket --aws-region eu-west-1 --use-iam --key-name "path/to/myfile.txt" --warning 90000 --critical 126000
|
21
|
+
# ./check-s3-object.rb --bucket-name mybucket --aws-region eu-west-1 --use-iam --key-name "path/to/myfile.txt" --warning 90000 --critical 126000 --ok-zero-size
|
22
|
+
#
|
23
|
+
# NOTES:
|
24
|
+
#
|
25
|
+
# LICENSE:
|
26
|
+
# Copyright (c) 2015, Olivier Bazoud, olivier.bazoud@gmail.com
|
27
|
+
# Released under the same terms as Sensu (the MIT license); see LICENSE
|
28
|
+
# for details.
|
29
|
+
#
|
30
|
+
|
31
|
+
require 'sensu-plugin/check/cli'
|
32
|
+
require 'aws-sdk'
|
33
|
+
|
34
|
+
class CheckS3Object < Sensu::Plugin::Check::CLI
|
35
|
+
option :aws_access_key,
|
36
|
+
short: '-a AWS_ACCESS_KEY',
|
37
|
+
long: '--aws-access-key AWS_ACCESS_KEY',
|
38
|
+
description: "AWS Access Key. Either set ENV['AWS_ACCESS_KEY'] or provide it as an option",
|
39
|
+
default: ENV['AWS_ACCESS_KEY']
|
40
|
+
|
41
|
+
option :aws_secret_access_key,
|
42
|
+
short: '-k AWS_SECRET_KEY',
|
43
|
+
long: '--aws-secret-access-key AWS_SECRET_KEY',
|
44
|
+
description: "AWS Secret Access Key. Either set ENV['AWS_SECRET_KEY'] or provide it as an option",
|
45
|
+
default: ENV['AWS_SECRET_KEY']
|
46
|
+
|
47
|
+
option :aws_region,
|
48
|
+
short: '-r AWS_REGION',
|
49
|
+
long: '--aws-region REGION',
|
50
|
+
description: 'AWS Region (defaults to us-east-1).',
|
51
|
+
default: 'us-east-1'
|
52
|
+
|
53
|
+
option :use_iam_role,
|
54
|
+
short: '-u',
|
55
|
+
long: '--use-iam',
|
56
|
+
description: 'Use IAM role authenticiation. Instance must have IAM role assigned for this to work'
|
57
|
+
|
58
|
+
option :bucket_name,
|
59
|
+
short: '-b BUCKET_NAME',
|
60
|
+
long: '--bucket-name',
|
61
|
+
description: 'The name of the S3 bucket where object lives',
|
62
|
+
required: true
|
63
|
+
|
64
|
+
option :key_name,
|
65
|
+
short: '-n KEY_NAME',
|
66
|
+
long: '--key-name',
|
67
|
+
description: 'The name of key in the bucket'
|
68
|
+
|
69
|
+
option :key_prefix,
|
70
|
+
short: '-p KEY_PREFIX',
|
71
|
+
long: '--key-prefix',
|
72
|
+
description: 'Prefix key to search on the bucket'
|
73
|
+
|
74
|
+
option :warning_age,
|
75
|
+
description: 'Warn if mtime greater than provided age in seconds',
|
76
|
+
short: '-w SECONDS',
|
77
|
+
long: '--warning SECONDS'
|
78
|
+
|
79
|
+
option :critical_age,
|
80
|
+
description: 'Critical if mtime greater than provided age in seconds',
|
81
|
+
short: '-c SECONDS',
|
82
|
+
long: '--critical SECONDS'
|
83
|
+
|
84
|
+
option :ok_zero_size,
|
85
|
+
description: 'OK if file has zero size',
|
86
|
+
short: '-z',
|
87
|
+
long: '--ok-zero-size',
|
88
|
+
boolean: true,
|
89
|
+
default: false
|
90
|
+
|
91
|
+
option :warning_size,
|
92
|
+
description: 'Warning threshold for size',
|
93
|
+
long: '--warning-size COUNT'
|
94
|
+
|
95
|
+
option :critical_size,
|
96
|
+
description: 'Critical threshold for size',
|
97
|
+
long: '--critical-size COUNT'
|
98
|
+
|
99
|
+
option :compare_size,
|
100
|
+
description: 'Comparision operator for threshold: equal, not, greater, less',
|
101
|
+
short: '-o OPERATION',
|
102
|
+
long: '--operator-size OPERATION',
|
103
|
+
default: 'equal'
|
104
|
+
|
105
|
+
option :no_crit_on_multiple_objects,
|
106
|
+
description: 'If this flag is set, sort all matching objects by last_modified date and check against the newest. By default, this check will return a CRITICAL result if multiple matching objects are found.',
|
107
|
+
short: '-m',
|
108
|
+
long: '--ok-on-multiple-objects',
|
109
|
+
boolean: true
|
110
|
+
|
111
|
+
def aws_config
|
112
|
+
{ access_key_id: config[:aws_access_key],
|
113
|
+
secret_access_key: config[:aws_secret_access_key],
|
114
|
+
region: config[:aws_region] }
|
115
|
+
end
|
116
|
+
|
117
|
+
def operator
|
118
|
+
op = lambda do |type, a, b|
|
119
|
+
case type
|
120
|
+
when 'age'
|
121
|
+
a > b
|
122
|
+
when 'size'
|
123
|
+
if config[:compare_size] == 'greater'
|
124
|
+
a > b
|
125
|
+
elsif config[:compare_size] == 'less'
|
126
|
+
a < b
|
127
|
+
elsif config[:compare_size] == 'not'
|
128
|
+
a != b
|
129
|
+
end
|
130
|
+
else
|
131
|
+
a == b
|
132
|
+
end
|
133
|
+
end
|
134
|
+
op
|
135
|
+
end
|
136
|
+
|
137
|
+
def run_check(type, level, value, element, msg)
|
138
|
+
key = "#{level}_#{type}".to_sym
|
139
|
+
return if config[key].nil?
|
140
|
+
to_check = config[key].to_i
|
141
|
+
send(level, msg % [element, value, config[:bucket_name]]) if operator.call type, value, to_check
|
142
|
+
end
|
143
|
+
|
144
|
+
def run
|
145
|
+
aws_config = {}
|
146
|
+
|
147
|
+
if (config[:key_name].nil? && config[:key_prefix].nil?) || (!config[:key_name].nil? && !config[:key_prefix].nil?)
|
148
|
+
critical 'Need one option between "key_name" and "key_prefix"'
|
149
|
+
end
|
150
|
+
|
151
|
+
if config[:use_iam_role].nil?
|
152
|
+
aws_config[:access_key_id] = config[:aws_access_key]
|
153
|
+
aws_config[:secret_access_key] = config[:aws_secret_access_key]
|
154
|
+
end
|
155
|
+
|
156
|
+
s3 = Aws::S3::Client.new(aws_config.merge!(region: config[:aws_region]))
|
157
|
+
begin
|
158
|
+
if !config[:key_name].nil?
|
159
|
+
key_search = config[:key_name]
|
160
|
+
key_fullname = key_search
|
161
|
+
output = s3.head_object(bucket: config[:bucket_name], key: key_search)
|
162
|
+
age = Time.now.to_i - output[:last_modified].to_i
|
163
|
+
size = output[:content_length]
|
164
|
+
elsif !config[:key_prefix].nil?
|
165
|
+
key_search = config[:key_prefix]
|
166
|
+
output = s3.list_objects(bucket: config[:bucket_name], prefix: key_search)
|
167
|
+
output = output.next_page while output.next_page?
|
168
|
+
|
169
|
+
if output.contents.size.to_i < 1
|
170
|
+
critical "Object with prefix \"#{key_search}\" not found in bucket #{config[:bucket_name]}"
|
171
|
+
end
|
172
|
+
|
173
|
+
if output.contents.size.to_i > 1
|
174
|
+
if config[:no_crit_on_multiple_objects].nil?
|
175
|
+
critical "Your prefix \"#{key_search}\" return too much files, you need to be more specific"
|
176
|
+
else
|
177
|
+
output.contents.sort_by!(&:last_modified).reverse!
|
178
|
+
end
|
179
|
+
end
|
180
|
+
|
181
|
+
key_fullname = output.contents[0].key
|
182
|
+
age = Time.now.to_i - output.contents[0].last_modified.to_i
|
183
|
+
size = output.contents[0].size
|
184
|
+
end
|
185
|
+
|
186
|
+
%i[critical warning].each do |level|
|
187
|
+
run_check('age', level, age, key_fullname, 'S3 object %s is %s seconds old (bucket %s)')
|
188
|
+
end
|
189
|
+
|
190
|
+
if size.zero?
|
191
|
+
critical "S3 object #{key_fullname} is empty (bucket #{config[:bucket_name]})" unless config[:ok_zero_size]
|
192
|
+
else
|
193
|
+
%i[critical warning].each do |level|
|
194
|
+
run_check('size', level, size, key_fullname, 'S3 %s object\'size : %s octets (bucket %s)')
|
195
|
+
end
|
196
|
+
end
|
197
|
+
|
198
|
+
ok("S3 object #{key_fullname} exists in bucket #{config[:bucket_name]}")
|
199
|
+
rescue Aws::S3::Errors::NotFound => _
|
200
|
+
critical "S3 object #{key_fullname} not found in bucket #{config[:bucket_name]}"
|
201
|
+
rescue StandardError => e
|
202
|
+
critical "S3 object #{key_fullname} in bucket #{config[:bucket_name]} - #{e.message} - #{e.backtrace}"
|
203
|
+
end
|
204
|
+
end
|
205
|
+
end
|
data/bin/check-s3-tag.rb
ADDED
@@ -0,0 +1,70 @@
|
|
1
|
+
#! /usr/bin/env ruby
|
2
|
+
#
|
3
|
+
# check-s3-tag
|
4
|
+
#
|
5
|
+
# DESCRIPTION:
|
6
|
+
# This plugin checks if buckets have a set of tags.
|
7
|
+
#
|
8
|
+
# OUTPUT:
|
9
|
+
# plain-text
|
10
|
+
#
|
11
|
+
# PLATFORMS:
|
12
|
+
# Linux
|
13
|
+
#
|
14
|
+
# DEPENDENCIES:
|
15
|
+
# gem: aws-sdk
|
16
|
+
# gem: sensu-plugin
|
17
|
+
#
|
18
|
+
# USAGE:
|
19
|
+
# ./check-s3-tag.rb --aws-region eu-west-1 --tag-keys xxx
|
20
|
+
#
|
21
|
+
# NOTES:
|
22
|
+
#
|
23
|
+
# LICENSE:
|
24
|
+
# Copyright (c) 2016, Olivier Bazoud, olivier.bazoud@gmail.com
|
25
|
+
# Released under the same terms as Sensu (the MIT license); see LICENSE
|
26
|
+
# for details.
|
27
|
+
#
|
28
|
+
|
29
|
+
require 'sensu-plugin/check/cli'
|
30
|
+
require 'sensu-plugins-aws/common'
|
31
|
+
require 'aws-sdk'
|
32
|
+
|
33
|
+
class CheckS3Tag < Sensu::Plugin::Check::CLI
|
34
|
+
include Common
|
35
|
+
|
36
|
+
option :aws_region,
|
37
|
+
short: '-r AWS_REGION',
|
38
|
+
long: '--aws-region REGION',
|
39
|
+
description: 'AWS Region (defaults to us-east-1).',
|
40
|
+
default: 'us-east-1'
|
41
|
+
|
42
|
+
option :tag_keys,
|
43
|
+
short: '-t TAG_KEYS',
|
44
|
+
long: '--tag-keys TAG_KEYS',
|
45
|
+
description: 'Tag keys'
|
46
|
+
|
47
|
+
def run
|
48
|
+
tags = config[:tag_keys].split(',')
|
49
|
+
s3 = Aws::S3::Client.new
|
50
|
+
missing_tags = []
|
51
|
+
s3.list_buckets.buckets.each do |bucket|
|
52
|
+
begin
|
53
|
+
keys = s3.get_bucket_tagging(bucket: bucket.name).tag_set.map(&:key)
|
54
|
+
if keys.sort & tags.sort != tags.sort
|
55
|
+
missing_tags.push bucket.name
|
56
|
+
end
|
57
|
+
rescue StandardError
|
58
|
+
missing_tags.push bucket.name
|
59
|
+
end
|
60
|
+
end
|
61
|
+
|
62
|
+
if missing_tags.empty?
|
63
|
+
ok
|
64
|
+
else
|
65
|
+
critical("Missing tags in #{missing_tags}")
|
66
|
+
end
|
67
|
+
rescue StandardError => e
|
68
|
+
critical "Error: #{e.message} - #{e.backtrace}"
|
69
|
+
end
|
70
|
+
end
|
@@ -0,0 +1,184 @@
|
|
1
|
+
#! /usr/bin/env ruby
|
2
|
+
#
|
3
|
+
# sensu-health-check
|
4
|
+
#
|
5
|
+
# DESCRIPTION:
|
6
|
+
# Finds a given tag set from EC2 and ensures sensu clients exist
|
7
|
+
#
|
8
|
+
# OUTPUT:
|
9
|
+
# plain-text
|
10
|
+
#
|
11
|
+
# PLATFORMS:
|
12
|
+
# Linux
|
13
|
+
#
|
14
|
+
# DEPENDENCIES:
|
15
|
+
# gem: aws-sdk
|
16
|
+
# gem: sensu-plugin
|
17
|
+
#
|
18
|
+
# USAGE:
|
19
|
+
# ./check-sensu-client.rb -w 20 -f "{name:tag-value,values:[infrastructure]}"
|
20
|
+
# ./check-sensu-client.rb -w 20 -f "{name:tag-value,values:[infrastructure]}" -e '{Name:[Ignore, Bad.*]}'
|
21
|
+
# ./check-sensu-client.rb -w 20 -f "{name:tag-value,values:[infrastructure]}" -e '{Name:[Ignore, Bad.*]} {Sensu: [Ignore]}'
|
22
|
+
#
|
23
|
+
# NOTES:
|
24
|
+
# Values provided for the exclusion filter are treated as regex's for evaluation purposes. Any matching value
|
25
|
+
# will result in the instance being excluded
|
26
|
+
#
|
27
|
+
# LICENSE:
|
28
|
+
# Justin McCarty (jmccarty3@gmail.com)
|
29
|
+
# Released under the same terms as Sensu (the MIT license); see LICENSE
|
30
|
+
# for details.
|
31
|
+
#
|
32
|
+
|
33
|
+
require 'sensu-plugins-aws'
|
34
|
+
require 'sensu-plugin/check/cli'
|
35
|
+
require 'aws-sdk'
|
36
|
+
require 'rest-client'
|
37
|
+
require 'json'
|
38
|
+
|
39
|
+
class CheckSensuClient < Sensu::Plugin::Check::CLI
|
40
|
+
include Filter
|
41
|
+
include Common
|
42
|
+
option :aws_region,
|
43
|
+
short: '-r AWS_REGION',
|
44
|
+
long: '--aws-region REGION',
|
45
|
+
description: 'AWS Region (such as us-east-1).',
|
46
|
+
default: 'us-east-1'
|
47
|
+
|
48
|
+
option :sensu_host,
|
49
|
+
short: '-h SENSU_HOST',
|
50
|
+
long: '--host SENSU_HOST',
|
51
|
+
description: 'Sensu host to query',
|
52
|
+
default: 'sensu'
|
53
|
+
|
54
|
+
option :insecure,
|
55
|
+
short: '-k',
|
56
|
+
boolean: true,
|
57
|
+
description: 'Enabling insecure connections',
|
58
|
+
default: false
|
59
|
+
|
60
|
+
option :sensu_port,
|
61
|
+
short: '-p SENSU_PORT',
|
62
|
+
long: '--port SENSU_PORT',
|
63
|
+
description: 'Sensu API port',
|
64
|
+
proc: proc(&:to_i),
|
65
|
+
default: 4567
|
66
|
+
|
67
|
+
option :warn,
|
68
|
+
short: '-w WARN',
|
69
|
+
description: 'Warn if instance has been up longer (Minutes)',
|
70
|
+
proc: proc(&:to_i),
|
71
|
+
default: 0
|
72
|
+
|
73
|
+
option :critical,
|
74
|
+
short: '-c CRITICAL',
|
75
|
+
description: 'Critical if instance has been up longer (Minutes)',
|
76
|
+
proc: proc(&:to_i)
|
77
|
+
|
78
|
+
option :min,
|
79
|
+
short: '-m MIN_TIME',
|
80
|
+
description: 'Minimum Time an instance must be running (Minutes)',
|
81
|
+
proc: proc(&:to_i),
|
82
|
+
default: 5
|
83
|
+
|
84
|
+
option :filter,
|
85
|
+
short: '-f FILTER',
|
86
|
+
description: 'Filter to use to find ec2 instances',
|
87
|
+
default: '{}'
|
88
|
+
|
89
|
+
option :exclude_tags,
|
90
|
+
short: '-e {<tag-key>:[VAL1, VAL2]} {<tag-key>:[VAL1, VAL2] }',
|
91
|
+
long: '--exclude_tags {<tag-key>:[VAL1, VAL2] } {<tag-key>:[VAL1, VAL2] }',
|
92
|
+
description: 'Tag Values to exclude by. Values treated as regex. Any matching value will result in exclusion.',
|
93
|
+
default: '{}'
|
94
|
+
|
95
|
+
def run
|
96
|
+
# Converting the string into a hash.
|
97
|
+
filter_list = config[:exclude_tags].split(/}\s?{/).map do |x|
|
98
|
+
x.gsub(/[{}]/, '')
|
99
|
+
end
|
100
|
+
filter_list = filter_list.map do |y|
|
101
|
+
h1, h2 = y.split(':')
|
102
|
+
{ h1 => h2 }
|
103
|
+
end.reduce(:merge)
|
104
|
+
filter_list.delete(nil)
|
105
|
+
filter_list.each { |x, y| filter_list[x] = y.strip.gsub(/[\[\]]/, '') }
|
106
|
+
client = Aws::EC2::Client.new
|
107
|
+
|
108
|
+
parsed_filter = Filter.parse(config[:filter])
|
109
|
+
|
110
|
+
filter = if parsed_filter.empty?
|
111
|
+
{}
|
112
|
+
else
|
113
|
+
{ filters: parsed_filter }
|
114
|
+
end
|
115
|
+
|
116
|
+
data = client.describe_instances(filter)
|
117
|
+
|
118
|
+
current_time = Time.now.utc
|
119
|
+
aws_instances = Set.new
|
120
|
+
data.reservations.each do |r|
|
121
|
+
r.instances.each do |i|
|
122
|
+
aws_instances << {
|
123
|
+
id: i[:instance_id],
|
124
|
+
up_time: (current_time - i[:launch_time]) / 60,
|
125
|
+
tags: i.tags
|
126
|
+
}
|
127
|
+
end
|
128
|
+
end
|
129
|
+
|
130
|
+
sensu_clients = client_check
|
131
|
+
|
132
|
+
missing = Set.new
|
133
|
+
|
134
|
+
aws_instances.delete_if do |instance|
|
135
|
+
instance[:tags].any? do |key|
|
136
|
+
filter_list.keys.include?(key.key) && filter_list[key.key].split(',').any? do |v|
|
137
|
+
key.value.match(/#{v.strip}/)
|
138
|
+
end
|
139
|
+
end
|
140
|
+
end
|
141
|
+
|
142
|
+
aws_instances.each do |i|
|
143
|
+
if sensu_clients.include?(i[:id]) == false
|
144
|
+
if i[:up_time] > config[:min]
|
145
|
+
missing << i
|
146
|
+
output "Missing instance #{i[:id]}. Uptime: #{i[:up_time]} Minutes"
|
147
|
+
end
|
148
|
+
end
|
149
|
+
end
|
150
|
+
|
151
|
+
warn_flag = false
|
152
|
+
crit_flag = false
|
153
|
+
|
154
|
+
missing.each do |m|
|
155
|
+
if (config[:critical].nil? == false) && (m[:up_time] > config[:critical])
|
156
|
+
crit_flag = true
|
157
|
+
elsif (config[:warn].nil? == false) && (m[:up_time] > config[:warn])
|
158
|
+
warn_flag = true
|
159
|
+
end
|
160
|
+
end
|
161
|
+
|
162
|
+
if crit_flag
|
163
|
+
critical
|
164
|
+
elsif warn_flag
|
165
|
+
warning
|
166
|
+
end
|
167
|
+
ok
|
168
|
+
end
|
169
|
+
|
170
|
+
def client_check
|
171
|
+
verify_mode = OpenSSL::SSL::VERIFY_PEER
|
172
|
+
verify_mode = OpenSSL::SSL::VERIFY_NONE if config[:insecure]
|
173
|
+
request = RestClient::Resource.new("#{config[:sensu_host]}:#{config[:sensu_port]}/clients",
|
174
|
+
verify_ssl: verify_mode)
|
175
|
+
response = JSON.parse(request.get)
|
176
|
+
|
177
|
+
clients = Set.new
|
178
|
+
response.each do |client|
|
179
|
+
clients << client['name']
|
180
|
+
end
|
181
|
+
|
182
|
+
clients
|
183
|
+
end
|
184
|
+
end
|