sensu-plugins-dns 1.1.0 → 1.2.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/CHANGELOG.md +6 -1
- data/bin/check-dns.rb +89 -46
- data/lib/sensu-plugins-dns/version.rb +1 -1
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 4ea5d5beab135be6075b0d6852baed6faee580ff
|
|
4
|
+
data.tar.gz: 9a96a200a5b29a3b825d854511b0c07d7e0a8fe3
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 08a0d341fdae3693ad67acb449ed7774ac82684686a59b468001c7757429e176d3a063ecca927bac9982996146bce8fb9cb0428ab1dd07a75c20a516a977d419
|
|
7
|
+
data.tar.gz: ecc6d2fb556c02325f110727f27f4407b98ff2612989a7075d5154c8be3640c16e015ae2745df25cf1aea85c84da38b7cf7f948fb52374a914d7088b1a521e95
|
data/CHANGELOG.md
CHANGED
|
@@ -4,6 +4,10 @@ This project adheres to [Semantic Versioning](http://semver.org/).
|
|
|
4
4
|
This CHANGELOG follows the format listed at [Keep A Changelog](http://keepachangelog.com/)
|
|
5
5
|
|
|
6
6
|
## [Unreleased]
|
|
7
|
+
## [1.2.0] - 2017-05-16
|
|
8
|
+
### Added
|
|
9
|
+
- Add support for making multiple requests, with a threshold for success
|
|
10
|
+
|
|
7
11
|
## [1.1.0]
|
|
8
12
|
### Added
|
|
9
13
|
- Added option for DNS server port (@apriljo)
|
|
@@ -49,7 +53,8 @@ This CHANGELOG follows the format listed at [Keep A Changelog](http://keepachang
|
|
|
49
53
|
### Changed
|
|
50
54
|
- removed cruft from /lib
|
|
51
55
|
|
|
52
|
-
[Unreleased]: https://github.com/sensu-plugins/sensu-plugins-dns/compare/1.
|
|
56
|
+
[Unreleased]: https://github.com/sensu-plugins/sensu-plugins-dns/compare/1.2.0...HEAD
|
|
57
|
+
[1.2.0]: https://github.com/sensu-plugins/sensu-plugins-dns/compare/1.1.0...1/1.2
|
|
53
58
|
[1.1.0]: https://github.com/sensu-plugins/sensu-plugins-dns/compare/1.0.0...1/1.0
|
|
54
59
|
[1.0.0]: https://github.com/sensu-plugins/sensu-plugins-dns/compare/0.0.6...1.0.0
|
|
55
60
|
[0.0.6]: https://github.com/sensu-plugins/sensu-plugins-dns/compare/0.0.5...0.0.6
|
data/bin/check-dns.rb
CHANGED
|
@@ -97,6 +97,20 @@ class DNS < Sensu::Plugin::Check::CLI
|
|
|
97
97
|
long: '--use-tcp',
|
|
98
98
|
boolean: true
|
|
99
99
|
|
|
100
|
+
option :request_count,
|
|
101
|
+
description: 'Number of DNS requests to send',
|
|
102
|
+
short: '-c COUNT',
|
|
103
|
+
long: '--request_count COUNT',
|
|
104
|
+
proc: proc(&:to_i),
|
|
105
|
+
default: 1
|
|
106
|
+
|
|
107
|
+
option :threshold,
|
|
108
|
+
description: 'Percentage of DNS queries that must succeed',
|
|
109
|
+
short: '-l PERCENT',
|
|
110
|
+
long: '--threshold PERCENT',
|
|
111
|
+
proc: proc(&:to_i),
|
|
112
|
+
default: 100
|
|
113
|
+
|
|
100
114
|
option :timeout,
|
|
101
115
|
description: 'Set timeout for query',
|
|
102
116
|
short: '-T TIMEOUT',
|
|
@@ -111,9 +125,20 @@ class DNS < Sensu::Plugin::Check::CLI
|
|
|
111
125
|
dnsruby_config[:use_tcp] = config[:use_tcp] unless config[:use_tcp].nil?
|
|
112
126
|
resolv = Dnsruby::Resolver.new(dnsruby_config)
|
|
113
127
|
resolv.do_validation = true if config[:validate]
|
|
114
|
-
|
|
115
|
-
|
|
116
|
-
|
|
128
|
+
|
|
129
|
+
entries = []
|
|
130
|
+
count = 0
|
|
131
|
+
while count < config[:request_count]
|
|
132
|
+
begin
|
|
133
|
+
entry = resolv.query(config[:domain], config[:type], config[:class])
|
|
134
|
+
resolv.query_timeout = config[:timeout]
|
|
135
|
+
rescue => e
|
|
136
|
+
entry = e
|
|
137
|
+
end
|
|
138
|
+
entries << entry
|
|
139
|
+
puts "Entry #{count}: #{entry}" if config[:debug]
|
|
140
|
+
count += 1
|
|
141
|
+
end
|
|
117
142
|
|
|
118
143
|
entries
|
|
119
144
|
end
|
|
@@ -133,6 +158,59 @@ class DNS < Sensu::Plugin::Check::CLI
|
|
|
133
158
|
critical "Resolved #{config[:domain]} #{config[:type]} did not match #{regex}"
|
|
134
159
|
end
|
|
135
160
|
|
|
161
|
+
def check_results(entries)
|
|
162
|
+
errors = []
|
|
163
|
+
success = []
|
|
164
|
+
|
|
165
|
+
entries.each do |entry|
|
|
166
|
+
if entry.class == Dnsruby::NXDomain
|
|
167
|
+
errors << "Could not resolve #{config[:domain]} #{config[:type]} record"
|
|
168
|
+
next
|
|
169
|
+
elsif entry.class == Dnsruby::ResolvTimeout
|
|
170
|
+
errors << "Could not resolve #{config[:domain]}: Query timed out"
|
|
171
|
+
next
|
|
172
|
+
elsif entry.is_a?(Exception)
|
|
173
|
+
errors << "Could not resolve #{config[:domain]}: #{entry}"
|
|
174
|
+
next
|
|
175
|
+
end
|
|
176
|
+
|
|
177
|
+
puts entry.answer if config[:debug]
|
|
178
|
+
if entry.answer.length.zero?
|
|
179
|
+
success << "Could not resolve #{config[:domain]} #{config[:type]} record"
|
|
180
|
+
elsif config[:result]
|
|
181
|
+
# special logic for checking ipaddresses with result
|
|
182
|
+
# mostly for ipv6 but decided to use the same logic for
|
|
183
|
+
# consistency reasons
|
|
184
|
+
if config[:type] == 'A' || config[:type] == 'AAAA'
|
|
185
|
+
check_ips(entries)
|
|
186
|
+
# non ip type
|
|
187
|
+
else
|
|
188
|
+
b = if entry.answer.count > 1
|
|
189
|
+
entry.answer.rrsets(config[:type].to_s).to_s
|
|
190
|
+
else
|
|
191
|
+
entry.answer.first.to_s
|
|
192
|
+
end
|
|
193
|
+
if b.include?(config[:result])
|
|
194
|
+
success << "Resolved #{entry.security_level} #{config[:domain]} #{config[:type]} included #{config[:result]}"
|
|
195
|
+
else
|
|
196
|
+
errors << "Resolved #{config[:domain]} #{config[:type]} did not include #{config[:result]}"
|
|
197
|
+
end
|
|
198
|
+
end
|
|
199
|
+
elsif config[:regex]
|
|
200
|
+
check_against_regex(entry, Regexp.new(config[:regex]))
|
|
201
|
+
|
|
202
|
+
elsif config[:validate]
|
|
203
|
+
if entry.security_level != 'SECURE'
|
|
204
|
+
error << "Resolved #{entry.security_level} #{config[:domain]} #{config[:type]}"
|
|
205
|
+
end
|
|
206
|
+
success << "Resolved #{entry.security_level} #{config[:domain]} #{config[:type]}"
|
|
207
|
+
else
|
|
208
|
+
success << "Resolved #{config[:domain]} #{config[:type]}"
|
|
209
|
+
end
|
|
210
|
+
end
|
|
211
|
+
[errors, success]
|
|
212
|
+
end
|
|
213
|
+
|
|
136
214
|
def check_ips(entries)
|
|
137
215
|
ips = entries.answer.rrsets(config[:type]).flat_map(&:rrs).map(&:address).map(&:to_s)
|
|
138
216
|
result = IPAddr.new config[:result]
|
|
@@ -145,52 +223,17 @@ class DNS < Sensu::Plugin::Check::CLI
|
|
|
145
223
|
|
|
146
224
|
def run
|
|
147
225
|
unknown 'No domain specified' if config[:domain].nil?
|
|
226
|
+
unknown 'Count must be 1 or more' if config[:request_count] < 1
|
|
148
227
|
|
|
149
|
-
|
|
150
|
-
|
|
151
|
-
rescue Dnsruby::NXDomain
|
|
152
|
-
output = "Could not resolve #{config[:domain]} #{config[:type]} record"
|
|
153
|
-
critical(output)
|
|
154
|
-
return
|
|
155
|
-
rescue => e
|
|
156
|
-
output = "Could not resolve #{config[:domain]}: #{e}"
|
|
157
|
-
config[:warn_only] ? warning(output) : critical(output)
|
|
158
|
-
return
|
|
159
|
-
end
|
|
160
|
-
puts entries.answer if config[:debug]
|
|
161
|
-
if entries.answer.length.zero?
|
|
162
|
-
output = "Could not resolve #{config[:domain]} #{config[:type]} record"
|
|
163
|
-
config[:warn_only] ? warning(output) : critical(output)
|
|
164
|
-
elsif config[:result]
|
|
165
|
-
# special logic for checking ipaddresses with result
|
|
166
|
-
# mostly for ipv6 but decided to use the same logic for
|
|
167
|
-
# consistency reasons
|
|
168
|
-
if config[:type] == 'A' || config[:type] == 'AAAA'
|
|
169
|
-
check_ips(entries)
|
|
170
|
-
# non ip type
|
|
171
|
-
else
|
|
172
|
-
b = if entries.answer.count > 1
|
|
173
|
-
entries.answer.rrsets(config[:type].to_s).to_s
|
|
174
|
-
else
|
|
175
|
-
entries.answer.first.to_s
|
|
176
|
-
end
|
|
177
|
-
if b.include?(config[:result])
|
|
178
|
-
ok "Resolved #{entries.security_level} #{config[:domain]} #{config[:type]} included #{config[:result]}"
|
|
179
|
-
else
|
|
180
|
-
critical "Resolved #{config[:domain]} #{config[:type]} did not include #{config[:result]}"
|
|
181
|
-
end
|
|
182
|
-
end
|
|
183
|
-
|
|
184
|
-
elsif config[:regex]
|
|
185
|
-
check_against_regex(entries, Regexp.new(config[:regex]))
|
|
228
|
+
entries = resolve_domain
|
|
229
|
+
errors, success = check_results(entries)
|
|
186
230
|
|
|
187
|
-
|
|
188
|
-
|
|
189
|
-
|
|
190
|
-
|
|
191
|
-
ok "Resolved #{entries.security_level} #{config[:domain]} #{config[:type]}"
|
|
231
|
+
percent = success.count.to_f / config[:request_count] * 100
|
|
232
|
+
if percent < config[:threshold]
|
|
233
|
+
output = "#{percent.to_i}% of tests succeeded: #{errors.uniq.join(', ')}"
|
|
234
|
+
config[:warn_only] ? warning(output) : critical(output)
|
|
192
235
|
else
|
|
193
|
-
ok
|
|
236
|
+
ok(success.uniq.join(', '))
|
|
194
237
|
end
|
|
195
238
|
end
|
|
196
239
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: sensu-plugins-dns
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.
|
|
4
|
+
version: 1.2.0
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Sensu Plugins and contributors
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2017-05-
|
|
11
|
+
date: 2017-05-16 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: sensu-plugin
|