1 files changed, 101 insertions, 67 deletions
diff --git a/plugins-scripts/check_log.sh b/plugins-scripts/check_log.sh
index d28c8d0..8ecdd31 100755
--- a/plugins-scripts/check_log.sh
+++ b/plugins-scripts/check_log.sh
@@ -1,8 +1,7 @@
 #!/bin/sh
 #
 # Log file pattern detector plugin for monitoring
-# Written by Ethan Galstad (nagios@nagios.org)
+# Written originally by Ethan Galstad (nagios@nagios.org)
-# Last Modified: 07-31-1999
 #
 # Usage: ./check_log <log_file> <old_log_file> <pattern>
 #
@@ -19,7 +18,7 @@
 # On the first run of the plugin, it will return an OK state with a message
 # of "Log check data initialized".  On successive runs, it will return an OK
 # state if *no* pattern matches have been found in the *difference* between the
-# log file and the older copy of the log file.  If the plugin detects any 
+# log file and the older copy of the log file.  If the plugin detects any
 # pattern matches in the log diff, it will return a CRITICAL state and print
 # out a message is the following format: "(x) last_match", where "x" is the
 # total number of pattern matches found in the file and "last_match" is the
@@ -44,6 +43,10 @@
 #        check the same <log_file> for pattern matches.  This is necessary
 #        because of the way the script operates.
 #
+#    4.  This plugin does NOT have an understanding of logrotation or similar
+#        mechanisms. Therefore bad timing could lead to missing events
+#
+#
 # Examples:
 #
 # Check for login failures in the syslog...
@@ -60,20 +63,26 @@
 PATH="@TRUSTED_PATH@"
 export PATH
-PROGNAME=`basename $0`
+PROGNAME=$(basename "$0")
-PROGPATH=`echo $0 | sed -e 's,[\\/][^\\/][^\\/]*$,,'`
+PROGPATH=$(echo "$0" | sed -e 's,[\\/][^\\/][^\\/]*$,,')
 REVISION="@NP_VERSION@"
-. $PROGPATH/utils.sh
+. "$PROGPATH"/utils.sh
 print_usage() {
    echo "Usage: $PROGNAME -F logfile -O oldlog -q query"
    echo "Usage: $PROGNAME --help"
    echo "Usage: $PROGNAME --version"
+        echo ""
+        echo "Other parameters:"
+        echo "  -a|--all : Print all matching lines"
+        echo "  --exclude: Exclude a pattern (-p or -e also applies here when used)"
+        echo "  -p|--perl-regex : Use perl style regular expressions in the query"
+        echo "  -e|--extended-regex : Use extended style regular expressions in the query (not necessary for GNU grep)"
 }
 print_help() {
-    print_revision $PROGNAME $REVISION
+    print_revision "$PROGNAME" "$REVISION"
    echo ""
    print_usage
    echo ""
@@ -87,81 +96,89 @@ print_help() {
 if [ $# -lt 1 ]; then
    print_usage
-    exit $STATE_UNKNOWN
+    exit "$STATE_UNKNOWN"
 fi
 # Grab the command line arguments
-#logfile=$1
-#oldlog=$2
-#query=$3
 exitstatus=$STATE_WARNING #default
 while test -n "$1"; do
    case "$1" in
-        --help)
+        -h | --help)
            print_help
-            exit $STATE_OK
+            exit "$STATE_UNKNOWN"
            ;;
-        -h)
+        -V | --version)
-            print_help
+            print_revision "$PROGNAME" "$REVISION"
-            exit $STATE_OK
+            exit "$STATE_UNKNOWN"
-            ;;
-        --version)
-            print_revision $PROGNAME $REVISION
-            exit $STATE_OK
-            ;;
-        -V)
-            print_revision $PROGNAME $REVISION
-            exit $STATE_OK
-            ;;
-        --filename)
-            logfile=$2
-            shift
            ;;
-        -F)
+        -F | --filename)
            logfile=$2
-            shift
+            shift 2
            ;;
-        --oldlog)
+        -O | --oldlog)
            oldlog=$2
-            shift
+            shift 2
            ;;
-        -O)
+        -q | --query)
-            oldlog=$2
-            shift
-            ;;
-        --query)
            query=$2
-            shift
+            shift 2
            ;;
-        -q)
+        --exclude)
-            query=$2
+            exclude=$2
-            shift
+            shift 2
            ;;
-        -x)
+        -x | --exitstatus)
            exitstatus=$2
+            shift 2
+            ;;
+        -e | --extended-regex)
+            ERE=1
            shift
            ;;
-        --exitstatus)
+        -p | --perl-regex)
-            exitstatus=$2
+            PRE=1
+            shift
+            ;;
+        -a | --all)
+            ALL=1
            shift
            ;;
        *)
            echo "Unknown argument: $1"
            print_usage
-            exit $STATE_UNKNOWN
+            exit "$STATE_UNKNOWN"
            ;;
    esac
-    shift
 done
+# Parameter sanity check
+if [ $ERE ] && [ $PRE ] ; then
+    echo "Can not use extended and perl regex at the same time"
+    exit "$STATE_UNKNOWN"
+fi
+GREP="grep"
+if [ $ERE ]; then
+    GREP="grep -E"
+fi
+if [ $PRE ]; then
+    GREP="grep -P"
+fi
 # If the source log file doesn't exist, exit
-if [ ! -e $logfile ]; then
+if [ ! -e "$logfile" ]; then
    echo "Log check error: Log file $logfile does not exist!"
-    exit $STATE_UNKNOWN
+    exit "$STATE_UNKNOWN"
-elif [ ! -r $logfile ] ; then
+elif [ ! -r "$logfile" ] ; then
    echo "Log check error: Log file $logfile is not readable!"
+    exit "$STATE_UNKNOWN"
+fi
+# If no oldlog was given this can not work properly, abort then
+if [ -z "$oldlog" ]; then
+    echo "Oldlog parameter is needed"
    exit $STATE_UNKNOWN
 fi
@@ -169,10 +186,10 @@ fi
 # we're running this test, so copy the original log file over to
 # the old diff file and exit
-if [ ! -e $oldlog ]; then
+if [ ! -e "$oldlog" ]; then
-    cat $logfile > $oldlog
+    cat "$logfile" > "$oldlog"
    echo "Log check data initialized..."
-    exit $STATE_OK
+    exit "$STATE_OK"
 fi
 # The old log file exists, so compare it to the original log now
@@ -180,31 +197,48 @@ fi
 # The temporary file that the script should use while
 # processing the log file.
 if [ -x /bin/mktemp ]; then
-    tempdiff=`/bin/mktemp /tmp/check_log.XXXXXXXXXX`
+    tempdiff=$(/bin/mktemp /tmp/check_log.XXXXXXXXXX)
 else
-    tempdiff=`/bin/date '+%H%M%S'`
+    tempdiff=$(/bin/date '+%H%M%S')
    tempdiff="/tmp/check_log.${tempdiff}"
-    touch $tempdiff
+    touch "$tempdiff"
-    chmod 600 $tempdiff
+    chmod 600 "$tempdiff"
 fi
-diff $logfile $oldlog | grep -v "^>" > $tempdiff
+diff "$logfile" "$oldlog" | grep -v "^>" > "$tempdiff"
-# Count the number of matching log entries we have
+if [ $ALL ]; then
-count=`grep -c "$query" $tempdiff`
+    # Get all matching entries in the diff file
+    if [ -n "$exclude" ]; then
+        entry=$($GREP "$query" "$tempdiff" | $GREP -v "$exclude")
+        count=$($GREP "$query" "$tempdiff" | $GREP -vc "$exclude")
+    else
+        entry=$($GREP "$query" "$tempdiff")
+        count=$($GREP -c "$query" "$tempdiff")
+    fi
-# Get the last matching entry in the diff file
+else
-lastentry=`grep "$query" $tempdiff | tail -1`
+    # Get the last matching entry in the diff file
+    if [ -n "$exclude" ]; then
+        entry=$($GREP "$query" "$tempdiff" | $GREP -v "$exclude" | tail -1)
+        count=$($GREP "$query" "$tempdiff" | $GREP -vc "$exclude")
+    else
+        entry=$($GREP "$query" "$tempdiff" | tail -1)
+        count=$($GREP -c "$query" "$tempdiff")
+    fi
+fi
-rm -f $tempdiff
+rm -f "$tempdiff"
-cat $logfile > $oldlog
+cat "$logfile" > "$oldlog"
 if [ "$count" = "0" ]; then # no matches, exit with no error
    echo "Log check ok - 0 pattern matches found"
    exitstatus=$STATE_OK
-else # Print total matche count and the last entry we found
+else # Print total match count and the last entry we found
-    echo "($count) $lastentry"
+    echo "($count) $entry"
    exitstatus=$STATE_CRITICAL
 fi
-exit $exitstatus
+exit "$exitstatus"

diff --git a/plugins-scripts/check_log.sh b/plugins-scripts/check_log.sh index d28c8d0..8ecdd31 100755 --- a/plugins-scripts/check_log.sh +++ b/plugins-scripts/check_log.sh
@@ -1,8 +1,7 @@
1	#!/bin/sh	1	#!/bin/sh
2	#	2	#
3	# Log file pattern detector plugin for monitoring	3	# Log file pattern detector plugin for monitoring
4	# Written by Ethan Galstad (nagios@nagios.org)	4	# Written originally by Ethan Galstad (nagios@nagios.org)
5	# Last Modified: 07-31-1999
6	#	5	#
7	# Usage: ./check_log <log_file> <old_log_file> <pattern>	6	# Usage: ./check_log <log_file> <old_log_file> <pattern>
8	#	7	#
@@ -19,7 +18,7 @@
19	# On the first run of the plugin, it will return an OK state with a message	18	# On the first run of the plugin, it will return an OK state with a message
20	# of "Log check data initialized". On successive runs, it will return an OK	19	# of "Log check data initialized". On successive runs, it will return an OK
21	# state if no pattern matches have been found in the difference between the	20	# state if no pattern matches have been found in the difference between the
22	# log file and the older copy of the log file. If the plugin detects any	21	# log file and the older copy of the log file. If the plugin detects any
23	# pattern matches in the log diff, it will return a CRITICAL state and print	22	# pattern matches in the log diff, it will return a CRITICAL state and print
24	# out a message is the following format: "(x) last_match", where "x" is the	23	# out a message is the following format: "(x) last_match", where "x" is the
25	# total number of pattern matches found in the file and "last_match" is the	24	# total number of pattern matches found in the file and "last_match" is the
@@ -44,6 +43,10 @@
44	# check the same <log_file> for pattern matches. This is necessary	43	# check the same <log_file> for pattern matches. This is necessary
45	# because of the way the script operates.	44	# because of the way the script operates.
46	#	45	#
		46	# 4. This plugin does NOT have an understanding of logrotation or similar
		47	# mechanisms. Therefore bad timing could lead to missing events
		48	#
		49	#
47	# Examples:	50	# Examples:
48	#	51	#
49	# Check for login failures in the syslog...	52	# Check for login failures in the syslog...
@@ -60,20 +63,26 @@
60		63
61	PATH="@TRUSTED_PATH@"	64	PATH="@TRUSTED_PATH@"
62	export PATH	65	export PATH
63	PROGNAME=`basename $0`	66	PROGNAME=$(basename "$0")
64	PROGPATH=`echo $0 \| sed -e 's,[\\/][^\\/][^\\/]*$,,'`	67	PROGPATH=$(echo "$0" \| sed -e 's,[\\/][^\\/][^\\/]*$,,')
65	REVISION="@NP_VERSION@"	68	REVISION="@NP_VERSION@"
66		69
67	. $PROGPATH/utils.sh	70	. "$PROGPATH"/utils.sh
68		71
69	print_usage() {	72	print_usage() {
70	echo "Usage: $PROGNAME -F logfile -O oldlog -q query"	73	echo "Usage: $PROGNAME -F logfile -O oldlog -q query"
71	echo "Usage: $PROGNAME --help"	74	echo "Usage: $PROGNAME --help"
72	echo "Usage: $PROGNAME --version"	75	echo "Usage: $PROGNAME --version"
		76	echo ""
		77	echo "Other parameters:"
		78	echo " -a\|--all : Print all matching lines"
		79	echo " --exclude: Exclude a pattern (-p or -e also applies here when used)"
		80	echo " -p\|--perl-regex : Use perl style regular expressions in the query"
		81	echo " -e\|--extended-regex : Use extended style regular expressions in the query (not necessary for GNU grep)"
73	}	82	}
74		83
75	print_help() {	84	print_help() {
76	print_revision $PROGNAME $REVISION	85	print_revision "$PROGNAME" "$REVISION"
77	echo ""	86	echo ""
78	print_usage	87	print_usage
79	echo ""	88	echo ""
@@ -87,81 +96,89 @@ print_help() {
87		96
88	if [ $# -lt 1 ]; then	97	if [ $# -lt 1 ]; then
89	print_usage	98	print_usage
90	exit $STATE_UNKNOWN	99	exit "$STATE_UNKNOWN"
91	fi	100	fi
92		101
93	# Grab the command line arguments	102	# Grab the command line arguments
94
95	#logfile=$1
96	#oldlog=$2
97	#query=$3
98	exitstatus=$STATE_WARNING #default	103	exitstatus=$STATE_WARNING #default
99	while test -n "$1"; do	104	while test -n "$1"; do
100	case "$1" in	105	case "$1" in
101	--help)	106	-h \| --help)
102	print_help	107	print_help
103	exit $STATE_OK	108	exit "$STATE_UNKNOWN"
104	;;	109	;;
105	-h)	110	-V \| --version)
106	print_help	111	print_revision "$PROGNAME" "$REVISION"
107	exit $STATE_OK	112	exit "$STATE_UNKNOWN"
108	;;
109	--version)
110	print_revision $PROGNAME $REVISION
111	exit $STATE_OK
112	;;
113	-V)
114	print_revision $PROGNAME $REVISION
115	exit $STATE_OK
116	;;
117	--filename)
118	logfile=$2
119	shift
120	;;	113	;;
121	-F)	114	-F \| --filename)
122	logfile=$2	115	logfile=$2
123	shift	116	shift 2
124	;;	117	;;
125	--oldlog)	118	-O \| --oldlog)
126	oldlog=$2	119	oldlog=$2
127	shift	120	shift 2
128	;;	121	;;
129	-O)	122	-q \| --query)
130	oldlog=$2
131	shift
132	;;
133	--query)
134	query=$2	123	query=$2
135	shift	124	shift 2
136	;;	125	;;
137	-q)	126	--exclude)
138	query=$2	127	exclude=$2
139	shift	128	shift 2
140	;;	129	;;
141	-x)	130	-x \| --exitstatus)
142	exitstatus=$2	131	exitstatus=$2
		132	shift 2
		133	;;
		134	-e \| --extended-regex)
		135	ERE=1
143	shift	136	shift
144	;;	137	;;
145	--exitstatus)	138	-p \| --perl-regex)
146	exitstatus=$2	139	PRE=1
		140	shift
		141	;;
		142	-a \| --all)
		143	ALL=1
147	shift	144	shift
148	;;	145	;;
149	*)	146	*)
150	echo "Unknown argument: $1"	147	echo "Unknown argument: $1"
151	print_usage	148	print_usage
152	exit $STATE_UNKNOWN	149	exit "$STATE_UNKNOWN"
153	;;	150	;;
154	esac	151	esac
155	shift
156	done	152	done
157		153
		154	# Parameter sanity check
		155	if [ $ERE ] && [ $PRE ] ; then
		156	echo "Can not use extended and perl regex at the same time"
		157	exit "$STATE_UNKNOWN"
		158	fi
		159
		160	GREP="grep"
		161
		162	if [ $ERE ]; then
		163	GREP="grep -E"
		164	fi
		165
		166	if [ $PRE ]; then
		167	GREP="grep -P"
		168	fi
		169
158	# If the source log file doesn't exist, exit	170	# If the source log file doesn't exist, exit
159		171
160	if [ ! -e $logfile ]; then	172	if [ ! -e "$logfile" ]; then
161	echo "Log check error: Log file $logfile does not exist!"	173	echo "Log check error: Log file $logfile does not exist!"
162	exit $STATE_UNKNOWN	174	exit "$STATE_UNKNOWN"
163	elif [ ! -r $logfile ] ; then	175	elif [ ! -r "$logfile" ] ; then
164	echo "Log check error: Log file $logfile is not readable!"	176	echo "Log check error: Log file $logfile is not readable!"
		177	exit "$STATE_UNKNOWN"
		178	fi
		179	# If no oldlog was given this can not work properly, abort then
		180	if [ -z "$oldlog" ]; then
		181	echo "Oldlog parameter is needed"
165	exit $STATE_UNKNOWN	182	exit $STATE_UNKNOWN
166	fi	183	fi
167		184
@@ -169,10 +186,10 @@ fi
169	# we're running this test, so copy the original log file over to	186	# we're running this test, so copy the original log file over to
170	# the old diff file and exit	187	# the old diff file and exit
171		188
172	if [ ! -e $oldlog ]; then	189	if [ ! -e "$oldlog" ]; then
173	cat $logfile > $oldlog	190	cat "$logfile" > "$oldlog"
174	echo "Log check data initialized..."	191	echo "Log check data initialized..."
175	exit $STATE_OK	192	exit "$STATE_OK"
176	fi	193	fi
177		194
178	# The old log file exists, so compare it to the original log now	195	# The old log file exists, so compare it to the original log now
@@ -180,31 +197,48 @@ fi
180	# The temporary file that the script should use while	197	# The temporary file that the script should use while
181	# processing the log file.	198	# processing the log file.
182	if [ -x /bin/mktemp ]; then	199	if [ -x /bin/mktemp ]; then
183	tempdiff=`/bin/mktemp /tmp/check_log.XXXXXXXXXX`	200
		201	tempdiff=$(/bin/mktemp /tmp/check_log.XXXXXXXXXX)
184	else	202	else
185	tempdiff=`/bin/date '+%H%M%S'`	203	tempdiff=$(/bin/date '+%H%M%S')
186	tempdiff="/tmp/check_log.${tempdiff}"	204	tempdiff="/tmp/check_log.${tempdiff}"
187	touch $tempdiff	205	touch "$tempdiff"
188	chmod 600 $tempdiff	206	chmod 600 "$tempdiff"
189	fi	207	fi
190		208
191	diff $logfile $oldlog \| grep -v "^>" > $tempdiff	209	diff "$logfile" "$oldlog" \| grep -v "^>" > "$tempdiff"
		210
192		211
193	# Count the number of matching log entries we have	212	if [ $ALL ]; then
194	count=`grep -c "$query" $tempdiff`	213	# Get all matching entries in the diff file
		214	if [ -n "$exclude" ]; then
		215	entry=$($GREP "$query" "$tempdiff" \| $GREP -v "$exclude")
		216	count=$($GREP "$query" "$tempdiff" \| $GREP -vc "$exclude")
		217	else
		218	entry=$($GREP "$query" "$tempdiff")
		219	count=$($GREP -c "$query" "$tempdiff")
		220	fi
195		221
196	# Get the last matching entry in the diff file	222	else
197	lastentry=`grep "$query" $tempdiff \| tail -1`	223	# Get the last matching entry in the diff file
		224	if [ -n "$exclude" ]; then
		225	entry=$($GREP "$query" "$tempdiff" \| $GREP -v "$exclude" \| tail -1)
		226	count=$($GREP "$query" "$tempdiff" \| $GREP -vc "$exclude")
		227	else
		228	entry=$($GREP "$query" "$tempdiff" \| tail -1)
		229	count=$($GREP -c "$query" "$tempdiff")
		230	fi
		231	fi
198		232
199	rm -f $tempdiff	233	rm -f "$tempdiff"
200	cat $logfile > $oldlog	234	cat "$logfile" > "$oldlog"
201		235
202	if [ "$count" = "0" ]; then # no matches, exit with no error	236	if [ "$count" = "0" ]; then # no matches, exit with no error
203	echo "Log check ok - 0 pattern matches found"	237	echo "Log check ok - 0 pattern matches found"
204	exitstatus=$STATE_OK	238	exitstatus=$STATE_OK
205	else # Print total matche count and the last entry we found	239	else # Print total match count and the last entry we found
206	echo "($count) $lastentry"	240	echo "($count) $entry"
207	exitstatus=$STATE_CRITICAL	241	exitstatus=$STATE_CRITICAL
208	fi	242	fi
209		243
210	exit $exitstatus	244	exit "$exitstatus"