Fortigate Monitoring Plugin Issue

[martin09]

Hi

I've been trying to configure Fortigate monitoring on our nagios using check_fortigate_status plugin however upon executing the command via libexec it keeps on giving me an output not supported by the script.

Note: Fortigate series is FG600C and i know it should be supported by the plugin. Do you have any idea how i could fix this?.. Do i need to modify the plugin OID?.

Here's the return output:

Code: Select all

Oops! Your model doesn't seem to be supported by this script... Yet!

If you want to help out, try running the following command (replace "FGXXXXXXXXXXXXXX" with your Fortigate's serial number):

        snmpwalk -v 2c -c public [FortiGate IP address] .1.3.6.1.4.1.12356 | grep -iR "FGXXXXXXXXXXXXXX"

The OIDs for CPU usage and other stats are almost always found near an OID containing the unit's serial number.

For example, here's the output I get:

        # snmpwalk -v 2c -c public 172.16.10.10 .1.3.6.1.4.1.12356 | grep -iR "FGT80C1234567890"
                iso.3.6.1.4.1.12356.100.1.1.1.0 = STRING: "FGT80C1234567890"
                iso.3.6.1.4.1.12356.101.13.2.1.1.2.1 = STRING: "FGT80C1234567890"

Now, all I need is to find which OID branch contains the info I want.
To do this, I grab the OID of the first result...

        iso.3.6.1.4.1.12356.100.1.1.1.0

... remove the last two digits...

        iso.3.6.1.4.1.12356.100.1.1

... and use that with snmpwalk.

        # snmpwalk -v 2c -c public 172.16.10.10 iso.3.6.1.4.1.12356.100.1.1
                iso.3.6.1.4.1.12356.100.1.1.1.0 = STRING: "FGT80C1234567890"

Hmmm. Nothing useful here.

Let's try the second value.

        iso.3.6.1.4.1.12356.101.13.2.1.1.2.1

... remove the last two digits...

        iso.3.6.1.4.1.12356.101.13.2.1.1

... and try that with snmpwalk!

        # snmpwalk -v 2c -c public 172.16.10.10 iso.3.6.1.4.1.12356.101.13.2.1.1
                iso.3.6.1.4.1.12356.101.13.2.1.1.1.1 = INTEGER: 1
                iso.3.6.1.4.1.12356.101.13.2.1.1.2.1 = STRING: "FGT80C1234567890"
                iso.3.6.1.4.1.12356.101.13.2.1.1.3.1 = Gauge32: 99
                iso.3.6.1.4.1.12356.101.13.2.1.1.4.1 = Gauge32: 72
                iso.3.6.1.4.1.12356.101.13.2.1.1.5.1 = Gauge32: 19690
                iso.3.6.1.4.1.12356.101.13.2.1.1.6.1 = Gauge32: 212
                iso.3.6.1.4.1.12356.101.13.2.1.1.7.1 = Counter32: 4185780372
                iso.3.6.1.4.1.12356.101.13.2.1.1.8.1 = Counter32: 2786324006
                iso.3.6.1.4.1.12356.101.13.2.1.1.9.1 = Counter32: 0
                iso.3.6.1.4.1.12356.101.13.2.1.1.10.1 = Counter32: 0
                iso.3.6.1.4.1.12356.101.13.2.1.1.11.1 = ""
                iso.3.6.1.4.1.12356.101.13.2.1.1.11.1 = No more variables left in this MIB View (It is past the end of the MIB tree)

Ooohhh... I like this!
The third and fourth values turn out to be the values for CPU and RAM usage, respectively..

So, try to find the values for your model, and I'll update the script with your findings.

[rkennedy]

Assuming your using this plugin - https://exchange.nagios.org/directory/P ... us/details - you should be able to change the applicable OID's as indicated by someone in the comment.

As indicated by the plugin though, it doesn't seem it's supported by default. It's looking for a specific value in your $unitdesc -

Code: Select all

if ($mode =~ "cpu" && $unitdesc =~ m/200/i) {
	$oid = ".1.3.6.1.4.1.12356.1.8";
} elsif ($mode =~ "cpu" && $unitdesc =~ m/80c/i) {
	$oid = ".1.3.6.1.4.1.12356.101.4.1.3";
} elsif ($mode =~ "cpu") {
	$oid = ".1.3.6.1.4.1.12356.101.4.1.3";
} elsif ($mode =~ "mem" && $unitdesc =~ m/200/i) {
	$oid = ".1.3.6.1.4.1.12356.1.9";
} elsif ($mode =~ "mem" && $unitdesc =~ m/80c/i) {
	$oid = ".1.3.6.1.4.1.12356.101.4.1.4";
} elsif ($mode =~ "mem") {
	$oid = ".1.3.6.1.4.1.12356.101.4.1.4";
} elsif ($mode =~ "ses" && $unitdesc =~ m/200/i) {
	$oid = ".1.3.6.1.4.1.12356.1.10";
} elsif ($mode =~ "ses" && $unitdesc =~ m/80c/i) {
	$oid = ".1.3.6.1.4.1.12356.101.4.1.8";
} elsif ($mode =~ "ses") {
	$oid = ".1.3.6.1.4.1.12356.101.4.1.8";
} else {
	&print_help();
}

Try following through the steps indicated in the error, and provide as much information as possible regarding your OID's.

[martin09]

Yes that's the exact plugin i'm using. I followed the steps on the error and here's what I got:

I Run the command below to get the OID's and all other stats near the OID containing the unit's serial number

The Fortigate Serial is FG600C3913802201

[root ~]# snmpwalk -v 2c -c string 192.168.44.254 .1.3.6.1.4.1.12356 | grep FG600C3913802201
SNMPv2-SMI::enterprises.12356.100.1.1.1.0 = STRING: "FG600C3913802201"
SNMPv2-SMI::enterprises.12356.101.13.2.1.1.2.1 = STRING: "FG600C3913802201"
SNMPv2-SMI::enterprises.12356.101.13.2.1.1.16.2 = STRING: "FG600C3913802201"



Here's the values i got:

[root ~]# snmpwalk 192.168.44.254 -v 2c -c string enterprises.12356.101.13.2.1.1
SNMPv2-SMI::enterprises.12356.101.13.2.1.1.1.1 = INTEGER: 1
SNMPv2-SMI::enterprises.12356.101.13.2.1.1.1.2 = INTEGER: 2
SNMPv2-SMI::enterprises.12356.101.13.2.1.1.2.1 = STRING: "FG600C3913802201"
SNMPv2-SMI::enterprises.12356.101.13.2.1.1.2.2 = STRING: "FG600C3913802129"
SNMPv2-SMI::enterprises.12356.101.13.2.1.1.3.1 = Gauge32: 11
SNMPv2-SMI::enterprises.12356.101.13.2.1.1.3.2 = Gauge32: 0
SNMPv2-SMI::enterprises.12356.101.13.2.1.1.4.1 = Gauge32: 71
SNMPv2-SMI::enterprises.12356.101.13.2.1.1.4.2 = Gauge32: 63
SNMPv2-SMI::enterprises.12356.101.13.2.1.1.5.1 = Gauge32: 7162602
SNMPv2-SMI::enterprises.12356.101.13.2.1.1.5.2 = Gauge32: 74
SNMPv2-SMI::enterprises.12356.101.13.2.1.1.6.1 = Gauge32: 4679
SNMPv2-SMI::enterprises.12356.101.13.2.1.1.6.2 = Gauge32: 1221
SNMPv2-SMI::enterprises.12356.101.13.2.1.1.7.1 = Counter32: 1626579222
SNMPv2-SMI::enterprises.12356.101.13.2.1.1.7.2 = Counter32: 116719694
SNMPv2-SMI::enterprises.12356.101.13.2.1.1.8.1 = Counter32: 3246043495
SNMPv2-SMI::enterprises.12356.101.13.2.1.1.8.2 = Counter32: 2481721637
SNMPv2-SMI::enterprises.12356.101.13.2.1.1.9.1 = Counter32: 1495164
SNMPv2-SMI::enterprises.12356.101.13.2.1.1.9.2 = Counter32: 46148
SNMPv2-SMI::enterprises.12356.101.13.2.1.1.10.1 = Counter32: 7
SNMPv2-SMI::enterprises.12356.101.13.2.1.1.10.2 = Counter32: 0
SNMPv2-SMI::enterprises.12356.101.13.2.1.1.11.1 = STRING: "0ptimus_Prime"
SNMPv2-SMI::enterprises.12356.101.13.2.1.1.11.2 = STRING: "MegatroN"
SNMPv2-SMI::enterprises.12356.101.13.2.1.1.12.1 = INTEGER: 1
SNMPv2-SMI::enterprises.12356.101.13.2.1.1.12.2 = INTEGER: 1
SNMPv2-SMI::enterprises.12356.101.13.2.1.1.13.1 = ""
SNMPv2-SMI::enterprises.12356.101.13.2.1.1.13.2 = ""
SNMPv2-SMI::enterprises.12356.101.13.2.1.1.14.1 = ""
SNMPv2-SMI::enterprises.12356.101.13.2.1.1.14.2 = ""
SNMPv2-SMI::enterprises.12356.101.13.2.1.1.15.1 = STRING: "ED7744D01678CCFD095B701162871DC2"
SNMPv2-SMI::enterprises.12356.101.13.2.1.1.15.2 = STRING: "ED7744D01678CCFD095B701162871DC2"
SNMPv2-SMI::enterprises.12356.101.13.2.1.1.16.1 = ""
SNMPv2-SMI::enterprises.12356.101.13.2.1.1.16.2 = STRING: "FG600C3913802201"


May i ask how do i input the OID's i got from what I executed?..It seems that I got different OID format than what should I put on the config. I tried it once but it's still not working on my initial try.

Here's the modified applicable OID's

if ($mode =~ "cpu" && $unitdesc =~ m/200/i) {
$oid = ".1.3.6.1.4.1.12356.101.13.2.1.1.1";
} elsif ($mode =~ "cpu" && $unitdesc =~ m/80c/i) {
$oid = ".1.3.6.1.4.1.12356.101.13.2.1.1.1";
} elsif ($mode =~ "cpu") {
$oid = ".1.3.6.1.4.1.12356.101.13.2.1.1.1";
} elsif ($mode =~ "mem" && $unitdesc =~ m/200/i) {
$oid = ".1.3.6.1.4.1.12356.101.13.2.1.1.4";
} elsif ($mode =~ "mem" && $unitdesc =~ m/80c/i) {
$oid = ".1.3.6.1.4.1.12356.101.13.2.1.1.4";
} elsif ($mode =~ "mem") {
$oid = ".1.3.6.1.4.1.12356.101.4.1.4";
} elsif ($mode =~ "ses" && $unitdesc =~ m/200/i) {
$oid = ".1.3.6.1.4.1.12356.101.13.2.1.1.6";
} elsif ($mode =~ "ses" && $unitdesc =~ m/80c/i) {
$oid = ".1.3.6.1.4.1.12356.101.13.2.1.1.6";
} elsif ($mode =~ "ses") {
$oid = ".1.3.6.1.4.1.12356.101.13.2.1.1.6";
} else {
&print_help();
}

[rkennedy]

I can't tell from your SNMP walk which OID's are actually for the CPU / mem, so you may need to do some digging. It mentions the 3rd/4th down, but I would still confirm it on your end. Here's how you could re-write the bash part for your environment. We just take out the unitdesc match, and then the script should continue to work as expected. Replace the OID's listed here with what you figure out on how they correspond.

Code: Select all

if ($mode =~ "cpu") {
$oid = ".1.3.6.1.4.1.12356.101.13.2.1.1.1";
} elsif ($mode =~ "mem) {
$oid = ".1.3.6.1.4.1.12356.101.13.2.1.1.1";
} elsif ($mode =~ "ses") {
$oid = ".1.3.6.1.4.1.12356.101.13.2.1.1.1";
} else {
&print_help();
}

[martin09]

Hi,

I found the OID's I need,

Here it is:
SNMPv2-SMI::enterprises.12356.101.13.2.1.1.3.1 = Gauge32: 1 -(CPU)
SNMPv2-SMI::enterprises.12356.101.13.2.1.1.4.1 = Gauge32: 66 -(MEMORY)
SNMPv2-SMI::enterprises.12356.101.13.2.1.1.6.1 = Gauge32: 2672 -(SESSION)


I modified the bash already but still having same error. Am I not having the right inputs on the scrips?. Or do i need to execute something with this bash?.

if ($mode =~ "cpu" && $unitdesc =~ m/200/i) {
$oid = ".1.3.6.1.4.1.12356.1.8";
} elsif ($mode =~ "cpu" && $unitdesc =~ m/80c/i) {
$oid = ".1.3.6.1.4.1.12356.101.13.2.1.1.3";
} elsif ($mode =~ "cpu") {
$oid = ".1.3.6.1.4.1.12356.101.13.2.1.1.3";
} elsif ($mode =~ "mem" && $unitdesc =~ m/200/i) {
$oid = ".1.3.6.1.4.1.12356.1.9";
} elsif ($mode =~ "mem" && $unitdesc =~ m/80c/i) {
$oid = ".1.3.6.1.4.1.12356.101.13.2.1.1.4";
} elsif ($mode =~ "mem") {
$oid = ".1.3.6.1.4.1.12356.101.13.2.1.1.4";
} elsif ($mode =~ "ses" && $unitdesc =~ m/200/i) {
$oid = ".1.3.6.1.4.1.12356.1.10";
} elsif ($mode =~ "ses" && $unitdesc =~ m/80c/i) {
$oid = ".1.3.6.1.4.1.12356.101.13.2.1.1.6";
} elsif ($mode =~ "ses") {
$oid = ".1.3.6.1.4.1.12356.101.13.2.1.1.6";
} else {
&print_help();
}

[rkennedy]

Try replacing these two lines -

15 change to -

Code: Select all

@oidDescTest = (".1.3.6.1.4.1.12356.101.13.2");

40-60 change to -

Code: Select all

if ($mode =~ "cpu") {
$oid = ".1.3.6.1.4.1.12356.101.13.2.1.1.3.1";
} elsif ($mode =~ "mem) {
$oid = ".1.3.6.1.4.1.12356.101.13.2.1.1.4.1";
} elsif ($mode =~ "ses") {
$oid = ".1.3.6.1.4.1.12356.101.13.2.1.1.6.1";
} else {
&print_help();
}

If that doesn't work, please show us the full output. The reason for changing line 15 is to hopefully skip the verification test, but more adjustments may need to be created.

[martin09]

Hi

I already replaced the lines you have mentioned however i still got the same error.

Here's the modified codes from line 15 to 60:


if ($#ARGV <= 0){
&print_help();
}

my %status = ( 'UNKNOWN' => '-1',
'OK' => '0',
'WARNING' => '1',
'CRITICAL' => '2' );
my ($ip, $mode, $community, $modus, $warn, $crit, $performance) = pars_args();

@oidDescTest = (".1.3.6.1.4.1.12356.101.13.2", ".1.3.6.1.2.1.47.1.1.1.1.10.1");
until ($oidFound) {
foreach $oidDesc (@oidDescTest) {
$snmpCommand = `/usr/bin/snmpwalk -v 2c -c $community $ip $oidDesc`;
chomp $snmpCommand;

if ($snmpCommand =~ "No Such Object") {
# Do nothing
} else {
$oidFound = "yes";
$descString = $snmpCommand;
}
}
}

@descArray = split("\"", $descString);
$unitdesc = @descArray[-1];

@descArray = split(",", $unitdesc);
$unitdesc = @descArray[0];

@descArray = split(" ", $unitdesc);
$unitdesc = @descArray[0];


if ($mode =~ "cpu" && $unitdesc =~ m/200/i) {
$oid = ".1.3.6.1.4.1.12356.1.8";
} elsif ($mode =~ "cpu" && $unitdesc =~ m/80c/i) {
$oid = ".1.3.6.1.4.1.12356.101.13.2.1.1.3.1";
} elsif ($mode =~ "cpu") {
$oid = ".1.3.6.1.4.1.12356.101.13.2.1.1.3.1";
} elsif ($mode =~ "mem" && $unitdesc =~ m/200/i) {
$oid = ".1.3.6.1.4.1.12356.1.9";
} elsif ($mode =~ "mem" && $unitdesc =~ m/80c/i) {
$oid = ".1.3.6.1.4.1.12356.101.13.2.1.1.4.1";
} elsif ($mode =~ "mem") {
$oid = ".1.3.6.1.4.1.12356.101.13.2.1.1.4.1";
} elsif ($mode =~ "ses" && $unitdesc =~ m/200/i) {
$oid = ".1.3.6.1.4.1.12356.1.10";
} elsif ($mode =~ "ses" && $unitdesc =~ m/80c/i) {
$oid = ".1.3.6.1.4.1.12356.101.13.2.1.1.6.1";
} elsif ($mode =~ "ses") {
$oid = ".1.3.6.1.4.1.12356.101.13.2.1.1.6.1";
} else {
&print_help();
}

[rkennedy]

Hi

I already replaced the lines you have mentioned however i still got the same error.

Here's the modified codes from line 15 to 60:


if ($#ARGV <= 0){
&print_help();
}

my %status = ( 'UNKNOWN' => '-1',
'OK' => '0',
'WARNING' => '1',
'CRITICAL' => '2' );
my ($ip, $mode, $community, $modus, $warn, $crit, $performance) = pars_args();

@oidDescTest = (".1.3.6.1.4.1.12356.101.13.2", ".1.3.6.1.2.1.47.1.1.1.1.10.1");
until ($oidFound) {
foreach $oidDesc (@oidDescTest) {
$snmpCommand = `/usr/bin/snmpwalk -v 2c -c $community $ip $oidDesc`;
chomp $snmpCommand;

if ($snmpCommand =~ "No Such Object") {
# Do nothing
} else {
$oidFound = "yes";
$descString = $snmpCommand;
}
}
}

@descArray = split("\"", $descString);
$unitdesc = @descArray[-1];

@descArray = split(",", $unitdesc);
$unitdesc = @descArray[0];

@descArray = split(" ", $unitdesc);
$unitdesc = @descArray[0];


if ($mode =~ "cpu" && $unitdesc =~ m/200/i) {
$oid = ".1.3.6.1.4.1.12356.1.8";
} elsif ($mode =~ "cpu" && $unitdesc =~ m/80c/i) {
$oid = ".1.3.6.1.4.1.12356.101.13.2.1.1.3.1";
} elsif ($mode =~ "cpu") {
$oid = ".1.3.6.1.4.1.12356.101.13.2.1.1.3.1";
} elsif ($mode =~ "mem" && $unitdesc =~ m/200/i) {
$oid = ".1.3.6.1.4.1.12356.1.9";
} elsif ($mode =~ "mem" && $unitdesc =~ m/80c/i) {
$oid = ".1.3.6.1.4.1.12356.101.13.2.1.1.4.1";
} elsif ($mode =~ "mem") {
$oid = ".1.3.6.1.4.1.12356.101.13.2.1.1.4.1";
} elsif ($mode =~ "ses" && $unitdesc =~ m/200/i) {
$oid = ".1.3.6.1.4.1.12356.1.10";
} elsif ($mode =~ "ses" && $unitdesc =~ m/80c/i) {
$oid = ".1.3.6.1.4.1.12356.101.13.2.1.1.6.1";
} elsif ($mode =~ "ses") {
$oid = ".1.3.6.1.4.1.12356.101.13.2.1.1.6.1";
} else {
&print_help();
}

You did not make the changes I mentioned above, you'll need to do so. Specifically the lines 40-60 part, as you have additional if statements matching incorrect values.

[martin09]

Hi there!.,i was confused on my last reply. anyway i've tried replacing the lines 15 and 40-60 with what you've given me. I got another error(below). I tried studying the code composition but it was all mixing up.

ERROR;

String found where operator expected at ./check_fortigate_status line 44, near "} elsif ($mode =~ ""
(Might be a runaway multi-line "" string starting on line 43)
(Missing semicolon on previous line?)
String found where operator expected at ./check_fortigate_status line 45, near "$oid = ""
(Might be a runaway multi-line "" string starting on line 44)
(Missing semicolon on previous line?)
String found where operator expected at ./check_fortigate_status line 54, near "system(""
(Might be a runaway multi-line "" string starting on line 45)
(Missing semicolon on previous line?)
String found where operator expected at ./check_fortigate_status line 55, near "print ""
(Might be a runaway multi-line "" string starting on line 54)
(Missing semicolon on previous line?)
Backslash found where operator expected at ./check_fortigate_status line 55, near "print "\"
(Do you need to predeclare print?)
Backslash found where operator expected at ./check_fortigate_status line 55, near "n\"
String found where operator expected at ./check_fortigate_status line 56, near "print ""
(Might be a runaway multi-line "" string starting on line 55)
(Missing semicolon on previous line?)
Bareword found where operator expected at ./check_fortigate_status line 56, near "print "If"
(Do you need to predeclare print?)
Backslash found where operator expected at ./check_fortigate_status line 56, near "replace \"
(Do you need to predeclare replace?)
syntax error at ./check_fortigate_status line 44, near "} elsif ($mode =~ ""
Unmatched right curly bracket at ./check_fortigate_status line 93, at end of line
syntax error at ./check_fortigate_status line 93, near "}"
Execution of ./check_fortigate_status aborted due to compilation errors.


Here's the edited one.

Code: Select all

#!/usr/bin/perl
# This  Plugin checks the status of Fortigate Firewalls

# Check for proper args....
if ($#ARGV <= 0){
        &print_help();
}

my %status = (  'UNKNOWN'       => '-1',
                                'OK'                     => '0',
                                'WARNING'       => '1',
                                'CRITICAL' => '2' );
my ($ip, $mode, $community, $modus, $warn, $crit, $performance) = pars_args();

@oidDescTest = (".1.3.6.1.4.1.12356.101.13.2");
until ($oidFound) {
        foreach $oidDesc (@oidDescTest) {
                $snmpCommand = `/usr/bin/snmpwalk -v 2c -c $community $ip $oidDesc`;
                chomp $snmpCommand;

                if ($snmpCommand =~ "No Such Object") {
                        # Do nothing
                } else {
                        $oidFound = "yes";
                        $descString = $snmpCommand;
                }
        }
}

@descArray = split("\"", $descString);
$unitdesc = @descArray[-1];

@descArray = split(",", $unitdesc);
$unitdesc = @descArray[0];

@descArray = split(" ", $unitdesc);
$unitdesc = @descArray[0];

if ($mode =~ "cpu") {
$oid = ".1.3.6.1.4.1.12356.101.13.2.1.1.3.1";
} elsif ($mode =~ "mem) {
$oid = ".1.3.6.1.4.1.12356.101.13.2.1.1.4.1";
} elsif ($mode =~ "ses") {
$oid = ".1.3.6.1.4.1.12356.101.13.2.1.1.6.1";
} else {
&print_help();
}

[rkennedy]

Ah - looks like I missed a part. Take a look at } elsif ($mode =~ "mem) and add a " after mem, so it looks like } elsif ($mode =~ "mem")