The most likely failure cases as well as some others are not discovered by it with the --login command.
You actually have to login.
== Old version ==
--login)
loginchk=`sqlplus dummy/user@$2 < /dev/null`
loginchk2=` echo $loginchk | grep -c ORA-01017`
if [ ${loginchk2} -eq 1 ] ; then
echo "OK - dummy login connected"
exit $STATE_OK
else
loginchk3=` echo "$loginchk" | grep "ORA-" | head -1`
echo "CRITICAL - $loginchk3"
exit $STATE_CRITICAL
fi
;;
1) The approach to check with an invalid oracle login is a bit crude.
The most likely failure case is that the login hangs due to some sort of resource contention
or locking issues. These are not covered by the conclusion that if you get as far a "ORA-01017 invalid user" the database must be fine.
2) Other issues that are not covered are:
* The database is put privileged mode for maintenance (an potentially forgotten to put back).
* A failing or erroneous AFTER LOGIN trigger is in place.
3) It is more consistent to use the -s (silent) flag with sqlplus so no banner shows up.
4) It is more consistent to use the return code of the posix command grep then count on exactly one line.
== New Version ==
A user has to be created and setup on every database we want to check:
create user nagios identified by nagios;
grant connect to nagios;
--login)
loginchk=`sqlplus -s nagios/nagios@$2 < /dev/null | grep -i [A-Z]`
if [ $? -eq 1 ] ; then
echo "OK - login connected"
exit $STATE_OK
else
echo "CRITICAL - " ` echo "$loginchk" | grep "ORA-" | head -1`
exit $STATE_CRITICAL
fi
;;
1) with -s nothing is printed in case of success and an error message in case of failure.
2) The posix command grep returns 0 if the text matched 1 if it is not matched and 2 in case of error.
3) So if no text is printed we succeeded else we failed.
Scenarios:"
CRITICAL - ORA-01035: ORACLE only available to users with RESTRICTED SESSION privilege "
CRITICAL - ORA-12154: TNS:could not resolve the connect identifier specified (invalid sid or listener down)"
CRITICAL - ORA-01034: ORACLE not available"
CRITICAL - ORA-01033: ORACLE initialization or shutdown in progress"
CHECK_NRPE: Socket timeout after 10 seconds. (sqlplus hangs)"
CRITICAL - ORA-01017: invalid username/password; logon denied (not setup: create user nagios ...
"echo "--login SID"
echo " Attempt a dummy login and alert if not ORA-01017: invalid username/password"
echo " Run the following sql against every database you want to run --login :"
echo " create user nagios identified by nagios;"
echo " grant connect to nagios;"
echo " Scenarios:"
echo " CRITICAL - ORA-01035: ORACLE only available to users with RESTRICTED SESSION privilege "
ech o" CRITICAL - ORA-12154: TNS:could not resolve the connect identifier specified (invalid sid or listener down)"
echo " CRITICAL - ORA-01034: ORACLE not available"
echo " CRITICAL - ORA-01033: ORACLE initialization or shutdown in progress"
echo " CHECK_NRPE: Socket timeout after 10 seconds. (sqlplus hangs)"
echo " CRITICAL - ORA-01017: invalid username/password; logon denied (not setup)"