Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

Create an alert for more than one superuser on server

https://support.nagios.com/forum/viewtopic.php?t=11326

Page 1 of 1

Create an alert for more than one superuser on server

Posted: Mon Jul 29, 2013 7:05 am
by dixiemetal
Yes I am trying to figure out how to write a plugin that contains conditional logic in regards to sending an alert if more than one superuser exists on the server. The only thing I have so far is the following command:

awk -F: '{if ($3 < 1) print $0}' < /etc/passwd

which prints --> root:x:0:0:root:/root:/bin/bash

This is close to what I need however I need this to report if the total count is more than one and I have no clue how to convert this into commands

So another words if I ran the same command and it printed the following then send an alert
awk -F: '{if ($3 < 1) print $0}' < /etc/passwd
root:x:0:0:root:/root:/bin/bash
super:x:0:0:super:/super:/bin/bash
-> send alert to Nagios

Any help is appreciated.

Re: Create an alert for more than one superuser on server

Posted: Mon Jul 29, 2013 10:47 am
by sreinhardt
Something as simple as piping your current command into "wc -l" to check for total line count should work. If it's greater than 1, return critical, if 1 return OK. When returning, simply use exit(0) or exit(2) for OK and Critical respectively. You probably should take a look at the plugin guidelines for a more detailed description.

http://nagiosplug.sourceforge.net/devel ... lines.html

Re: Create an alert for more than one superuser on server

Posted: Tue Jul 30, 2013 6:01 am
by dixiemetal
Thank You Sir,

I ended up using the following syntax which works as tested.


#!/bin/bash

count=$(awk -F: '{if ($3 < 1) print $0}' < /etc/passwd | wc -l)
if [ $count -lt 2 ] ; then
echo "OK"
exit 0
elif [ $count=2 ] ; then
echo "CRITICAL - Multiple Superusers"
exit 2
fi

done
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited