Page 1 of 2
SNMP Monitoring a VPN interface that changes
Posted: Tue May 02, 2017 10:22 am
by rjesse
I'm using nagios to monitor the status of a VPN tunnel port via SNMP (check_snmp), I have no issues monitoring except from time to time the VPN times out and reestablishes a connection. When this happens the port number changes.
I can always find the new port number via the following mibs as the name remains at tun15. Is there anyway to script nagios to lookup the interface name then use the interface number to check the status? ie in this case interface 72.
IF-MIB::ifDescr.72 = STRING: tun15
IF-MIB::ifName.72 = STRING: tun15
Rick
Re: SNMP Monitoring a VPN interface that changes
Posted: Tue May 02, 2017 12:40 pm
by rhassing
you could write a perl script that checks for the tun15 and make it report the number (72 in this case) and than do the snmp check for that number
Re: SNMP Monitoring a VPN interface that changes
Posted: Tue May 02, 2017 12:50 pm
by rjesse
I guess the script would have to modify the nagios conf file and restart nagios?
Re: SNMP Monitoring a VPN interface that changes
Posted: Tue May 02, 2017 2:23 pm
by dwhitfield
@rjesse, that's certainly one way to do it.
You could also put all of the logic in the same script, that way you don't need to change any files. Well, you change it once. However, this means you're checking it every time Nagios runs and it sounds like you only need to check it when it goes down. I guess it just depends on how often "time to time" is and what you feel will be easier to manage.
@rhassing, thanks!
Re: SNMP Monitoring a VPN interface that changes
Posted: Tue May 02, 2017 2:33 pm
by rhassing
you could create a script with something like this, but you would have to do some perl around it. I have no time, otherwise I could have made the script for you:
Code: Select all
$nr=`/usr/bin/snmpwalk -v 2c -c $opt_C $host IF-MIB::ifDescr | /bin/grep tun15| /usr/bin/awk -F' ' '{print \$1}' | /usr/bin/awk -F. '{print \$NF}' `;
$vpnstatus=`/usr/bin/snmpget -v 2c -c $opt_C $host IF-MIB::ifOperStatus.$nr`;
Re: SNMP Monitoring a VPN interface that changes
Posted: Tue May 02, 2017 3:15 pm
by dwhitfield
@rjesse, please let us know if that solution works for you.
Thanks again
@rhassing!
Re: SNMP Monitoring a VPN interface that changes
Posted: Tue May 02, 2017 4:13 pm
by tacolover101
perl isn't necessarily needed, could still use bash. something like this might help as a good 'base line' for what can be done -
https://github.com/rcknag/nagios-plugin ... rocurve.sh
the other option, i'm pretty sure check_snmp can handle standard OID's so you might be able to utilize that.
Re: SNMP Monitoring a VPN interface that changes
Posted: Tue May 02, 2017 4:35 pm
by dwhitfield
tacolover101 wrote:perl isn't necessarily needed
I was thinking the same thing, but figured perl might be particularly useful since it was suggested. Thanks
@tacolover101!
Re: SNMP Monitoring a VPN interface that changes
Posted: Tue May 02, 2017 5:16 pm
by rhassing
It can also be done in bash, that's for sure.
You could also use any other language you would prefer.
I just had an example I used in a perl script, but it's almost bash if you leaver out some \'es
Re: SNMP Monitoring a VPN interface that changes
Posted: Tue May 02, 2017 10:22 pm
by rjesse
Thanks everyone for the tips and samples, I have a working shell script outside of Nagios, I just need to figure out how to get it working inside Nagios as a plugin, some quick learning for me. I'll post my solution when i get it working.