| Server IP : 78.140.185.180 / Your IP : 3.144.162.109 Web Server : LiteSpeed System : Linux cpanel13.v.fozzy.com 4.18.0-513.11.1.lve.el8.x86_64 #1 SMP Thu Jan 18 16:21:02 UTC 2024 x86_64 User : builderbox ( 1072) PHP Version : 7.3.33 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : OFF | Pkexec : OFF Directory : /lib64/nagios/plugins/extra/ |
Upload File : |
#!/usr/bin/env perl
use extreme;
use File::Slurp;
use Carp;
use Getopt::Long;
use Sys::Hostname;
use YAML::XS qw(LoadFile Dump);
use SolusVmAPI::Client;
sub help {
print <<EOT;
$0 [--skipolder 15 --netavg 20]
skipolder: SKIP check vms older than VALUE (0 - do not skip any vms)
netavg: percent of VM interface utilization for return critical
Default values:
skipolder: 21
netavg: 10
whitelist: /etc/icinga2/plinc/ddos_vms_wl
For any unspecified params, corresponding default will be used
EOT
exit 3;
}
my ( $skipolder, $netavg, @incidents );
GetOptions(
'h|help' => \&help,
'skipolder=i' => \$skipolder,
'netavg=i' => \$netavg,
);
$netavg //= 10;
$skipolder //= 15;
$skipolder = $skipolder * 86400;
# prepare netinfo
my $cache_file = '/var/tmp/.check_ddos_vms';
my %netinfo = ();
my $cache;
my $datetime = time;
for my $line ( read_file '/proc/net/dev' ) {
$line =~ s/^\s+//;
next if $line !~ m/^kvm|^sol/;
my ( $dev, $rx, $tx ) = ( split /\s+/, $line )[ 0, 1, 10 ];
$dev =~ s/:$//;
$netinfo{$dev}{rx} = $rx;
$netinfo{$dev}{tx} = $tx;
}
# get cache data
unless ( -f $cache_file ) {
write_file( $cache_file, Dump { datetime => time, data => \%netinfo } );
say 'initialization';
exit 3;
}
else {
$cache = LoadFile $cache_file;
}
my @wl = read_file('/etc/icinga2/plinc/ddos_vms_wl') if -f '/etc/icinga2/plinc/ddos_vms_wl';
chomp @wl;
# common
my $hostname = hostname;
my $svmapi = SolusVmAPI::Client->new();
my $out = $svmapi->get("vms-list/$hostname/ddos");
my $diff_sec = $datetime - $cache->{datetime};
for ( keys $out->{'vms-list'}->%* ) {
my $vm = $out->{'vms-list'}->{$_}->{'vm'};
my $ip = $out->{'vms-list'}->{$_}->{'ip'};
my $cdate = $out->{'vms-list'}->{$_}->{'creationdate'};
my $networkspeed = $out->{'vms-list'}->{$_}->{'networkspeed'};
my $vm_dev;
$out->{'vms-list'}->{$_}->{'lvm'} =~ m/^kvm/
? ($vm_dev = $out->{'vms-list'}->{$_}->{'lvm'}) =~ s/_img$/.0/
: ($vm_dev = "sol-$out->{'vms-list'}->{$_}->{'lvm'}") =~ s/_0$//;
last if $cdate && $skipolder != 0 && $cdate < time() - $skipolder;
$networkspeed //= 100;
next if $vm ~~ @wl;
next unless $cache->{data}{$vm_dev};
my $cached = $cache->{data}{$vm_dev};
my $cur = $netinfo{$vm_dev};
my $bytes
= ( $cur->{rx} + $cur->{tx} ) - ( $cached->{rx} + $cached->{tx} );
my $mbit = int $bytes / 125000;
my $ms = int( $mbit / $diff_sec );
my $perc = $ms / $networkspeed * 100;
next if $perc < $netavg;
push @incidents,
"$vm/$ip: net load: $ms Mbit/s (${perc}% of ${networkspeed}Mbit/s) for $diff_sec seconds";
}
# write cache
write_file( $cache_file, Dump { datetime => time, data => \%netinfo } );
if (@incidents) {
say join( "\n", @incidents );
exit 2;
}
say 'OK';
exit 0;