⌨ Labor omnia vincit ☮

OpenBSD SNMP check

Posted in OpenBSD, python by anaumov on 11.03.2016

It seems like there are no OpenBSD SNMP checks on exchange.nagios.org or exchange.icinga.org. I found few checks for this operating system, but NO scripts which use SNMPv2c. Nobody trusts SNMPv2c? Well, as we know, the most common alternative acronym for SNMP is “Security? Not My Problem!”, right? On the other hand, SNMP is the de facto standard for gathering information from network devices or servers.
Anyway, I have this free operating system at home and on this weekend I spent a bit time to play with SNMP. It makes fun to learn something new. SNMP servers on different systems support different OIDs/MIBs. OpenBSD includes an SNMP agent, snmpd(8), which supports all of the usual SNMP functions, and also offers visibility into OpenBSD-specific feautures such as packet filtering.

I concentrated on standard MIBs and wrote a small python script to monitor swap/memory usage, CPU load average and file system space usage. It looks like a common nagios plugin. In addition, it also shows information about network interfaces, file systems in tabular form and the list of running processes. Make it sense for people?🙂

> ./check_snmp_openbsd.py -h
usage: check_snmp_openbsd.py [-h] [--version] -H HOST -C COMMUNITY -O OPTION
                             [-w WARNING] [-c CRITICAL]

optional arguments:
  -h, --help    show this help message and exit
  --version     show program's version number and exit
  -H HOST       IP addess or hostname of the target host
  -C COMMUNITY  SNMPv2 community
  -O OPTION     What sould be checked. This can be cpu, memory, swap, fs or
                number of running processes
  -w WARNING    WARNING value
  -c CRITICAL   CRITICAL value

      _____                 ____   _____ _____   
     / ___ \               |  _ \ / ____|  __ \  
    / /  / /___  ___  ____ | |_) | (___ | |  | | 
   / /  / / __ \/ _ \/ __ \|  _ < \___ \| |  | | 
  / /__/ / /_/ /  __/ / / /| |_) |____) | |__| | 
  \_____/ .___/\___/_/ /_/ |____/|_____/|_____/  
       /_/                                       
              |    .            
          .   |L  /|   .                          This script uses SNMPv2 to check memory/swap usage,
      _ . |\ _| \--+._/| .                               file system space usage and CPU load average
     / ||\| Y J  )   / |/| ./	                   on (remote) OpenBSD system. It also shows detailed
    J  |)'( |        ` F`.'/                            information about all avaliable file systems,
  -<|  F         __     .-<                             and configured NICs, system information about
    | /       .-'. `.  /-. L___                                     OS and list of running processes.
    J \      <    \  | | O\|.-' 
  _J \  .-    \/ O | | \  |F         EXAMPLES:
 '-F     --'         )._.   |-'      > ./check_snmp_openbsd.py -H 127.0.0.1 -C secret -O fs:/var 80 90
`-|.'   /_.           \_|   F        checks file system space usage (in %) on /var.
  /.-   .                _.<      
 /'    /.'             .'  `\	     > ./check_snmp_openbsd.py -H 127.0.0.1 -C secret -O mem 80 90
  /L  /'   |/      _.-'-\            checks memory usage (in %).
 /'J       ___.---'\|	       
   |\  .--' V  | `. `                > ./check_snmp_openbsd.py -H 127.0.0.1 -C secret -O file-systems
   |/`. `-.     `._)                 shows list of all mounted file systems (including space usage).
      / .-.\		       
      \ (  `\                        > ./check_snmp_openbsd.py -H 127.0.0.1 -C secret -O interfaces
       `.\                           shows list of all configured network interfaces with some related
                                     information.

I use argparse python module to be able to process arguments of command-line. So, the order of arguments is free. The argparse module also automatically generates help and usage messages and issues errors when users give the program invalid arguments.

> ./check_snmp_openbsd.py -C public -H 192.168.0.2 -O os

Uname:   OpenBSD pizza.home 5.8 GENERIC.MP#1098 i386
Uptime:  Timeticks: (62800) 0:10:28.00
CPU:     Intel(R) Atom(TM) CPU N270 @ 1.60GHz (\"GenuineIntel\" 686-class)
Contact: root@pizza.home

The are 3 info functions. These was implemented just to show the system’s status overview and to help to configure checks. For example, we can get storage information to see the list of all mounted file systems. Use file-systems option for that:

> ./check_snmp_openbsd.py -H 192.168.0.2 -C public -O file-systems

    SIZE                USED                AVALIABLE           FILE SYSTEM
==================================================================================
 1004.7 Mb         46.2 Mb (4.59 %)       958.6 Mb (95.41 %)    /                             
   47.3 Gb         20.0 Kb (0.00 %)        47.3 Gb (100.00 %)   /home                         
    3.9 Gb          8.0 Kb (0.00 %)         3.9 Gb (100.00 %)   /tmp                          
    2.0 Gb        316.4 Mb (15.72 %)        1.7 Gb (84.28 %)    /usr                          
 1004.8 Mb        173.6 Mb (17.27 %)      831.2 Mb (82.73 %)    /usr/X11R6                    
    8.6 Gb         10.0 Mb (0.11 %)         8.6 Gb (99.89 %)    /usr/local                    
    2.0 Gb          2.0 Kb (0.00 %)         2.0 Gb (100.00 %)   /usr/obj                      
    2.0 Gb          2.0 Kb (0.00 %)         2.0 Gb (100.00 %)   /usr/src                      
    4.9 Gb          4.8 Mb (0.10 %)         4.9 Gb (99.90 %)    /var

OpenBSD supports hrStorageTable, which actually shows the same information with the exception of percentage representation. I coped this function from my HP-UX script anyway.
Now we know about file systems already mounted on own target system and can to configure checks:

> ./check_snmp_openbsd.py -H 192.168.0.2 -C public -O fs:/usr/X11R6 -w 80 -c 90
OK: FS usage 17.27 % [ 173.6 Mb / 1004.8 Mb ]|usage=17.27;80;90;0;0
> echo $?
0

> ./check_snmp_openbsd.py -H 192.168.0.2 -C public -O fs:/ -w 4 -c 9
WARNING: FS usage 4.59 % [ 46.2 Mb / 1004.7 Mb ]|usage=4.59;4;9;0;0
> echo $?
1

To monitor memory usage or swap, use mem or swap options:

> ./check_snmp_openbsd.py -H 192.168.0.2 -C public -O mem -w 20 -c 90
WARNING: Memory usage 24.53 % [ 125.4 Mb / 511.3 Mb ]|usage=24.53;20;90;0;0
> echo $?
1

> ./check_snmp_openbsd.py -H 192.168.0.2 -C public -O swap -w 4 -c 9
OK: Swap usage 0.00 % [ 0.0 b / 767.4 Mb ]|usage=0.00;4;9;0;0
> echo $?
0

These 3 checks (swap, memory and file systems space usage) use the same function storage(). This function returns the integer value and the output string. main() compares this return value to warning and critical input parameters, i.e. the final decision (check state) is taken by main() function. The same logic has the cpu() function. For all values returned to main(), script spawns output with performance data (for creating graphs) with a percentage representation (0..100).

To check CPU load average, script has the cpu option:

> ./check_snmp_openbsd.py -H 192.168.0.2 -C public -O cpu -w 4 -c 9
OK: CPU load average 1 % |'1 min'=1;4;9;0;0

In case of CPU, what does return value means? I think, the CPU performance is one of the easier metrics to measure. The load average is the average number of processes currently ready to run. That is, it is an estimate of the number of processes that are capable of using the CPU at any given time. What tells us the standard? The RFC2790 tells: The average, over the last minute, of the percentage of time that this processor was not idle. Is this description clear?
I think, to be able to say something concretely about CPU performance, in additions to CPU load average we need also to know how many CPU cores this machine has… Anyway this value is *ALL* what we can get from OpenBSD (did I miss something?). This value will be used to create a graph:

CPU_OPENBSD
It’s also possible to monitor the list of processes running on OpenBSD. To get this list, use proc option. It will show you the PID, STATE and TYPE of processes running at this moment:

> ./check_snmp_openbsd.py -H 192.168.0.2 -C public -O proc

PID        STATE        TYPE            PROC
================================================================
1          runnable     application     init 
1433       runnable     application     syslogd 
1455       runnable     application     getty std.9600 ttyC0
1624       runnable     application     smtpd 
1972       runnable     application     pflogd 
2217       runnable     application     dhclient 
2289       runnable     application     cron 
3809       runnable     application     xdm 
5209       running      application     snmpd 
5531       runnable     application     ksh 
5599       runnable     application     sshd 
5683       runnable     application     smtpd 
5691       runnable     application     ksh 
7626       runnable     application     snmpd 
9492       runnable     application     smtpd 
11095      runnable     application     getty std.9600 ttyC3
12554      runnable     application     smtpd 
14171      runnable     application     ksh 
14960      runnable     application     dhclient 
15196      runnable     application     smtpd 
15432      runnable     application     Xorg 
16474      runnable     application     syslogd 
16676      runnable     application     xconsole 
16707      runnable     application     xconsole 
16897      runnable     application     xdm 
16942      runnable     application     fvwm 
17296      runnable     application     sshd 
17647      runnable     application     getty std.9600 ttyC1
18782      runnable     application     getty std.9600 ttyC2
21983      runnable     application     smtpd 
24911      runnable     application     sshd 
25946      runnable     application     pflogd 
29033      runnable     application     snmpd 
29488      runnable     application     Xorg :0 vt05 -auth /etc/X11/xdm/authdir/authfiles/A:0-THfdBX
29720      runnable     application     FvwmPager 7 4 /usr/X11R6/lib/X11/fvwm/.fvwmrc 0 8 0 0
30087      runnable     application     getty std.9600 ttyC5
30187      runnable     application     xterm 
30486      runnable     application     sh /etc/X11/xdm/Xsession
30525      runnable     application     ksh 
30564      runnable     application     smtpd 
30656      runnable     application     sndiod

> ./check_snmp_openbsd.py -H 192.168.0.2 -C public -O proc -w 40 -c 60
OK: running 28 processes [max 1310]|processes=28;40;60;0;0

If you type 2 parameters more, script will to interpret this as a warning and critical values for check. This check monitors the number of running processes. …if somebody really need it🙂
PROC_OPENBSD
To monitor some specific processes (or PIDs) makes no sense, I guess. If you need to know about, for example, Web Server, I will recommend to use HTTP(s) and ask it directly.

The last information that you can get via this script is the interface configuration. The option interfaces shows you the list of all interfaces found on this system. As you can see, I have 2 configured interfaces on my OpenBSD at home. Do not surprised, the second interface, iwi0, is actually wireless, but SNMP recognizes it as the ethernetCsmacd:

> ./check_snmp_openbsd.py -H 192.168.0.2 -C public -O interfaces

NAME     STATE   IP              MAC                MTU       TYPE               CONNECTOR  I/O ERROR
======================================================================================================
rl0      up      192.168.0.2     0:3:d:1f:70:73     1500      ethernetCsmacd     true       0/0
iwi0     up      192.168.3.101   0:e:35:86:8f:a9    1500      ethernetCsmacd     true       0/0
enc0     down                                       0         other              false      0/0
lo0      up      127.0.0.1                          32768     softwareLoopback   false      0/0
pflog0   up                                         33192     other              false      0/0

I’m going to continue to work on this script (for example, using argparse). It has some defects. I also want to support OpenBSD specific MIBs. If you want to test it, you can find it here or here. Feel free to give a feedback or just to send a submit request. It’s free software of course😉

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: