OpenBSD SNMP check
It seems like there are no OpenBSD SNMP checks on exchange.nagios.org or exchange.icinga.org. I found few checks for this operating system, but NO scripts which use SNMPv2c. Nobody trusts SNMPv2c? Well, as we know, the most common alternative acronym for SNMP is “Security? Not My Problem!”, right? On the other hand, SNMP is the de facto standard for gathering information from network devices or servers.
Anyway, I have this free operating system at home and on this weekend I spent a bit time to play with SNMP. It makes fun to learn something new. SNMP servers on different systems support different OIDs/MIBs. OpenBSD includes an SNMP agent, snmpd(8), which supports all of the usual SNMP functions, and also offers visibility into OpenBSD-specific feautures such as packet filtering.
I concentrated on standard MIBs and wrote a small python script to monitor swap/memory usage, CPU load average and file system space usage. It looks like a common nagios plugin. In addition, it also shows information about network interfaces, file systems in tabular form and the list of running processes. Make it sense for people?🙂
> ./check_snmp_openbsd.py -h usage: check_snmp_openbsd.py [-h] [--version] -H HOST -C COMMUNITY -O OPTION [-w WARNING] [-c CRITICAL] optional arguments: -h, --help show this help message and exit --version show program's version number and exit -H HOST IP addess or hostname of the target host -C COMMUNITY SNMPv2 community -O OPTION What sould be checked. This can be cpu, memory, swap, fs or number of running processes -w WARNING WARNING value -c CRITICAL CRITICAL value _____ ____ _____ _____ / ___ \ | _ \ / ____| __ \ / / / /___ ___ ____ | |_) | (___ | | | | / / / / __ \/ _ \/ __ \| _ < \___ \| | | | / /__/ / /_/ / __/ / / /| |_) |____) | |__| | \_____/ .___/\___/_/ /_/ |____/|_____/|_____/ /_/ | . . |L /| . This script uses SNMPv2 to check memory/swap usage, _ . |\ _| \--+._/| . file system space usage and CPU load average / ||\| Y J ) / |/| ./ on (remote) OpenBSD system. It also shows detailed J |)'( | ` F`.'/ information about all avaliable file systems, -<| F __ .-< and configured NICs, system information about | / .-'. `. /-. L___ OS and list of running processes. J \ < \ | | O\|.-' _J \ .- \/ O | | \ |F EXAMPLES: '-F --' )._. |-' > ./check_snmp_openbsd.py -H 127.0.0.1 -C secret -O fs:/var 80 90 `-|.' /_. \_| F checks file system space usage (in %) on /var. /.- . _.< /' /.' .' `\ > ./check_snmp_openbsd.py -H 127.0.0.1 -C secret -O mem 80 90 /L /' |/ _.-'-\ checks memory usage (in %). /'J ___.---'\| |\ .--' V | `. ` > ./check_snmp_openbsd.py -H 127.0.0.1 -C secret -O file-systems |/`. `-. `._) shows list of all mounted file systems (including space usage). / .-.\ \ ( `\ > ./check_snmp_openbsd.py -H 127.0.0.1 -C secret -O interfaces `.\ shows list of all configured network interfaces with some related information.
I use argparse python module to be able to process arguments of command-line. So, the order of arguments is free. The argparse module also automatically generates help and usage messages and issues errors when users give the program invalid arguments.
> ./check_snmp_openbsd.py -C public -H 192.168.0.2 -O os Uname: OpenBSD pizza.home 5.8 GENERIC.MP#1098 i386 Uptime: Timeticks: (62800) 0:10:28.00 CPU: Intel(R) Atom(TM) CPU N270 @ 1.60GHz (\"GenuineIntel\" 686-class) Contact: email@example.com
The are 3 info functions. These was implemented just to show the system’s status overview and to help to configure checks. For example, we can get storage information to see the list of all mounted file systems. Use file-systems option for that:
> ./check_snmp_openbsd.py -H 192.168.0.2 -C public -O file-systems SIZE USED AVALIABLE FILE SYSTEM ================================================================================== 1004.7 Mb 46.2 Mb (4.59 %) 958.6 Mb (95.41 %) / 47.3 Gb 20.0 Kb (0.00 %) 47.3 Gb (100.00 %) /home 3.9 Gb 8.0 Kb (0.00 %) 3.9 Gb (100.00 %) /tmp 2.0 Gb 316.4 Mb (15.72 %) 1.7 Gb (84.28 %) /usr 1004.8 Mb 173.6 Mb (17.27 %) 831.2 Mb (82.73 %) /usr/X11R6 8.6 Gb 10.0 Mb (0.11 %) 8.6 Gb (99.89 %) /usr/local 2.0 Gb 2.0 Kb (0.00 %) 2.0 Gb (100.00 %) /usr/obj 2.0 Gb 2.0 Kb (0.00 %) 2.0 Gb (100.00 %) /usr/src 4.9 Gb 4.8 Mb (0.10 %) 4.9 Gb (99.90 %) /var
OpenBSD supports hrStorageTable, which actually shows the same information with the exception of percentage representation. I coped this function from my HP-UX script anyway.
Now we know about file systems already mounted on own target system and can to configure checks:
> ./check_snmp_openbsd.py -H 192.168.0.2 -C public -O fs:/usr/X11R6 -w 80 -c 90 OK: FS usage 17.27 % [ 173.6 Mb / 1004.8 Mb ]|usage=17.27;80;90;0;0 > echo $? 0 > ./check_snmp_openbsd.py -H 192.168.0.2 -C public -O fs:/ -w 4 -c 9 WARNING: FS usage 4.59 % [ 46.2 Mb / 1004.7 Mb ]|usage=4.59;4;9;0;0 > echo $? 1
To monitor memory usage or swap, use mem or swap options:
> ./check_snmp_openbsd.py -H 192.168.0.2 -C public -O mem -w 20 -c 90 WARNING: Memory usage 24.53 % [ 125.4 Mb / 511.3 Mb ]|usage=24.53;20;90;0;0 > echo $? 1 > ./check_snmp_openbsd.py -H 192.168.0.2 -C public -O swap -w 4 -c 9 OK: Swap usage 0.00 % [ 0.0 b / 767.4 Mb ]|usage=0.00;4;9;0;0 > echo $? 0
These 3 checks (swap, memory and file systems space usage) use the same function storage(). This function returns the integer value and the output string. main() compares this return value to warning and critical input parameters, i.e. the final decision (check state) is taken by main() function. The same logic has the cpu() function. For all values returned to main(), script spawns output with performance data (for creating graphs) with a percentage representation (0..100).
To check CPU load average, script has the cpu option:
> ./check_snmp_openbsd.py -H 192.168.0.2 -C public -O cpu -w 4 -c 9 OK: CPU load average 1 % |'1 min'=1;4;9;0;0
In case of CPU, what does return value means? I think, the CPU performance is one of the easier metrics to measure. The load average is the average number of processes currently ready to run. That is, it is an estimate of the number of processes that are capable of using the CPU at any given time. What tells us the standard? The RFC2790 tells: The average, over the last minute, of the percentage of time that this processor was not idle. Is this description clear?
I think, to be able to say something concretely about CPU performance, in additions to CPU load average we need also to know how many CPU cores this machine has… Anyway this value is *ALL* what we can get from OpenBSD (did I miss something?). This value will be used to create a graph:
It’s also possible to monitor the list of processes running on OpenBSD. To get this list, use proc option. It will show you the PID, STATE and TYPE of processes running at this moment:
> ./check_snmp_openbsd.py -H 192.168.0.2 -C public -O proc PID STATE TYPE PROC ================================================================ 1 runnable application init 1433 runnable application syslogd 1455 runnable application getty std.9600 ttyC0 1624 runnable application smtpd 1972 runnable application pflogd 2217 runnable application dhclient 2289 runnable application cron 3809 runnable application xdm 5209 running application snmpd 5531 runnable application ksh 5599 runnable application sshd 5683 runnable application smtpd 5691 runnable application ksh 7626 runnable application snmpd 9492 runnable application smtpd 11095 runnable application getty std.9600 ttyC3 12554 runnable application smtpd 14171 runnable application ksh 14960 runnable application dhclient 15196 runnable application smtpd 15432 runnable application Xorg 16474 runnable application syslogd 16676 runnable application xconsole 16707 runnable application xconsole 16897 runnable application xdm 16942 runnable application fvwm 17296 runnable application sshd 17647 runnable application getty std.9600 ttyC1 18782 runnable application getty std.9600 ttyC2 21983 runnable application smtpd 24911 runnable application sshd 25946 runnable application pflogd 29033 runnable application snmpd 29488 runnable application Xorg :0 vt05 -auth /etc/X11/xdm/authdir/authfiles/A:0-THfdBX 29720 runnable application FvwmPager 7 4 /usr/X11R6/lib/X11/fvwm/.fvwmrc 0 8 0 0 30087 runnable application getty std.9600 ttyC5 30187 runnable application xterm 30486 runnable application sh /etc/X11/xdm/Xsession 30525 runnable application ksh 30564 runnable application smtpd 30656 runnable application sndiod > ./check_snmp_openbsd.py -H 192.168.0.2 -C public -O proc -w 40 -c 60 OK: running 28 processes [max 1310]|processes=28;40;60;0;0
If you type 2 parameters more, script will to interpret this as a warning and critical values for check. This check monitors the number of running processes. …if somebody really need it🙂
To monitor some specific processes (or PIDs) makes no sense, I guess. If you need to know about, for example, Web Server, I will recommend to use HTTP(s) and ask it directly.
The last information that you can get via this script is the interface configuration. The option interfaces shows you the list of all interfaces found on this system. As you can see, I have 2 configured interfaces on my OpenBSD at home. Do not surprised, the second interface, iwi0, is actually wireless, but SNMP recognizes it as the ethernetCsmacd:
> ./check_snmp_openbsd.py -H 192.168.0.2 -C public -O interfaces NAME STATE IP MAC MTU TYPE CONNECTOR I/O ERROR ====================================================================================================== rl0 up 192.168.0.2 0:3:d:1f:70:73 1500 ethernetCsmacd true 0/0 iwi0 up 192.168.3.101 0:e:35:86:8f:a9 1500 ethernetCsmacd true 0/0 enc0 down 0 other false 0/0 lo0 up 127.0.0.1 32768 softwareLoopback false 0/0 pflog0 up 33192 other false 0/0
I’m going to continue to work on this script (for example, using argparse). It has some defects. I also want to support OpenBSD specific MIBs. If you want to test it, you can find it here or here. Feel free to give a feedback or just to send a submit request. It’s free software of course😉