3 # Copyright (c) 2014, Evgeni Golov
6 # Redistribution and use in source and binary forms, with or without modification,
7 # are permitted provided that the following conditions are met:
9 # * Redistributions of source code must retain the above copyright notice, this
10 # list of conditions and the following disclaimer.
12 # * Redistributions in binary form must reproduce the above copyright notice, this
13 # list of conditions and the following disclaimer in the documentation and/or
14 # other materials provided with the distribution.
16 # * Neither the name of the {organization} nor the names of its
17 # contributors may be used to endorse or promote products derived from
18 # this software without specific prior written permission.
20 # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND
21 # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
22 # WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
23 # DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR
24 # ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
25 # (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
26 # LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
27 # ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
28 # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
29 # SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
35 use Monitoring::Plugin;
38 my $np = Monitoring::Plugin->new(
39 usage => "Usage: %s [ -H|--hostname=<hostname>] "
40 . "[ -p|--port=<port> ] [-s] [ -w|--warning=<minutes> ] "
41 . "[ -c|--critical=<minutes> ] [ -W|--warnfails=<num> ] "
42 . "[ -C|--critfails=<num> ] [ -n|--node=<node> ]"
43 . "[ -a|--apiversion=<num> ]"
44 . "[ -i|--ignore=<list> ]",
45 shortname => 'Check last node runs from PuppetDB',
46 url => 'https://github.com/evgeni/check_puppetdb_nodes',
48 license => 'This plugin is free software, and comes with ABSOLUTELY
49 NO WARRANTY. It may be used, redistributed and/or modified under
50 the terms of the BSD 3-clause license.',
54 spec => 'warning|w=i',
55 help => "Exit with WARNING status if nodes did not update for "
56 . "more than INTEGER minutes (default: %s)",
61 spec => 'critical|c=i',
62 help => "Exit with CRITICAL status if nodes did not update for "
63 . "more than INTEGER minutes (default: %s)",
68 spec => 'warnfails|W=i',
69 help => "Exit with WARNING status if nodes had at least INTEGER "
70 . "failures in the last run (default: %s)",
75 spec => 'critfails|C=i',
76 help => "Exit with CRITICAL status if nodes had at least INTEGER "
77 . "failures in the last run (default: %s)",
82 spec => 'hostname|H=s',
83 help => 'Hostname of the PuppetDB (default: %s)',
84 default => 'localhost',
89 help => 'Port PuppetDB is running on (default: %s)',
95 help => 'Node name to check, if not given, all nodes will be checked',
100 help => "Use HTTPS instead of HTTP",
104 spec => 'insecure|k',
105 help => "Allow connections via HTTPS without checking certificates",
109 spec => 'apiversion|a=n',
110 help => 'Specify PupppetDB API version (default: %s)',
115 spec => 'ignore|i=s',
116 help => 'Node names to ignore (comma-separated list) (default: %s)',
123 3 => { 'nodes' => 'v3/nodes', 'event-counts' => 'v3/event-counts' },
124 4 => { 'nodes' => 'pdb/query/v4/nodes', 'event-counts' => 'pdb/query/v4/event-counts', 'logs' => 'pdb/query/v4/reports/{hash}/logs' },
126 if ( !exists $apiurls{$np->opts->apiversion} ) {
127 $np->nagios_exit( 'UNKNOWN', 'Unsupported PuppetDB API version ' . $np->opts->apiversion );
130 my @ignore_list = split( ',', $np->opts->ignore );
132 my $url = sprintf( 'http%s://%s:%d/',
133 defined( $np->opts->ssl ) ? 's' : '',
134 $np->opts->hostname, $np->opts->port );
136 my $ua = new LWP::UserAgent;
137 $ua->default_header( 'Accept' => 'application/json' );
138 if ( defined( $np->opts->insecure ) ) {
139 $ua->ssl_opts( verify_hostname => 0 ,SSL_verify_mode => 0x00);
143 if ( defined( $np->opts->node ) ) {
144 %parameters = ( 'query' => '["=","certname","' . $np->opts->node . '"]' );
146 my $uri = URI->new( $url . $apiurls{$np->opts->apiversion}{'nodes'} );
147 $uri->query_form(%parameters);
148 my $response = $ua->get($uri);
150 if ( !$response->is_success ) {
151 $np->nagios_exit( 'UNKNOWN',
152 $response->code . ": " . $response->status_line );
155 my $data = decode_json( $response->decoded_content );
159 if ( defined( $np->opts->node ) and !@$data ) {
160 $np->add_message( CRITICAL,
161 $np->opts->node . " not found in puppetdb\n" );
164 foreach my $node (@$data) {
165 my $certname = defined($node->{'certname'}) ? $node->{'certname'} : $node->{'name'} ;
166 my $deactivated = $node->{'deactivated'};
167 my $catalog_timestamp = $node->{'catalog_timestamp'};
168 my $report_hash = $node->{'latest_report_hash'};
169 my $ts = str2time($catalog_timestamp);
171 next if grep { $certname eq $_ } @ignore_list;
173 if ( !defined $deactivated and !length $catalog_timestamp ) {
174 $np->add_message( CRITICAL,
175 "$certname last run UNAVAILABLE\n" );
177 if ( !defined $deactivated and length $catalog_timestamp ) {
178 my $delta = ( $now - $ts );
179 if ( $delta > ( $np->opts->critical * 60 ) ) {
180 $np->add_message( CRITICAL,
181 "$certname did not update since $catalog_timestamp\n" );
183 elsif ( $delta > ( $np->opts->warning * 60 ) ) {
184 $np->add_message( WARNING,
185 "$certname did not update since $catalog_timestamp\n" );
188 my %apiparameters = (
190 'query' => '["and",["=","certname","'
192 . '"],["=","latest-report?",true]]',
193 'summarize-by' => 'certname',
194 'count-by' => 'resource',
197 'query' => '["and",["=","certname","'
199 . '"],["=","latest_report?",true]]',
200 'summarize_by' => 'certname',
201 'count_by' => 'resource',
204 my $uri = URI->new( $url . $apiurls{$np->opts->apiversion}{'event-counts'} );
205 $uri->query_form($apiparameters{$np->opts->apiversion});
206 $response = $ua->get($uri);
208 if ( $response->is_success ) {
209 my $node_data = decode_json( $response->decoded_content );
212 if ( defined( @$node_data[0] )
213 and defined( @$node_data[0]->{'failures'} ) )
215 $failures = @$node_data[0]->{'failures'};
218 if ( $failures >= $np->opts->critfails ) {
219 $np->add_message( CRITICAL,
220 "$certname had $failures failures in the last run\n" );
222 elsif ( $failures >= $np->opts->warnfails ) {
223 $np->add_message( WARNING,
224 "$certname had $failures failures in the last run\n" );
226 elsif ( exists $apiurls{$np->opts->apiversion}{'logs'} and $report_hash) {
227 my $apiurl = $apiurls{$np->opts->apiversion}{'logs'};
228 $apiurl =~ s/{hash}/$report_hash/;
229 $uri = URI->new( $url . $apiurl );
230 $response = $ua->get($uri);
231 if ( $response->is_success ) {
232 my $logs = decode_json( $response->decoded_content );
233 foreach my $log (@$logs) {
234 my $tags = $log->{'tags'};
235 if ( grep(/^err$/, @$tags) ) {
236 $np->add_message( WARNING, "$certname, $log->{'message'}" );
243 $np->nagios_exit( 'UNKNOWN', 'Unsupported query ' . $response->decoded_content);
251 ( $code, $message ) = $np->check_messages;
253 $np->nagios_exit( $code, $message );