4 # check_clamav_signatures - Nagios plugin to monitor ClamAV signatures are up to date.
6 # Released under the MIT License.
8 # https://github.com/tommarshall/nagios-check-clamav-signatures
16 CLAM_LIB_DIR=/var/lib/clamav
17 NUMERICAL_REGEX='^[0-9]+$'
26 echo "check_clamav_signatures $VERSION"
30 # Output usage information.
34 echo 'Usage: ./check_clamav_signatures [options]'
38 # Output help information.
46 ./check_clamav_signatures
49 -p, --path <path> path to ClamAV lib directory, if not $CLAM_LIB_DIR
50 -V, --version output version
51 -h, --help output help information
53 For more information, see https://github.com/tommarshall/nagios-check-clamav-signatures
62 while test $# -ne 0; do
65 -p|--path) CLAM_LIB_DIR=$1; shift ;;
66 -V|--version) version; exit ;;
67 -h|--help) help; exit ;;
69 echo "UNKNOWN: Unrecognised argument: $ARG"
80 # ensure we have executable dependencies
81 for dependency in cut host grep sigtool sed; do
82 if ! hash $dependency >/dev/null 2>&1; then
83 echo "UNKNOWN: Missing dependency: ${dependency}"
88 # ensure the clam lib dir exists
89 if [ ! -d "$CLAM_LIB_DIR" ]; then
90 echo "UNKNOWN: Unable to locate ClamAV lib directory"
94 # ensure we have a daily signatures file
95 if [ -e ${CLAM_LIB_DIR}/daily.cld ]; then
96 DAILY_SIGNATURES_PATH="${CLAM_LIB_DIR}/daily.cld"
97 elif [ -e ${CLAM_LIB_DIR}/daily.cvd ]; then
98 DAILY_SIGNATURES_PATH="${CLAM_LIB_DIR}/daily.cvd"
100 echo "UNKNOWN: Unable to locate installed daily signatures"
104 # ensure we have a main signatures file
105 if [ -e ${CLAM_LIB_DIR}/main.cvd ]; then
106 MAIN_SIGNATURES_PATH="${CLAM_LIB_DIR}/main.cvd"
107 elif [ -e ${CLAM_LIB_DIR}/main.cld ]; then
108 MAIN_SIGNATURES_PATH="${CLAM_LIB_DIR}/main.cld"
110 echo "UNKNOWN: Unable to locate installed main signatures"
114 # extract the daily signatures version
115 INSTALLED_DAILY_VERSION=$(sigtool -i ${DAILY_SIGNATURES_PATH} 2>/dev/null | grep Version | sed -e 's/Version: //')
116 if ! [[ $INSTALLED_DAILY_VERSION =~ $NUMERICAL_REGEX ]]; then
117 echo "UNKNOWN: Unable to establish installed daily signatures version"
121 # extract the main signatures version
122 INSTALLED_MAIN_VERSION=$(sigtool -i ${MAIN_SIGNATURES_PATH} 2>/dev/null | grep Version | sed -e 's/Version: //')
123 if ! [[ $INSTALLED_MAIN_VERSION =~ $NUMERICAL_REGEX ]]; then
124 echo "UNKNOWN: Unable to establish installed main signatures version"
128 # query the DNS record
129 DNS_TXT_RECORD=$(host -t txt current.cvd.clamav.net)
130 if [ $? -ne 0 ]; then
131 echo "UNKNOWN: DNS query to current.cvd.clamav.net failed"
135 # extract the current daily signatures version from the DNS TXT record
136 CURRENT_DAILY_VERSION=$(echo $DNS_TXT_RECORD | cut -d : -f 3)
137 if ! [[ $CURRENT_DAILY_VERSION =~ $NUMERICAL_REGEX ]]; then
138 echo "UNKNOWN: Unable to establish current daily signatures version from DNS query"
142 # extract the current main signatures version from the DNS TXT record
143 CURRENT_MAIN_VERSION=$(echo $DNS_TXT_RECORD | cut -d : -f 2)
144 if ! [[ $CURRENT_MAIN_VERSION =~ $NUMERICAL_REGEX ]]; then
145 echo "UNKNOWN: Unable to establish current main signatures version from DNS query"
149 # determine the difference between the current and installed versions
150 DAILY_VERSION_DELTA=$((CURRENT_DAILY_VERSION-INSTALLED_DAILY_VERSION))
151 MAIN_VERSION_DELTA=$((CURRENT_MAIN_VERSION-INSTALLED_MAIN_VERSION))
153 if [ $DAILY_VERSION_DELTA -gt $CRIT_THRESHOLD -o $MAIN_VERSION_DELTA -gt $CRIT_THRESHOLD ]; then
154 echo "CRITICAL: Signatures expired;" \
155 "daily version: ${INSTALLED_DAILY_VERSION} (${DAILY_VERSION_DELTA} behind)," \
156 "main version: ${INSTALLED_MAIN_VERSION} (${MAIN_VERSION_DELTA} behind)"
158 elif [ $DAILY_VERSION_DELTA -gt $WARN_THRESHOLD -o $MAIN_VERSION_DELTA -gt $WARN_THRESHOLD ]; then
159 echo "WARNING: Signatures expired;" \
160 "daily version: ${INSTALLED_DAILY_VERSION} (${DAILY_VERSION_DELTA} behind)," \
161 "main version: ${INSTALLED_MAIN_VERSION} (${MAIN_VERSION_DELTA} behind)"
165 echo "OK: Signatures up to date;"\
166 "daily version: ${INSTALLED_DAILY_VERSION}," \
167 "main version: ${INSTALLED_MAIN_VERSION}"