diff --git a/check_apt_critical.sh b/check_apt_critical.sh new file mode 100755 index 0000000..26dd8aa --- /dev/null +++ b/check_apt_critical.sh @@ -0,0 +1,57 @@ +#!/bin/bash +# https://github.com/nagios-plugins/nagios-plugins/blob/master/plugins/check_apt.c + +usage() { + echo "usage: check_apt_critical.sh [-h] [--warn WARN] [--crit CRIT] + +options: + -h, --help Show this help message and exit. + --warn WARN The number of critical updates needed to trigger WARNING. + --crit CRIT The number of critical updates needed to trigger CRITICAL. + +If --warn or --crit is not provided, any number of updates will trigger CRITICAL." + exit 1 +} + +WARN_LEVEL=0 +CRIT_LEVEL=0 + +while [ "$1" != "" ]; do + case $1 in + --warn ) shift + WARN_LEVEL=$1 + ;; + --crit ) shift + CRIT_LEVEL=$1 + ;; + * ) usage + esac + shift +done + +CRITICAL_RE='^Inst [^\(]*\(.* (Debian-Security:|Ubuntu:[^/]*/[^-]*-security)' +APT_PATH=$(which apt-get) +CRITICAL_UPDATES=$($APT_PATH --just-print upgrade -o 'Debug::NoLocking=true' -s -qq | grep -oE "$CRITICAL_RE" ) +NUM_CRIT_UPDATES=$(echo "$CRITICAL_UPDATES" | wc -l) + +if [[ $NUM_CRIT_UPDATES -eq 0 ]]; then + echo "OK - $NUM_CRIT_UPDATES critical updates available. | critical_updates=$NUM_CRIT_UPDATES" + exit 0 +fi + +if [[ $CRIT_LEVEL -gt 0 ]] || [[ $WARN_LEVEL -gt 0 ]]; then + # Only use the levels if the user has set one of them. + if [[ $NUM_CRIT_UPDATES -ge $CRIT_LEVEL ]]; then + echo "CRITICAL - $NUM_CRIT_UPDATES critical updates available. | critical_updates=$NUM_CRIT_UPDATES" + exit 2 + elif [[ $NUM_CRIT_UPDATES -ge $WARN_LEVEL ]]; then + echo "WARNING - $NUM_CRIT_UPDATES critical updates available. | critical_updates=$NUM_CRIT_UPDATES" + exit 1 + else + echo "OK - $NUM_CRIT_UPDATES critical updates available. | critical_updates=$NUM_CRIT_UPDATES" + exit 0 + fi +else + echo "CRITICAL - $NUM_CRIT_UPDATES critical updates available. | critical_updates=$NUM_CRIT_UPDATES" + exit 2 +fi \ No newline at end of file