cyberes
/
icinga2-checks
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

new check_curl

This commit is contained in:
Cyberes 2023-04-21 23:54:18 -06:00
parent 27cb71fff8
commit 4782f61deb
3 changed files with 577 additions and 223 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

240
Other/check_curl old Normal file
View File

@ -0,0 +1,240 @@
#!/bin/bash
# startup checks
if [ -z "$BASH" ]; then
echo "Please use BASH."
exit 3
fi
if [ ! -e "/usr/bin/which" ]; then
echo "/usr/bin/which is missing."
exit 3
fi
curl=$(which curl)
if [ $? -ne 0 ]; then
echo "Please install curl."
exit 3
fi
# Default Values
proxy=""
method="GET"
body=""
contains=""
lacks=""
insecure=0
debug=0
warning=700
encodeurl=0
critical=2000
url=""
follow=0
header=""
name="default"
cookies=0
# Usage Info
usage() {
echo '''Usage: check_curl [OPTIONS]
[OPTIONS]:
-U URL Target URL
-M METHOD HTTP Method (default: GET)
-N NAME Display Name of scanned object (default: default)
-B BODY Request Body to be sent (default: not sent)
-E ENCODEURL Send body defined with url encoding (curl --data-urlencode) (default: off)
-I INSECURE Sets the curl flag --insecure
-C CONTAINS If not contained in response body, CRITICAL will be returned
-L LACKS If contained in response body, CRITICAL will be returned (-C has priority when both are set)
-w WARNING Warning threshold in milliseconds (default: 700)
-c CRITICAL Critical threshold in milliseconds (default: 2000)
-H HEADER Send Header (i.E. "AUTHORIZATION: Bearer 8*.UdUYwrl!nK")
-F FOLLOW Follow redirects (default: OFF)
-D DEBUG Only prints the curl command (default: OFF)
-P PROXY Set Proxy Address (default: No Proxy)
-K COOKIES Enables/Disabled cookie handling in a temporary cookie jar'''
}
# Check which threshold was reached
checkTime() {
if [ $1 -gt $critical ]; then
echo -n "CRITICAL: Slow "
elif [ $1 -gt $warning ]; then
echo -n "WARNING: Slow "
else
echo -n "OK"
fi
}
# Return code value
getStatus() {
if [ $1 -gt $critical ]; then
return 2
elif [ $1 -gt $warning ]; then
return 1
else
return 0
fi
}
#main
#get options
while getopts "P:M:B:C:w:c:U:H:IFN:O:EL:D:K" opt; do
case $opt in
K)
cookies=1
;;
P)
proxy=$OPTARG
;;
M)
method=$OPTARG
;;
B)
body=$OPTARG
;;
C)
contains=$OPTARG
;;
w)
warning=$OPTARG
;;
c)
critical=$OPTARG
;;
U)
url=$OPTARG
;;
L)
lacks=$OPTARG
;;
I)
insecure=1
;;
N)
name=$( echo $OPTARG | sed -e 's/[^A-Za-z0-9._-]/_/g' )
;;
E)
encodeurl=1
;;
H)
header=$OPTARG
;;
F)
follow=1
;;
D)
debug=1
;;
*)
usage
exit 3
;;
esac
done
#hostname is required
if [ -z "$url" ] || [ $# -eq 0 ]; then
echo "Error: URL is required"
usage
exit 3
fi
proxyarg=""
if [ ! -z $proxy ] ; then
proxyarg=" -x "$proxy" "
fi
headerarg=""
if [ ! -z "$header" ] ; then
headerarg=' -H "'$header'" '
fi
followarg=""
if [ $follow -eq 1 ] ; then
followarg=" -L "
fi
insecurearg=""
if [ $insecure -eq 1 ] ; then
insecurearg=" --insecure "
fi
cookiesarg=""
if [ $cookies -eq 1 ] ; then
COOKIE_JAR_TEMP_PATH=$(mktemp /tmp/check_curl_cookiejar.XXXXXX)
cookiesarg=" -c ${COOKIE_JAR_TEMP_PATH} -b ${COOKIE_JAR_TEMP_PATH}"
fi
bodyarg=""
if [ ! -z $body ]; then
body=$(echo $body| sed "s/\"/\\\\\"/g")
bodyarg=" --data \""$body"\""
if [ $encodeurl -eq 1 ]; then
bodyarg=" --data-urlencode \""$body"\""
fi
fi
if [ $debug -eq 1 ]; then
echo $curl --no-keepalive -s $insecurearg $proxyarg $followarg $bodyarg $headerarg -X $method $cookiesarg "$url"
exit 0
else
start=$(echo $(($(date +%s%N)/1000000)))
body=$(eval $curl --no-keepalive -s $insecurearg $proxyarg $followarg $bodyarg $headerarg -X $method $cookiesarg "$url")
status=$?
fi
if [ $cookies -eq 1 ] ; then
rm -f ${COOKIE_JAR_TEMP_PATH}
fi
end=$(echo $(($(date +%s%N)/1000000)))
#decide output by return code
if [ $status -eq 0 ] ; then
if [ -n "$contains" ]; then
if [[ ! $body =~ $contains ]]; then
echo "CRITICAL: body does not contain '${contains}'. Body: '$(echo $body | sed 's/\(.\{50\}\).*/\1.../')' |time=$((end - start))ms;${warning};${critical};0;"$critical"ms"
exit 2
fi
fi
if [ -n "$lacks" ]; then
if [[ $body == *$lacks* ]]; then
echo "CRITICAL: body contains '${lacks}'|time=$((end - start))ms;${warning};${critical};0;"$critical"ms"
exit 2
fi
fi
echo "$(checkTime $((end - start))) $((end - start))ms - ${url}|time=$((end - start))ms;${warning};${critical};0;"$critical"ms"
getStatus $((end - start))
exit $?
else
case $status in
1)
echo "CRITICAL: Unsupported protocol"
;;
3)
echo "CRITICAL: Malformed URL"
;;
5)
echo "CRITICAL: Couldn't resolve proxy $proxy"
;;
6)
echo "CRITICAL: Couldn't resolve host"
;;
7)
echo "CRITICAL: Couldn't connect to proxy $proxy"
;;
22)
echo "CRITICAL: Server returned http code >= 400"
;;
52)
echo "CRITICAL: Server returned empty response (52)"
;;
56)
echo "CRITICAL: Failure recieving network data (56)"
;;
60)
echo "CRITICAL: SSL/TLS connection problem (60)"
;;
*)
echo "UNKNOWN: $status - ${url}"
exit 3
;;
esac
exit 2
fi

282
check_curl
View File

@ -1,240 +1,114 @@
#!/bin/bash #!/bin/bash
# startup checks
if [ -z "$BASH" ]; then # Define the usage message
echo "Please use BASH."
exit 3
fi
if [ ! -e "/usr/bin/which" ]; then
echo "/usr/bin/which is missing."
exit 3
fi
curl=$(which curl)
if [ $? -ne 0 ]; then
echo "Please install curl."
exit 3
fi
# Default Values
proxy=""
method="GET"
body=""
contains=""
lacks=""
insecure=0
debug=0
warning=700
encodeurl=0
critical=2000
url=""
follow=0
header=""
name="default"
cookies=0
# Usage Info
usage() { usage() {
echo '''Usage: check_curl [OPTIONS] echo "Usage: $0 -u <url> [-w <warning>] [-c <critical>]"
[OPTIONS]: exit 3
-U URL Target URL
-M METHOD HTTP Method (default: GET)
-N NAME Display Name of scanned object (default: default)
-B BODY Request Body to be sent (default: not sent)
-E ENCODEURL Send body defined with url encoding (curl --data-urlencode) (default: off)
-I INSECURE Sets the curl flag --insecure
-C CONTAINS If not contained in response body, CRITICAL will be returned
-L LACKS If contained in response body, CRITICAL will be returned (-C has priority when both are set)
-w WARNING Warning threshold in milliseconds (default: 700)
-c CRITICAL Critical threshold in milliseconds (default: 2000)
-H HEADER Send Header (i.E. "AUTHORIZATION: Bearer 8*.UdUYwrl!nK")
-F FOLLOW Follow redirects (default: OFF)
-D DEBUG Only prints the curl command (default: OFF)
-P PROXY Set Proxy Address (default: No Proxy)
-K COOKIES Enables/Disabled cookie handling in a temporary cookie jar'''
} }
# Parse the command-line arguments
# Check which threshold was reached while getopts "u:w:c:C:H:R:lhIp" opt; do
checkTime() {
if [ $1 -gt $critical ]; then
echo -n "CRITICAL: Slow "
elif [ $1 -gt $warning ]; then
echo -n "WARNING: Slow "
else
echo -n "OK"
fi
}
# Return code value
getStatus() {
if [ $1 -gt $critical ]; then
return 2
elif [ $1 -gt $warning ]; then
return 1
else
return 0
fi
}
#main
#get options
while getopts "P:M:B:C:w:c:U:H:IFN:O:EL:D:K" opt; do
case $opt in case $opt in
K) u)
cookies=1 URL=$OPTARG
;;
P)
proxy=$OPTARG
;;
M)
method=$OPTARG
;;
B)
body=$OPTARG
;;
C)
contains=$OPTARG
;; ;;
w) w)
warning=$OPTARG WARNING_LEVEL=$OPTARG
;; ;;
c) c)
critical=$OPTARG CRITICAL_LEVEL=$OPTARG
;; ;;
U) l)
url=$OPTARG FOLLOW_REDIRECTS="-L"
;; ;;
L) C)
lacks=$OPTARG CONTAINS=$OPTARG
;; ;;
I) I)
insecure=1 INSECURE="--insecure"
;;
N)
name=$( echo $OPTARG | sed -e 's/[^A-Za-z0-9._-]/_/g' )
;;
E)
encodeurl=1
;; ;;
H) H)
header=$OPTARG HEADERS=$OPTARG
;; ;;
F) p)
follow=1 PRINT_ONLY=true
;; ;;
D) R)
debug=1 RESOLVE="--resolve $OPTARG"
;;
h)
usage
;; ;;
*) *)
usage usage
exit 3
;; ;;
esac esac
done done
#hostname is required WARNING_LEVEL=${WARNING_LEVEL:-1}
if [ -z "$url" ] || [ $# -eq 0 ]; then CRITICAL_LEVEL=${CRITICAL_LEVEL:-2}
echo "Error: URL is required" #FOLLOW_REDIRECTS=${FOLLOW_REDIRECTS:-""}
if [ -z "$URL" ]; then
usage usage
fi
HEADER_ARGS=""
IFS=',' read -ra values <<<"$HEADERS"
for value in "${values[@]}"; do
HEADER_ARGS+="-H '$value'"
done
CURL_CMD="-s -w '%{http_code}\n%{time_total}' $HEADER_ARGS $FOLLOW_REDIRECTS $INSECURE $RESOLVE $URL"
if $PRINT_ONLY; then
echo "curl $CURL_CMD"
exit 3 exit 3
fi fi
proxyarg="" TMP_ERROR_LOG=$(mktemp)
if [ ! -z $proxy ] ; then TMP_RESPONSE=$(mktemp)
proxyarg=" -x "$proxy" " RESPONSE=$(curl -v -o "$TMP_RESPONSE" "$CURL_CMD" 2>"$TMP_ERROR_LOG")
fi
headerarg=""
if [ ! -z "$header" ] ; then
headerarg=' -H "'$header'" '
fi
followarg=""
if [ $follow -eq 1 ] ; then
followarg=" -L "
fi
insecurearg=""
if [ $insecure -eq 1 ] ; then
insecurearg=" --insecure "
fi
cookiesarg=""
if [ $cookies -eq 1 ] ; then
COOKIE_JAR_TEMP_PATH=$(mktemp /tmp/check_curl_cookiejar.XXXXXX)
cookiesarg=" -c ${COOKIE_JAR_TEMP_PATH} -b ${COOKIE_JAR_TEMP_PATH}"
fi
bodyarg=""
if [ ! -z $body ]; then
body=$(echo $body| sed "s/\"/\\\\\"/g")
bodyarg=" --data \""$body"\""
if [ $encodeurl -eq 1 ]; then
bodyarg=" --data-urlencode \""$body"\""
fi
fi
if [ $debug -eq 1 ]; then # shellcheck disable=SC2181
echo $curl --no-keepalive -s $insecurearg $proxyarg $followarg $bodyarg $headerarg -X $method $cookiesarg "$url" if [ $? -ne 0 ]; then
exit 0 echo "CRITICAL: curl failed!"
echo "Error log:"
cat "$TMP_ERROR_LOG"
exit 2
fi
rm -rf "$TMP_ERROR_LOG"
RESPONSE_CODE=$(echo "$RESPONSE" | head -n 1)
RESPONSE_TIME=$(printf "%.2f" "$(echo "$RESPONSE" | tail -n 1)")
OUTPUT_MSG=""
OUTPUT_CODE=0
if [ $RESPONSE_CODE -eq 200 ] && [ "$(echo "$RESPONSE_TIME < $CRITICAL_LEVEL" | bc -l)" -eq 1 ]; then
OUTPUT_MSG="OK: website is up and responded in $RESPONSE_TIME seconds."
elif [ $RESPONSE_CODE -eq 200 ] && [ "$(echo "$RESPONSE_TIME < $WARNING_LEVEL" | bc -l)" -eq 1 ]; then
OUTPUT_MSG="WARNING: response time is slow ($RESPONSE_TIME seconds)."
OUTPUT_CODE=1
elif [ $RESPONSE_CODE -eq 200 ]; then
OUTPUT_MSG"CRITICAL: response time is very slow ($RESPONSE_TIME seconds)."
OUTPUT_CODE=2
else else
start=$(echo $(($(date +%s%N)/1000000))) OUTPUT_MSG="CRITICAL: website is not responding, returned $RESPONSE_CODE code."
body=$(eval $curl --no-keepalive -s $insecurearg $proxyarg $followarg $bodyarg $headerarg -X $method $cookiesarg "$url") OUTPUT_CODE=2
status=$?
fi fi
if [ $cookies -eq 1 ] ; then if [ ! -z ${CONTAINS+x} ]; then
rm -f ${COOKIE_JAR_TEMP_PATH} if ! grep -q "$CONTAINS" "$TMP_RESPONSE"; then
fi OUTPUT_MSG+="\nCRITICAL: response did not contain required string!\nFound: $(cat "$TMP_RESPONSE")"
OUTPUT_CODE=2
end=$(echo $(($(date +%s%N)/1000000)))
#decide output by return code
if [ $status -eq 0 ] ; then
if [ -n "$contains" ]; then
if [[ ! $body =~ $contains ]]; then
echo "CRITICAL: body does not contain '${contains}'. Body: '$(echo $body | sed 's/\(.\{50\}\).*/\1.../')' |time=$((end - start))ms;${warning};${critical};0;"$critical"ms"
exit 2
fi
fi
if [ -n "$lacks" ]; then
if [[ $body == *$lacks* ]]; then
echo "CRITICAL: body contains '${lacks}'|time=$((end - start))ms;${warning};${critical};0;"$critical"ms"
exit 2
fi
fi
echo "$(checkTime $((end - start))) $((end - start))ms - ${url}|time=$((end - start))ms;${warning};${critical};0;"$critical"ms"
getStatus $((end - start))
exit $?
else else
case $status in OUTPUT_MSG+="\nOK: response contained required string."
1)
echo "CRITICAL: Unsupported protocol"
;;
3)
echo "CRITICAL: Malformed URL"
;;
5)
echo "CRITICAL: Couldn't resolve proxy $proxy"
;;
6)
echo "CRITICAL: Couldn't resolve host"
;;
7)
echo "CRITICAL: Couldn't connect to proxy $proxy"
;;
22)
echo "CRITICAL: Server returned http code >= 400"
;;
52)
echo "CRITICAL: Server returned empty response (52)"
;;
56)
echo "CRITICAL: Failure recieving network data (56)"
;;
60)
echo "CRITICAL: SSL/TLS connection problem (60)"
;;
*)
echo "UNKNOWN: $status - ${url}"
exit 3
;;
esac
exit 2
fi fi
fi
rm -rf "$TMP_RESPONSE"
OUTPUT_MSG+=" | response_time=${RESPONSE_TIME}s;$WARNING_LEVEL;$CRITICAL_LEVEL;0"
echo -e "$OUTPUT_MSG"
exit $OUTPUT_CODE

240
check_curl old Normal file
View File

@ -0,0 +1,240 @@
#!/bin/bash
# startup checks
if [ -z "$BASH" ]; then
echo "Please use BASH."
exit 3
fi
if [ ! -e "/usr/bin/which" ]; then
echo "/usr/bin/which is missing."
exit 3
fi
curl=$(which curl)
if [ $? -ne 0 ]; then
echo "Please install curl."
exit 3
fi
# Default Values
proxy=""
method="GET"
body=""
contains=""
lacks=""
insecure=0
debug=0
warning=700
encodeurl=0
critical=2000
url=""
follow=0
header=""
name="default"
cookies=0
# Usage Info
usage() {
echo '''Usage: check_curl [OPTIONS]
[OPTIONS]:
-U URL Target URL
-M METHOD HTTP Method (default: GET)
-N NAME Display Name of scanned object (default: default)
-B BODY Request Body to be sent (default: not sent)
-E ENCODEURL Send body defined with url encoding (curl --data-urlencode) (default: off)
-I INSECURE Sets the curl flag --insecure
-C CONTAINS If not contained in response body, CRITICAL will be returned
-L LACKS If contained in response body, CRITICAL will be returned (-C has priority when both are set)
-w WARNING Warning threshold in milliseconds (default: 700)
-c CRITICAL Critical threshold in milliseconds (default: 2000)
-H HEADER Send Header (i.E. "AUTHORIZATION: Bearer 8*.UdUYwrl!nK")
-F FOLLOW Follow redirects (default: OFF)
-D DEBUG Only prints the curl command (default: OFF)
-P PROXY Set Proxy Address (default: No Proxy)
-K COOKIES Enables/Disabled cookie handling in a temporary cookie jar'''
}
# Check which threshold was reached
checkTime() {
if [ $1 -gt $critical ]; then
echo -n "CRITICAL: Slow "
elif [ $1 -gt $warning ]; then
echo -n "WARNING: Slow "
else
echo -n "OK"
fi
}
# Return code value
getStatus() {
if [ $1 -gt $critical ]; then
return 2
elif [ $1 -gt $warning ]; then
return 1
else
return 0
fi
}
#main
#get options
while getopts "P:M:B:C:w:c:U:H:IFN:O:EL:D:K" opt; do
case $opt in
K)
cookies=1
;;
P)
proxy=$OPTARG
;;
M)
method=$OPTARG
;;
B)
body=$OPTARG
;;
C)
contains=$OPTARG
;;
w)
warning=$OPTARG
;;
c)
critical=$OPTARG
;;
U)
url=$OPTARG
;;
L)
lacks=$OPTARG
;;
I)
insecure=1
;;
N)
name=$( echo $OPTARG | sed -e 's/[^A-Za-z0-9._-]/_/g' )
;;
E)
encodeurl=1
;;
H)
header=$OPTARG
;;
F)
follow=1
;;
D)
debug=1
;;
*)
usage
exit 3
;;
esac
done
#hostname is required
if [ -z "$url" ] || [ $# -eq 0 ]; then
echo "Error: URL is required"
usage
exit 3
fi
proxyarg=""
if [ ! -z $proxy ] ; then
proxyarg=" -x "$proxy" "
fi
headerarg=""
if [ ! -z "$header" ] ; then
headerarg=' -H "'$header'" '
fi
followarg=""
if [ $follow -eq 1 ] ; then
followarg=" -L "
fi
insecurearg=""
if [ $insecure -eq 1 ] ; then
insecurearg=" --insecure "
fi
cookiesarg=""
if [ $cookies -eq 1 ] ; then
COOKIE_JAR_TEMP_PATH=$(mktemp /tmp/check_curl_cookiejar.XXXXXX)
cookiesarg=" -c ${COOKIE_JAR_TEMP_PATH} -b ${COOKIE_JAR_TEMP_PATH}"
fi
bodyarg=""
if [ ! -z $body ]; then
body=$(echo $body| sed "s/\"/\\\\\"/g")
bodyarg=" --data \""$body"\""
if [ $encodeurl -eq 1 ]; then
bodyarg=" --data-urlencode \""$body"\""
fi
fi
if [ $debug -eq 1 ]; then
echo $curl --no-keepalive -s $insecurearg $proxyarg $followarg $bodyarg $headerarg -X $method $cookiesarg "$url"
exit 0
else
start=$(echo $(($(date +%s%N)/1000000)))
body=$(eval $curl --no-keepalive -s $insecurearg $proxyarg $followarg $bodyarg $headerarg -X $method $cookiesarg "$url")
status=$?
fi
if [ $cookies -eq 1 ] ; then
rm -f ${COOKIE_JAR_TEMP_PATH}
fi
end=$(echo $(($(date +%s%N)/1000000)))
#decide output by return code
if [ $status -eq 0 ] ; then
if [ -n "$contains" ]; then
if [[ ! $body =~ $contains ]]; then
echo "CRITICAL: body does not contain '${contains}'. Body: '$(echo $body | sed 's/\(.\{50\}\).*/\1.../')' |time=$((end - start))ms;${warning};${critical};0;"$critical"ms"
exit 2
fi
fi
if [ -n "$lacks" ]; then
if [[ $body == *$lacks* ]]; then
echo "CRITICAL: body contains '${lacks}'|time=$((end - start))ms;${warning};${critical};0;"$critical"ms"
exit 2
fi
fi
echo "$(checkTime $((end - start))) $((end - start))ms - ${url}|time=$((end - start))ms;${warning};${critical};0;"$critical"ms"
getStatus $((end - start))
exit $?
else
case $status in
1)
echo "CRITICAL: Unsupported protocol"
;;
3)
echo "CRITICAL: Malformed URL"
;;
5)
echo "CRITICAL: Couldn't resolve proxy $proxy"
;;
6)
echo "CRITICAL: Couldn't resolve host"
;;
7)
echo "CRITICAL: Couldn't connect to proxy $proxy"
;;
22)
echo "CRITICAL: Server returned http code >= 400"
;;
52)
echo "CRITICAL: Server returned empty response (52)"
;;
56)
echo "CRITICAL: Failure recieving network data (56)"
;;
60)
echo "CRITICAL: SSL/TLS connection problem (60)"
;;
*)
echo "UNKNOWN: $status - ${url}"
exit 3
;;
esac
exit 2
fi