hjkhhrteuiluiliuuiluiluiluilrtrt
bnmbertsdfsdfluiluiluiluiluiluiltdfg
/
usr
/
lib64
/
nagios
/
plugins
/
bc
/
Upload FileeE
HOME
#!/bin/bash export PATH=$PATH:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin parameter_measured=HTTP_connections; network_connection_details=/usr/lib64/nagios/plugins/bc/bc_network_connection_details.txt; if [ -f $network_connection_details ] then gen_high_connection_ip_list(){ cat $network_connection_details | uniq -c | sort -n | awk '$1>=100 {print $2}' | egrep -v "^10\.|^172\.1[6-9]|^172\.2[0-9]|^172\.3[0-1]|^192\.168"; } gen_high_connection_ip_rdns_list(){ for ip in $(gen_high_connection_ip_list) do echo $ip $(dig +short -x $ip); done } gen_non_cdn_high_connection_ip_list(){ gen_high_connection_ip_rdns_list | egrep -i -v "akamaitechnologies|cloudfront.net|cdn|sucuri.net|uptimerobot.com|googlebot.com|search.msn.com" | egrep -i -v "aws|amazon|amazonaws.com"; } detected_ip_list=""; for detected_ip in $(gen_high_connection_ip_rdns_list | egrep -i -v "akamaitechnologies|cloudfront.net|cdn|sucuri.net|uptimerobot.com" | egrep -i -v "aws|amazon|amazonaws.com" |awk '{print $1}' | tail -3 ) do detected_ip_list="$(echo $detected_ip_list) $detected_ip"; done measured_value=$(gen_non_cdn_high_connection_ip_list| wc -l); unique_connections=$( cat $network_connection_details | uniq | sort -n | wc -l); total_connections=$( cat $network_connection_details | wc -l); critical_trigger_value=2; warning_trigger_value=1; if [ $measured_value -ge $critical_trigger_value ] then printf "$parameter_measured CRITICAL - More than 100 connections from $measured_value IPs. Detected IPs are $detected_ip_list" printf '|' printf "unique_connections=$unique_connections;;;; "; printf "total_connections=$total_connections;;;; "; exit 2; elif [ $measured_value -ge $warning_trigger_value ] then printf "$parameter_measured WARNING - More than 100 connections from $measured_value IPs. Detected IPs are $detected_ip_list" printf '|' printf "unique_connections=$unique_connections;;;; "; printf "total_connections=$total_connections;;;; "; exit 1; else printf "$parameter_measured OK - More than 100 connections from $measured_value IPs" printf '|' printf "unique_connections=$unique_connections;;;; "; printf "total_connections=$total_connections;;;; "; exit 0; fi else printf "$parameter_measured CRITICAL - Cron required for monitoring is missing" printf '|' printf "$parameter_measured=0;;;; "; exit 2; fi