Icinga check_http 通过代理服务器
Icinga check_http via Proxy Server
我不知道如何使用 Icinga 的 check_http 模块来使用 http 代理。
我尝试使用 hosts.conf 中的以下条目来实现此目的。
object Host "host.local.ch" {
import "generic-host"
address = "192.168.200.20"
vars.http_vhosts["http"] = {
http_uri = "/"
http_proxy = "127.0.0.1"
http_proxy_port = 5016
}
}
我找到了一个脚本,对其进行了编辑并为 Icinga 的示例用法创建了文件,可在此处找到它:
https://github.com/ozzi-/icinga-check-http-proxy
保存以下脚本 (/etc/icinga2/scripts/check_http_proxy.sh):
#!/bin/bash
# Author: ozzi- , forked from scott.liao (https://github.com/shazi7804/icinga-check-http-proxy)
# Description: ICINGA2 http check with proxy support
# startup checks
if [ -z "$BASH" ]; then
echo "Please use BASH."
exit 3
fi
if [ ! -e "/usr/bin/which" ]; then
echo "/usr/bin/which is missing."
exit 3
fi
wget=$(which wget)
if [ $? -ne 0 ]; then
echo "Please install wget."
exit 3
fi
# Default Values
ssl=""
useragent=""
host=""
port=""
proxy=""
url="/"
times=1
timeout=5
warning=700
critical=2000
certificate=""
bindaddress=""
#set system proxy from environment
getProxy() {
if [ -z "" ]; then
echo $http_proxy | awk -F'http://' '{print }'
else
echo $https_proxy | awk -F'http://' '{print }'
fi
}
# Usage Info
usage() {
echo '''Usage: check_http_proxy [OPTIONS]
[OPTIONS]:
-p PORT Port to connect to (default: 80)
-u URL URL path (default: /)
-H HOSTNAME Destination Hostname
-a USERAGENT Sends a useragent and mimics other request headers of a browser
-s Use HTTPS proxy (default connecting to proxy via http)
-P PROXY Sets the proxy ip:port (i.e. 127.0.0.1:8840)
-w WARNING warning threshold in milliseconds (default: 700)
-c CRITICAL Critical threshold in milliseconds (default: 2000)
-n TRIES Number of connection attempts (default: 1)
-t TIMEOUT Seconds to wait for connection (timeout) (default: 5)
-C CERTIFICATE Path to a client certificate (PEM and DER file types supported)
-b IP Bind address for wget (default: IP of primary networking interface)'''
}
# Check which threshold was reached
checkTime() {
if [ -gt $critical ]; then
echo -n "CRITICAL"
elif [ -gt $warning ]; then
echo -n "WARNING"
else
echo -n "OK"
fi
}
# Return code value
getStatus() {
if [ -gt $critical ]; then
return 2
elif [ -gt $warning ]; then
return 1
else
return 0
fi
}
#main
#get options
while getopts "c:p:s:a:w:u:P:H:n:t:C:b:" opt; do
case $opt in
c)
critical=$OPTARG
;;
p)
port=$OPTARG
;;
s)
ssl=1
;;
a)
useragent=$OPTARG
;;
w)
warning=$OPTARG
;;
u)
url=$OPTARG
;;
P)
proxy=$OPTARG
;;
H)
hostname=$OPTARG
;;
n)
times=$OPTARG
;;
t)
timeout=$OPTARG
;;
C)
client_certificate=$OPTARG
;;
b)
bindaddress=$OPTARG
;;
*)
usage
exit 3
;;
esac
done
#define host with last parameter
host=$hostname
#hostname is required
if [ -z "$host" ] || [ $# -eq 0 ]; then
echo "Error: host is required"
usage
exit 3
fi
#set proxy from environment if available and no proxy option is given
if [ -z "$proxy" ]; then
proxy="$(getProxy ssl)"
fi
#use ssl or not
if [ -z "$ssl" ]; then
header="HTTP"
proxy_cmd="http_proxy=$proxy"
url_prefix="http://"
else
header="HTTPS"
proxy_cmd="https_proxy=$proxy"
url_prefix="https://"
fi
#different port
if [ -z "$port" ]; then
url="${url_prefix}${host}${url}"
else
url="${url_prefix}${host}:${port}${url}"
fi
start=$(echo $(($(date +%s%N)/1000000)))
if [ -z "$useragent" ]; then
if [ -z "$client_certificate" ]; then
#execute and capture execution time and return status of wget
$wget -t $times --timeout $timeout -O /dev/null -q -e $proxy_cmd --bind-address=${bindaddress} $url
status=$?
elif [ -n "$client_certificate" ]; then
#execute and capture execution time and return status of wget with client certificate
$wget -t $times --timeout $timeout -O /dev/null -q -e $proxy_cmd --bind-address=${bindaddress} --certificate=$client_certificate $url
status=$?
fi
else
if [ -n "$client_certificate" ]; then
$wget -t $times --timeout $timeout -O /dev/null -q -e $proxy_cmd --bind-address=${bindaddress} --certificate=$client_certificate $url \
--header="User-Agent: $useragent" \
--header="Accept: image/png,image/*;q=0.8,*/*;q=0.5" \
--header="Accept-Language: en-us,en;q=0.5" \
--header="Accept-Encoding: gzip, deflate"
status=$?
else
#execute with fake user agent and capture execution time and return status of wget
$wget -t $times --timeout $timeout -O /dev/null -q -e $proxy_cmd --bind-address=${bindaddress} $url \
--header="User-Agent: $useragent" \
--header="Accept: image/png,image/*;q=0.8,*/*;q=0.5" \
--header="Accept-Language: en-us,en;q=0.5" \
--header="Accept-Encoding: gzip, deflate"
status=$?
fi
fi
end=$(echo $(($(date +%s%N)/1000000)))
#decide output by return code
if [ $status -eq 0 ] ; then
echo "${header} $(checkTime $((end - start))): $((end - start))ms - ${url}|time=$((end - start))ms;${warning};${critical};0;"
getStatus $((end - start))
exit $?
else
case $status in
1)
echo "${header} CRITICAL: Generic error code ($status) - ${url}"
;;
2)
echo "${header} CRITICAL: Parse error ($status) - ${url}"
;;
3)
echo "${header} CRITICAL: File I/O error ($status) - ${url}"
;;
4)
echo "${header} CRITICAL: Network failure ($status) - ${url}"
;;
5)
echo "${header} CRITICAL: SSL verification failure ($status) - ${url}"
;;
6)
echo "${header} CRITICAL: Authentication failure ($status) - ${url}"
;;
7)
echo "${header} CRITICAL: Protocol errors ($status) - ${url}"
;;
8)
echo "${header} CRITICAL: Server issued an error response ($status) - ${url}"
;;
*)
echo "${header} UNKNOWN: $status - ${url}"
exit 3
;;
esac
exit 2
fi
Icinga 命令定义(/etc/icinga2/conf.d/commands.conf):
object CheckCommand "check-http-proxy" {
command = [ ConfigDir + "/scripts/check_http_proxy.sh" ]
arguments += {
"-p" = {
value = "$chp_port$"
description = "Port to connect to (default: 80)"
}
"-u" = {
value = "$chp_url$"
description = "URL path (default: /)"
}
"-H" = {
required = true
value = "$chp_hostname$"
description = "Destination Hostname"
}
"-s" = {
value = "$chp_ssl$"
description = "Use HTTPS proxy (default: http proxy)"
}
"-P" = {
required = true
value = "$chvp_proxy$"
description = "Sets the proxy ip:port (i.e. 127.0.0.1:8840)"
}
"-a" = {
value = "$chp_useragent$"
description = "Sends a useragent and mimics other request headers of a browser"
}
"-w" = {
value = "$chp_warning_timeout$"
description = "Warning threshold in milliseconds (default: 700)"
}
"-c" = {
value = "$chp_critical_timeout$"
description = "Critical threshold in milliseconds (default: 2000)"
}
"-b" = {
value = "$chp_bind_adr$"
description = "Bind address for wget (default: IP of primary networking interface)"
}
"-n" = {
value = "$chp_tries$"
description = "Number of connection attempts (default: 1)"
}
"-t" = {
value = "$chp_timeout$"
description = "Seconds to wait for connection (timeout) (default: 5)"
}
"-C" = {
value = "$chp_certificate$"
description = "Path to a client certificate (PEM and DER file types supported)"
}
}
}
/etc/icinga2/conf.d/hosts.conf
中的用法
object Host "sub.domain.ch" {
check_command = "check-http-proxy"
vars.chp_hostname = "sub.domain.ch"
vars.chp_proxy = "127.0.0.1:5016"
}
我不知道如何使用 Icinga 的 check_http 模块来使用 http 代理。
我尝试使用 hosts.conf 中的以下条目来实现此目的。
object Host "host.local.ch" {
import "generic-host"
address = "192.168.200.20"
vars.http_vhosts["http"] = {
http_uri = "/"
http_proxy = "127.0.0.1"
http_proxy_port = 5016
}
}
我找到了一个脚本,对其进行了编辑并为 Icinga 的示例用法创建了文件,可在此处找到它: https://github.com/ozzi-/icinga-check-http-proxy
保存以下脚本 (/etc/icinga2/scripts/check_http_proxy.sh):
#!/bin/bash
# Author: ozzi- , forked from scott.liao (https://github.com/shazi7804/icinga-check-http-proxy)
# Description: ICINGA2 http check with proxy support
# startup checks
if [ -z "$BASH" ]; then
echo "Please use BASH."
exit 3
fi
if [ ! -e "/usr/bin/which" ]; then
echo "/usr/bin/which is missing."
exit 3
fi
wget=$(which wget)
if [ $? -ne 0 ]; then
echo "Please install wget."
exit 3
fi
# Default Values
ssl=""
useragent=""
host=""
port=""
proxy=""
url="/"
times=1
timeout=5
warning=700
critical=2000
certificate=""
bindaddress=""
#set system proxy from environment
getProxy() {
if [ -z "" ]; then
echo $http_proxy | awk -F'http://' '{print }'
else
echo $https_proxy | awk -F'http://' '{print }'
fi
}
# Usage Info
usage() {
echo '''Usage: check_http_proxy [OPTIONS]
[OPTIONS]:
-p PORT Port to connect to (default: 80)
-u URL URL path (default: /)
-H HOSTNAME Destination Hostname
-a USERAGENT Sends a useragent and mimics other request headers of a browser
-s Use HTTPS proxy (default connecting to proxy via http)
-P PROXY Sets the proxy ip:port (i.e. 127.0.0.1:8840)
-w WARNING warning threshold in milliseconds (default: 700)
-c CRITICAL Critical threshold in milliseconds (default: 2000)
-n TRIES Number of connection attempts (default: 1)
-t TIMEOUT Seconds to wait for connection (timeout) (default: 5)
-C CERTIFICATE Path to a client certificate (PEM and DER file types supported)
-b IP Bind address for wget (default: IP of primary networking interface)'''
}
# Check which threshold was reached
checkTime() {
if [ -gt $critical ]; then
echo -n "CRITICAL"
elif [ -gt $warning ]; then
echo -n "WARNING"
else
echo -n "OK"
fi
}
# Return code value
getStatus() {
if [ -gt $critical ]; then
return 2
elif [ -gt $warning ]; then
return 1
else
return 0
fi
}
#main
#get options
while getopts "c:p:s:a:w:u:P:H:n:t:C:b:" opt; do
case $opt in
c)
critical=$OPTARG
;;
p)
port=$OPTARG
;;
s)
ssl=1
;;
a)
useragent=$OPTARG
;;
w)
warning=$OPTARG
;;
u)
url=$OPTARG
;;
P)
proxy=$OPTARG
;;
H)
hostname=$OPTARG
;;
n)
times=$OPTARG
;;
t)
timeout=$OPTARG
;;
C)
client_certificate=$OPTARG
;;
b)
bindaddress=$OPTARG
;;
*)
usage
exit 3
;;
esac
done
#define host with last parameter
host=$hostname
#hostname is required
if [ -z "$host" ] || [ $# -eq 0 ]; then
echo "Error: host is required"
usage
exit 3
fi
#set proxy from environment if available and no proxy option is given
if [ -z "$proxy" ]; then
proxy="$(getProxy ssl)"
fi
#use ssl or not
if [ -z "$ssl" ]; then
header="HTTP"
proxy_cmd="http_proxy=$proxy"
url_prefix="http://"
else
header="HTTPS"
proxy_cmd="https_proxy=$proxy"
url_prefix="https://"
fi
#different port
if [ -z "$port" ]; then
url="${url_prefix}${host}${url}"
else
url="${url_prefix}${host}:${port}${url}"
fi
start=$(echo $(($(date +%s%N)/1000000)))
if [ -z "$useragent" ]; then
if [ -z "$client_certificate" ]; then
#execute and capture execution time and return status of wget
$wget -t $times --timeout $timeout -O /dev/null -q -e $proxy_cmd --bind-address=${bindaddress} $url
status=$?
elif [ -n "$client_certificate" ]; then
#execute and capture execution time and return status of wget with client certificate
$wget -t $times --timeout $timeout -O /dev/null -q -e $proxy_cmd --bind-address=${bindaddress} --certificate=$client_certificate $url
status=$?
fi
else
if [ -n "$client_certificate" ]; then
$wget -t $times --timeout $timeout -O /dev/null -q -e $proxy_cmd --bind-address=${bindaddress} --certificate=$client_certificate $url \
--header="User-Agent: $useragent" \
--header="Accept: image/png,image/*;q=0.8,*/*;q=0.5" \
--header="Accept-Language: en-us,en;q=0.5" \
--header="Accept-Encoding: gzip, deflate"
status=$?
else
#execute with fake user agent and capture execution time and return status of wget
$wget -t $times --timeout $timeout -O /dev/null -q -e $proxy_cmd --bind-address=${bindaddress} $url \
--header="User-Agent: $useragent" \
--header="Accept: image/png,image/*;q=0.8,*/*;q=0.5" \
--header="Accept-Language: en-us,en;q=0.5" \
--header="Accept-Encoding: gzip, deflate"
status=$?
fi
fi
end=$(echo $(($(date +%s%N)/1000000)))
#decide output by return code
if [ $status -eq 0 ] ; then
echo "${header} $(checkTime $((end - start))): $((end - start))ms - ${url}|time=$((end - start))ms;${warning};${critical};0;"
getStatus $((end - start))
exit $?
else
case $status in
1)
echo "${header} CRITICAL: Generic error code ($status) - ${url}"
;;
2)
echo "${header} CRITICAL: Parse error ($status) - ${url}"
;;
3)
echo "${header} CRITICAL: File I/O error ($status) - ${url}"
;;
4)
echo "${header} CRITICAL: Network failure ($status) - ${url}"
;;
5)
echo "${header} CRITICAL: SSL verification failure ($status) - ${url}"
;;
6)
echo "${header} CRITICAL: Authentication failure ($status) - ${url}"
;;
7)
echo "${header} CRITICAL: Protocol errors ($status) - ${url}"
;;
8)
echo "${header} CRITICAL: Server issued an error response ($status) - ${url}"
;;
*)
echo "${header} UNKNOWN: $status - ${url}"
exit 3
;;
esac
exit 2
fi
Icinga 命令定义(/etc/icinga2/conf.d/commands.conf):
object CheckCommand "check-http-proxy" {
command = [ ConfigDir + "/scripts/check_http_proxy.sh" ]
arguments += {
"-p" = {
value = "$chp_port$"
description = "Port to connect to (default: 80)"
}
"-u" = {
value = "$chp_url$"
description = "URL path (default: /)"
}
"-H" = {
required = true
value = "$chp_hostname$"
description = "Destination Hostname"
}
"-s" = {
value = "$chp_ssl$"
description = "Use HTTPS proxy (default: http proxy)"
}
"-P" = {
required = true
value = "$chvp_proxy$"
description = "Sets the proxy ip:port (i.e. 127.0.0.1:8840)"
}
"-a" = {
value = "$chp_useragent$"
description = "Sends a useragent and mimics other request headers of a browser"
}
"-w" = {
value = "$chp_warning_timeout$"
description = "Warning threshold in milliseconds (default: 700)"
}
"-c" = {
value = "$chp_critical_timeout$"
description = "Critical threshold in milliseconds (default: 2000)"
}
"-b" = {
value = "$chp_bind_adr$"
description = "Bind address for wget (default: IP of primary networking interface)"
}
"-n" = {
value = "$chp_tries$"
description = "Number of connection attempts (default: 1)"
}
"-t" = {
value = "$chp_timeout$"
description = "Seconds to wait for connection (timeout) (default: 5)"
}
"-C" = {
value = "$chp_certificate$"
description = "Path to a client certificate (PEM and DER file types supported)"
}
}
}
/etc/icinga2/conf.d/hosts.conf
中的用法object Host "sub.domain.ch" {
check_command = "check-http-proxy"
vars.chp_hostname = "sub.domain.ch"
vars.chp_proxy = "127.0.0.1:5016"
}