diff --git a/.github/workflows/pylint.yml b/.github/workflows/pylint.yml index c2707b6..f990c2f 100644 --- a/.github/workflows/pylint.yml +++ b/.github/workflows/pylint.yml @@ -29,4 +29,4 @@ jobs: pip install -r requirements.txt - name: Analysing the code with pylint run: | - pylint ./*.py --disable=duplicate-code --disable=too-many-branches --disable=too-many-locals --disable=consider-using-f-string + pylint ./*.py --disable=duplicate-code --disable=too-many-branches --disable=too-many-locals diff --git a/README.md b/README.md old mode 100755 new mode 100644 index bd40d99..fe0a2e5 --- a/README.md +++ b/README.md @@ -1,10 +1,10 @@ -[![Pylint](https://github.com/m-erhardt/check-cisco-plugins/actions/workflows/pylint.yml/badge.svg)](https://github.com/m-erhardt/check-cisco-plugins/actions/workflows/pylint.yml) [![pycodestyle](https://github.com/m-erhardt/check-cisco-plugins/actions/workflows/pycodestyle.yml/badge.svg)](https://github.com/m-erhardt/check-cisco-plugins/actions/workflows/pycodestyle.yml) +[![Pylint](https://github.com/m-erhardt/check-cisco-plugins/actions/workflows/pylint.yml/badge.svg)](https://github.com/m-erhardt/check-cisco-plugins/actions/workflows/pylint.yml) [![pycodestyle](https://github.com/m-erhardt/check-cisco-plugins/actions/workflows/pycodestyle.yml/badge.svg)](https://github.com/m-erhardt/check-cisco-plugins/actions/workflows/pycodestyle.yml) [![Release](https://img.shields.io/github/release/m-erhardt/check-cisco-plugins.svg)](https://github.com/m-erhardt/check-cisco-plugins/releases) # check-cisco-plugins ## About * this repository contains a collection of Icinga / Nagios plugins to monitor Cisco IOS and NX-OS devices via SNMPv3 * Written for python 3 -* Uses SNMPv3 in AuthPriv mode +* Uses SNMPv3 in AuthPriv or authNoPriv mode ### Compatibility these plugins were developed / tested on the following models: @@ -35,6 +35,5 @@ these plugins were developed / tested on the following models: pylint ./*.py \ --disable=duplicate-code \ --disable=too-many-branches \ - --disable=too-many-locals \ - --disable=consider-using-f-string + --disable=too-many-locals ``` diff --git a/check_cisco_cpuload.py b/check_cisco_cpuload.py index 8cba035..c0a3db6 100755 --- a/check_cisco_cpuload.py +++ b/check_cisco_cpuload.py @@ -17,7 +17,7 @@ import sys from argparse import ArgumentParser from itertools import chain -from pysnmp.hlapi import nextCmd, SnmpEngine, UsmUserData, \ +from pysnmp.hlapi import bulkCmd, SnmpEngine, UsmUserData, \ UdpTransportTarget, \ ObjectType, ObjectIdentity, \ ContextData, usmHMACMD5AuthProtocol, \ @@ -62,6 +62,10 @@ def get_args(): default=10) parser.add_argument("-u", "--user", required=True, help="SNMPv3 user name", type=str, dest='user') + parser.add_argument("-l", "--seclevel", required=False, + help="SNMPv3 security level", type=str, + dest="v3mode", + choices=["authPriv", "authNoPriv"], default="authPriv") parser.add_argument("-A", "--authkey", required=True, help="SNMPv3 auth key", type=str, dest='authkey') parser.add_argument("-X", "--privkey", required=True, @@ -96,25 +100,38 @@ def get_snmp_table(table_oid, args): # initialize empty list for return object table = [] - iterator = nextCmd( + if args.v3mode == "authPriv": + iterator = bulkCmd( SnmpEngine(), UsmUserData(args.user, args.authkey, args.privkey, authProtocol=authprot[args.authmode], privProtocol=privprot[args.privmode]), UdpTransportTarget((args.host, args.port), timeout=args.timeout), ContextData(), + 0, 20, ObjectType(ObjectIdentity(table_oid)), lexicographicMode=False, lookupMib=False - ) + ) + elif args.v3mode == "authNoPriv": + iterator = bulkCmd( + SnmpEngine(), + UsmUserData(args.user, args.authkey, + authProtocol=authprot[args.authmode]), + UdpTransportTarget((args.host, args.port), timeout=args.timeout), + ContextData(), + 0, 20, + ObjectType(ObjectIdentity(table_oid)), + lexicographicMode=False, + lookupMib=False + ) for error_indication, error_status, error_index, var_binds in iterator: if error_indication: exit_plugin("3", ''.join(['SNMP error: ', str(error_indication)]), "") elif error_status: - print('%s at %s' % (error_status.prettyPrint(), - error_index and - var_binds[int(error_index) - 1][0] or '?')) + print(f"{error_status.prettyPrint()} at " + f"{error_index and var_binds[int(error_index) - 1][0] or '?'}") else: # split OID and value into two fields and append to return element table.append([str(var_binds[0][0]), str(var_binds[0][1])]) diff --git a/check_cisco_envtemp.py b/check_cisco_envtemp.py index f1470e9..e96ef88 100755 --- a/check_cisco_envtemp.py +++ b/check_cisco_envtemp.py @@ -61,6 +61,10 @@ def get_args(): type=int, dest='timeout', default=10) parser.add_argument("-u", "--user", required=True, help="SNMPv3 user name", type=str, dest='user') + parser.add_argument("-l", "--seclevel", required=False, + help="SNMPv3 security level", type=str, + dest="v3mode", + choices=["authPriv", "authNoPriv"], default="authPriv") parser.add_argument("-A", "--authkey", required=True, help="SNMPv3 auth key", type=str, dest='authkey') parser.add_argument("-X", "--privkey", required=True, @@ -91,28 +95,42 @@ def get_snmp_table(table_oid, args): # initialize empty list for return object table = [] - iterator = bulkCmd( + if args.v3mode == "authPriv": + iterator = bulkCmd( SnmpEngine(), UsmUserData(args.user, args.authkey, args.privkey, authProtocol=authprot[args.authmode], privProtocol=privprot[args.privmode]), UdpTransportTarget((args.host, args.port), timeout=args.timeout), ContextData(), - 0, 50, + 0, 20, ObjectType(ObjectIdentity(table_oid)), - lexicographicMode=False - ) + lexicographicMode=False, + lookupMib=False + ) + elif args.v3mode == "authNoPriv": + iterator = bulkCmd( + SnmpEngine(), + UsmUserData(args.user, args.authkey, + authProtocol=authprot[args.authmode]), + UdpTransportTarget((args.host, args.port), timeout=args.timeout), + ContextData(), + 0, 20, + ObjectType(ObjectIdentity(table_oid)), + lexicographicMode=False, + lookupMib=False + ) for error_indication, error_status, error_index, var_binds in iterator: if error_indication: exit_plugin("3", ''.join(['SNMP error: ', str(error_indication)]), "") elif error_status: - print('%s at %s' % (error_status.prettyPrint(), - error_index and - var_binds[int(error_index) - 1][0] or '?')) + print(f"{error_status.prettyPrint()} at " + f"{error_index and var_binds[int(error_index) - 1][0] or '?'}") else: # split OID and value into two fields and append to return element - table.append(str(var_binds[0]).split("=")) + table.append([str(var_binds[0][0]), str(var_binds[0][1])]) + # return list with all OIDs/values from snmp table return table diff --git a/check_cisco_memusage.py b/check_cisco_memusage.py index 36477b0..08a5ca3 100755 --- a/check_cisco_memusage.py +++ b/check_cisco_memusage.py @@ -17,7 +17,7 @@ import sys from argparse import ArgumentParser from itertools import chain -from pysnmp.hlapi import nextCmd, SnmpEngine, UsmUserData, \ +from pysnmp.hlapi import bulkCmd, SnmpEngine, UsmUserData, \ UdpTransportTarget, \ ObjectType, ObjectIdentity, \ ContextData, usmHMACMD5AuthProtocol, \ @@ -62,6 +62,10 @@ def get_args(): default=10) parser.add_argument("-u", "--user", required=True, help="SNMPv3 user name", type=str, dest='user') + parser.add_argument("-l", "--seclevel", required=False, + help="SNMPv3 security level", type=str, + dest="v3mode", + choices=["authPriv", "authNoPriv"], default="authPriv") parser.add_argument("-A", "--authkey", required=True, help="SNMPv3 auth key", type=str, dest='authkey') parser.add_argument("-X", "--privkey", required=True, @@ -95,25 +99,38 @@ def get_snmp_table(table_oid, args): # initialize empty list for return object table = [] - iterator = nextCmd( + if args.v3mode == "authPriv": + iterator = bulkCmd( SnmpEngine(), UsmUserData(args.user, args.authkey, args.privkey, authProtocol=authprot[args.authmode], privProtocol=privprot[args.privmode]), UdpTransportTarget((args.host, args.port), timeout=args.timeout), ContextData(), + 0, 20, ObjectType(ObjectIdentity(table_oid)), lexicographicMode=False, lookupMib=False - ) + ) + elif args.v3mode == "authNoPriv": + iterator = bulkCmd( + SnmpEngine(), + UsmUserData(args.user, args.authkey, + authProtocol=authprot[args.authmode]), + UdpTransportTarget((args.host, args.port), timeout=args.timeout), + ContextData(), + 0, 20, + ObjectType(ObjectIdentity(table_oid)), + lexicographicMode=False, + lookupMib=False + ) for error_indication, error_status, error_index, var_binds in iterator: if error_indication: exit_plugin("3", ''.join(['SNMP error: ', str(error_indication)]), "") elif error_status: - print('%s at %s' % (error_status.prettyPrint(), - error_index and - var_binds[int(error_index) - 1][0] or '?')) + print(f"{error_status.prettyPrint()} at " + f"{error_index and var_binds[int(error_index) - 1][0] or '?'}") else: # split OID and value into two fields and append to return element table.append([str(var_binds[0][0]), str(var_binds[0][1])]) diff --git a/check_cisco_stackmodules.py b/check_cisco_stackmodules.py old mode 100644 new mode 100755 index 97aff0a..f953409 --- a/check_cisco_stackmodules.py +++ b/check_cisco_stackmodules.py @@ -16,7 +16,7 @@ import sys from argparse import ArgumentParser -from pysnmp.hlapi import nextCmd, SnmpEngine, UsmUserData, \ +from pysnmp.hlapi import bulkCmd, SnmpEngine, UsmUserData, \ UdpTransportTarget, \ ObjectType, ObjectIdentity, \ ContextData, usmHMACMD5AuthProtocol, \ @@ -79,6 +79,10 @@ def get_args(): type=int, dest='timeout', default=10) parser.add_argument("--user", required=True, help="SNMPv3 user name", type=str, dest='user') + parser.add_argument("-l", "--seclevel", required=False, + help="SNMPv3 security level", type=str, + dest="v3mode", + choices=["authPriv", "authNoPriv"], default="authPriv") parser.add_argument("--authkey", required=True, help="SNMPv3 auth key", type=str, dest='authkey') parser.add_argument("--privkey", required=True, help="SNMPv3 priv key", @@ -102,27 +106,42 @@ def get_snmp_table(table_oid, args): # initialize empty list for return object table = [] - iterator = nextCmd( + if args.v3mode == "authPriv": + iterator = bulkCmd( SnmpEngine(), UsmUserData(args.user, args.authkey, args.privkey, authProtocol=authprot[args.authmode], privProtocol=privprot[args.privmode]), UdpTransportTarget((args.host, args.port), timeout=args.timeout), ContextData(), + 0, 20, ObjectType(ObjectIdentity(table_oid)), - lexicographicMode=False - ) + lexicographicMode=False, + lookupMib=False + ) + elif args.v3mode == "authNoPriv": + iterator = bulkCmd( + SnmpEngine(), + UsmUserData(args.user, args.authkey, + authProtocol=authprot[args.authmode]), + UdpTransportTarget((args.host, args.port), timeout=args.timeout), + ContextData(), + 0, 20, + ObjectType(ObjectIdentity(table_oid)), + lexicographicMode=False, + lookupMib=False + ) for error_indication, error_status, error_index, var_binds in iterator: if error_indication: exit_plugin("3", ''.join(['SNMP error: ', str(error_indication)]), "") elif error_status: - print('%s at %s' % (error_status.prettyPrint(), - error_index and - var_binds[int(error_index) - 1][0] or '?')) + print(f"{error_status.prettyPrint()} at " + f"{error_index and var_binds[int(error_index) - 1][0] or '?'}") else: # split OID and value into two fields and append to return element - table.append(str(var_binds[0]).split("=")) + table.append([str(var_binds[0][0]), str(var_binds[0][1])]) + # return list with all OIDs/values from snmp table return table diff --git a/docs/check_cisco_cpuload.md b/docs/check_cisco_cpuload.md index 91b156f..659ecd0 100755 --- a/docs/check_cisco_cpuload.md +++ b/docs/check_cisco_cpuload.md @@ -5,9 +5,8 @@ ## Usage ``` -./check_cisco_cpuload.py --help -usage: check_cisco_cpuload.py [-h] -H HOST [-p PORT] [-t TIMEOUT] -u USER -A - AUTHKEY -X PRIVKEY +usage: check_cisco_cpuload.py [-h] -H HOST [-p PORT] [-t TIMEOUT] -u USER + [-l {authPriv,authNoPriv}] -A AUTHKEY -X PRIVKEY [-a {MD5,SHA,SHA224,SHA256,SHA384,SHA512}] [-x {DES,3DES,AES,AES192,AES256}] [-w WARN] [-c CRIT] @@ -22,6 +21,8 @@ optional arguments: -t TIMEOUT, --timeout TIMEOUT SNMP timeout -u USER, --user USER SNMPv3 user name + -l {authPriv,authNoPriv}, --seclevel {authPriv,authNoPriv} + SNMPv3 security level -A AUTHKEY, --authkey AUTHKEY SNMPv3 auth key -X PRIVKEY, --privkey PRIVKEY diff --git a/docs/check_cisco_envtemp.md b/docs/check_cisco_envtemp.md index 28c3f4b..0404e9f 100755 --- a/docs/check_cisco_envtemp.md +++ b/docs/check_cisco_envtemp.md @@ -5,9 +5,8 @@ ## Usage ``` -./check_cisco_envtemp.py --help -usage: check_cisco_envtemp.py [-h] -H HOST [-p PORT] [-t TIMEOUT] -u USER -A - AUTHKEY -X PRIVKEY +usage: check_cisco_envtemp.py [-h] -H HOST [-p PORT] [-t TIMEOUT] -u USER + [-l {authPriv,authNoPriv}] -A AUTHKEY -X PRIVKEY [-a {MD5,SHA,SHA224,SHA256,SHA384,SHA512}] [-x {DES,3DES,AES,AES192,AES256}] [--os {ios,nxos}] [--scale SCALE] @@ -22,6 +21,8 @@ optional arguments: -t TIMEOUT, --timeout TIMEOUT SNMP timeout -u USER, --user USER SNMPv3 user name + -l {authPriv,authNoPriv}, --seclevel {authPriv,authNoPriv} + SNMPv3 security level -A AUTHKEY, --authkey AUTHKEY SNMPv3 auth key -X PRIVKEY, --privkey PRIVKEY diff --git a/docs/check_cisco_memusage.md b/docs/check_cisco_memusage.md index bb87c1f..7183e82 100755 --- a/docs/check_cisco_memusage.md +++ b/docs/check_cisco_memusage.md @@ -5,9 +5,9 @@ ## Usage ``` -./check_cisco_memusage.py --help -usage: check_cisco_memusage.py [-h] -H HOST [-p PORT] [-t TIMEOUT] -u USER -A - AUTHKEY -X PRIVKEY +usage: check_cisco_memusage.py [-h] -H HOST [-p PORT] [-t TIMEOUT] -u USER + [-l {authPriv,authNoPriv}] -A AUTHKEY -X + PRIVKEY [-a {MD5,SHA,SHA224,SHA256,SHA384,SHA512}] [-x {DES,3DES,AES,AES192,AES256}] [-w WARN] [-c CRIT] @@ -23,6 +23,8 @@ optional arguments: -t TIMEOUT, --timeout TIMEOUT SNMP timeout -u USER, --user USER SNMPv3 user name + -l {authPriv,authNoPriv}, --seclevel {authPriv,authNoPriv} + SNMPv3 security level -A AUTHKEY, --authkey AUTHKEY SNMPv3 auth key -X PRIVKEY, --privkey PRIVKEY diff --git a/docs/check_cisco_stackmodules.md b/docs/check_cisco_stackmodules.md index ccb25b7..25238d9 100755 --- a/docs/check_cisco_stackmodules.md +++ b/docs/check_cisco_stackmodules.md @@ -5,9 +5,9 @@ ## Usage ``` -./check_cisco_stackmodules.py --help usage: check_cisco_stackmodules.py [-h] --host HOST [--port PORT] - [--timeout TIMEOUT] --user USER --authkey + [--timeout TIMEOUT] --user USER + [-l {authPriv,authNoPriv}] --authkey AUTHKEY --privkey PRIVKEY [--authmode {MD5,SHA,SHA224,SHA256,SHA384,SHA512}] [--privmode {DES,3DES,AES,AES192,AES256}] @@ -20,6 +20,8 @@ optional arguments: --port PORT SNMP port --timeout TIMEOUT SNMP timeout --user USER SNMPv3 user name + -l {authPriv,authNoPriv}, --seclevel {authPriv,authNoPriv} + SNMPv3 security level --authkey AUTHKEY SNMPv3 auth key --privkey PRIVKEY SNMPv3 priv key --authmode {MD5,SHA,SHA224,SHA256,SHA384,SHA512}