Difficiles Nugae Labs

To monitor if a clam-av program on my mailserver is up to date, I set up the following trick.

first: I redirected on a file the freshclam output:

# 6 hours period virus definition update
7 1,7,13,19 * * * /usr/local/bin/freshclam > /var/log/clamav/freshcron.latest 2>&1

In case of out of date version, my file should looks like

# cat /var/log/clamav/freshcron.latest
ClamAV update process started at Wed Feb  9 07:07:01 2011
WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.96.5 Recommended version: 0.97
DON’T PANIC! Read http://www.clamav.net/support/faq
Connecting via …… etc.

otherwise no line starting with the word worning in uppercase or the string recommended is present.
Second step: a script called by SNMP has set on my mailserver by adding the following line to /etc/snmp/snmpd.conf:

exec ClamVrfy /bin/sh /usr/lib/nagios/plugins/clamd_check.sh

the script source is

#!/bin/sh
PROCRUNNING=`ps -C clamd | wc -l`
VERSIONUPD=`grep Recommended /var/log/clamav/freshcron.latest`
echo $PROCRUNNING \”$VERSIONUPD\”

Third step: congiguration of my nagios setup adding

define command {
command_name  check_update_clamd
command_line  /usr/lib/nagios/plugins/check_clam_update $HOSTADDRESS$ $ARG1$ $ARG2$ $ARG3$
}

to command definitions, and

define service{
use                             generic-service

host_name                       mymailserver
service_description             CLAM-AV DEFS UPDATE
is_volatile                     0
check_period                    24×7
max_check_attempts              3
normal_check_interval           5
retry_check_interval            1
contact_groups                  admins
notification_interval           240
notification_period             24×7
notification_options            c,r
check_command                   check_update_clamd!public!2!5
process_perf_data               1
}

to services.
My plugin script is:

# cat /usr/lib/nagios/plugins/check_clam_update
#!/bin/bash

# Input parameters
HOSTNAME=$1
COMMUNITY=$2
MYVALWARN=$3
MYVALCRIT=$4

# Return Values
RET_OK=”0″
RET_WARN=”1″
RET_CRIT=”2″
RET_UNKN=”3″

checkdata () {
VAL=`echo $2 | wc | awk ‘{print $2}’`
if [ $VAL -eq 0 ]; then
echo $1 is not set
exit $RET_UNKN
fi
}

# MAIN
checkdata “HOSTNAME” $HOSTNAME
checkdata “COMMUNITY” $COMMUNITY

STR=`/usr/bin/snmpget -v 2c -c $COMMUNITY $HOSTNAME .1.3.6.1.4.1.2021.8.1.101.3 | sed -e “s/.*STRING: //”`

if [ “$STR” -ge “$MYVALCRIT” ]; then
echo “Clamd Antivirus Definition DB is Out of Date”
exit $RET_CRIT
else
if [ “$STR” -ge “$MYVALWARN” ]; then
echo “Clamd Antivirus Definition DB is Quite Old”
exit $RET_WARN
else
echo “Clamd Antivirus Definition DB is Up to Date”
exit $RET_OK
fi
fi

 

Tags: clamav, nagios

This entry was posted on Tuesday, April 12th, 2011 at 12:04 and is filed under Notes. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.