From 6f25a30634fee48be929b5dd96252fe364cdedc9 Mon Sep 17 00:00:00 2001 From: Klaus Sperner Date: Fri, 5 Feb 2021 12:55:24 +0100 Subject: [PATCH 1/4] Add multigraph plugin for http response codes and times In contrast to using http_responsecode and http_loadtime with the same configuration, this plugin performs only one request per site and munin run to gather its statistics. --- plugins/http/http_response | 198 +++++++++++++++++++++++++++++++++++++ 1 file changed, 198 insertions(+) create mode 100644 plugins/http/http_response diff --git a/plugins/http/http_response b/plugins/http/http_response new file mode 100644 index 000000000..63a35e209 --- /dev/null +++ b/plugins/http/http_response @@ -0,0 +1,198 @@ +#!/usr/bin/env bash +# vim: expandtab:ts=4:sw=4 + +: << =cut + +=head1 NAME + +http_response - Monitor HTTP response statistics + +=head1 CONFIGURATION + +The following environment variables are used + + sites - Sites to check + - separated by spaces + - can contain basic auth credentials + - defaults to "http://localhost/" + max_time - Timeout for each site check in seconds + - defaults to 5 seconds + short_label - Switch for shortening the label below the graph + - defaults to false + +=head2 CONFIGURATION EXAMPLE + + [http_response] + env.sites http://example.com/ https://user:secret@example2.de + env.max_time 20 + env.short_label true + +=head1 PREREQUISITES + +This plugin needs at least bash version 4 to run + +=head1 NOTES + +This plugin unifies the functionalities of the following plugins into one +multigraph plugin + + http_loadtime - https://gallery.munin-monitoring.org/plugins/munin/http_loadtime/ + http_responsecode - https://gallery.munin-monitoring.org/plugins/munin-contrib/http_responsecode/ + +In contrast to using these two plugins with the same configuration, this plugin +performs only one request per site and munin run to gather its statistics. + +=head1 AUTHOR + +Copyright (C) 2020 Klaus Sperner + +=head1 LICENSE + +This program is free software; you can redistribute it and/or +modify it under the terms of the GNU General Public License +as published by the Free Software Foundation; version 2 dated June, +1991. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with this program; if not, write to the Free Software +Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +=head1 MAGIC MARKERS + + #%# family=manual + +=cut + +. "$MUNIN_LIBDIR/plugins/plugin.sh" + +readonly uri_regex='^(https?://)([^:]*):(.*)@(.*)$' + +strip_credentials_from_url() { + if [[ "$1" =~ $uri_regex ]]; then + echo "${BASH_REMATCH[1]}${BASH_REMATCH[4]}" + else + echo "$1" + fi +} + +extract_username_from_url() { + if [[ "$1" =~ $uri_regex ]]; then + echo "${BASH_REMATCH[2]}" + else + echo "" + fi +} + +extract_password_from_url() { + if [[ "$1" =~ $uri_regex ]]; then + echo "${BASH_REMATCH[3]}" + else + echo "" + fi +} + +compute_label() { + if [[ "${short_label,,}" == "true" || "${short_label,,}" == "yes" ]]; then + if [[ ${#1} -gt 33 ]]; then + echo "${1:0:30}..." + else + echo "$1" + fi + else + echo "$1" + fi +} + +if [[ "${BASH_VERSINFO:-0}" -lt 4 ]]; then + >&2 echo "The plugin http_response needs at least bash version 4" + exit 1 +fi + +sites=${sites:-"http://localhost/"} +max_time=${max_time:-5} +short_label=${short_label:-"false"} + +if [[ "$1" == "config" ]]; then + echo 'multigraph http_response_code' + echo 'graph_args --base 1000 -l 0 -u 511' + echo 'graph_title HTTP Response Codes' + echo 'graph_vlabel Repsonse Code' + echo 'graph_category network' + echo 'graph_info This graph shows HTTP response code statistics' + echo 'graph_printf %3.0lf' + for site in $sites; do + site_without_credentials=$( strip_credentials_from_url "$site" ) + siteid="$( clean_fieldname "$site_without_credentials" )" + echo "$siteid.label $( compute_label "$site_without_credentials" )" + echo "$siteid.info HTTP response code statistics for $site_without_credentials" + echo "$siteid.critical 99:399"; + done + echo 'multigraph http_response_time' + echo 'graph_args --base 1000 -l 0' + echo 'graph_title HTTP Response Times' + echo 'graph_vlabel Response Time in seconds' + echo 'graph_category network' + echo 'graph_info This graph shows HTTP response time statistics' + for site in $sites; do + site_without_credentials=$( strip_credentials_from_url "$site" ) + siteid="$( clean_fieldname "$site_without_credentials" )" + echo "$siteid.label $( compute_label "$site_without_credentials" )" + echo "$siteid.info HTTP response time statistics for $site_without_credentials" + done + exit 0 +fi + +declare -A response_codes +declare -A response_times + +for site in $sites; do + site_without_credentials=$( strip_credentials_from_url "$site" ) + username=$( extract_username_from_url "$site" ) + password=$( extract_password_from_url "$site" ) + + curl_config_file="" + curl_auth_opt=() + if [ -n "$username" ]; then + if [ -z "$password" ]; then + >&2 echo "Invalid configuration: username specified without password" + exit 1 + fi + curl_config_file=$(mktemp) || exit 1 + trap 'rm -f "$curl_config_file"' EXIT + echo "user=${username}:${password}" >> "$curl_config_file" + curl_auth_opt=(--config "$curl_config_file") + fi + + siteid="$( clean_fieldname "$site_without_credentials" )" + statuscode= + loadtime= + start=$(date +%s.%N) + statuscode=$( curl "${curl_auth_opt[@]}" --write-out '%{http_code}' --max-time "$max_time" --silent --output /dev/null "$site_without_credentials" ) + returncode=$? + loadtime=$( echo "$start" "$(date +%s.%N)" | awk '{ print($2 - $1); }' ) + if [[ $returncode -ne 0 ]]; then + loadtime=0 + fi + response_codes+=(["$siteid"]="$statuscode") + response_times+=(["$siteid"]="$loadtime") + + if [ -n "$curl_config_file" ]; then + rm -f "$curl_config_file" + fi +done + +echo 'multigraph http_response_code' +for siteid in "${!response_codes[@]}"; do + echo "${siteid}.value ${response_codes[${siteid}]}" +done + +echo 'multigraph http_response_time' +for siteid in "${!response_times[@]}"; do + echo "${siteid}.value ${response_times[${siteid}]}" +done + From 3fba496092d1b5553e16deee1ab060857cebb7e7 Mon Sep 17 00:00:00 2001 From: Klaus Sperner Date: Fri, 5 Feb 2021 13:23:03 +0100 Subject: [PATCH 2/4] make plugin http_response executable --- plugins/http/http_response | 0 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 plugins/http/http_response diff --git a/plugins/http/http_response b/plugins/http/http_response old mode 100644 new mode 100755 From 64693362352c64a9f73e7c47c15815f4af189bb1 Mon Sep 17 00:00:00 2001 From: Klaus Sperner Date: Fri, 17 Sep 2021 16:43:35 +0200 Subject: [PATCH 3/4] add plugin tcp_reachability --- plugins/network/tcp_reachability | 261 +++++++++++++++++++++++++++++++ 1 file changed, 261 insertions(+) create mode 100755 plugins/network/tcp_reachability diff --git a/plugins/network/tcp_reachability b/plugins/network/tcp_reachability new file mode 100755 index 000000000..f35b1a5cb --- /dev/null +++ b/plugins/network/tcp_reachability @@ -0,0 +1,261 @@ +#!/usr/bin/env bash +# vim: expandtab:ts=4:sw=4 + +: << =cut + +=head1 NAME + +tcp_reachability - Test if a (remote) TCP port is reachable and monitor +connection time statistics + +=head1 CONFIGURATION + +The following environment variables are used: + +=over + +=item * + +targets - The targets to test + +=over + +=item * + +separated by spaces + +=item * + +each target must be in the form C + +=item * + +host can be an IP address or a DNS name + +=item * + +port can be a port number or a service name + +=item * + +defaults to C + +=back + +=item * + +max_time - Timeout for each target check in seconds + +=over + +=item * + +defaults to C<2> + +=back + +=item * + +short_label - Switch for shortening the label below the graph + +=over + +=item * + +defaults to C + +=back + +=back + +This plugin does not need any specific privileges and can be run as a totally +unprivileged user like nobody. + +=head2 CONFIGURATION EXAMPLE + + [tcp_reachability] + env.targets 10.19.23.42/5432 munin-monitoring.org/https + env.max_time 5 + env.short_label true + +=head1 PREREQUISITES + +This plugin needs at least bash version 4 to run. + +Additionally the following basic programs must be present on your system: + +=over + +=item * + +awk + +=item * + +date + +=item * + +echo + +=item * + +timeout + +=back + +=head1 SEE ALSO + +There are a couple of ping plugins in +L. Many +of these require additional software to be installed. The plugin +L +provides timing statistics similar to this plugin. + +=head1 AUTHOR + +Copyright (C) 2021 Klaus Sperner + +=head1 LICENSE + +This program is free software; you can redistribute it and/or +modify it under the terms of the GNU General Public License +as published by the Free Software Foundation; version 2 dated June, +1991. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with this program; if not, write to the Free Software +Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +=head1 MAGIC MARKERS + + #%# family=manual + +=cut + +# shellcheck disable=SC1091 +. "$MUNIN_LIBDIR/plugins/plugin.sh" + +# Basic regex for checking that "host/port" contains allowed characters only. +# We don't check for RFC compliance of IP addresses, DNS names or service names +# here. +readonly host_port_regex='^[a-zA-Z0-9\.:-]+/[a-zA-Z0-9-]+$' + +# If the target is an IP address and therefore starts with a number, the first +# digit is converted to an underscore by clean_fieldname. This causes the +# effect that two targets differing in the first digit only result in the same +# cleaned fieldname. Therefore we prefix every target with the same character +# before calling clean_fieldname, so different IP addresses will always result +# in different fieldnames. The following example shows the problem and its +# solution: +# +# +------------------+------------------+--------------------+ +# | host/port | clean_fieldname | my_clean_fieldname | +# +------------------+------------------+--------------------+ +# | 10.19.23.42/5432 | _0_19_23_42_5432 | x10_19_23_42_5432 | +# | 20.19.23.42/5432 | _0_19_23_42_5432 | x20_19_23_42_5432 | +# +------------------+------------------+--------------------+ +# +my_clean_fieldname() { + clean_fieldname "x$1" +} + +compute_label() { + if [[ "${short_label,,}" == "true" || "${short_label,,}" == "yes" ]]; then + if [[ ${#1} -gt 33 ]]; then + echo "${1:0:30}..." + else + echo "$1" + fi + else + echo "$1" + fi +} + +check_programs_installed() { + for program in "$@"; do + if ! hash "$program" 2>/dev/null; then + >&2 echo "The plugin tcp_reachability needs $program but it is not installed. Aborting." + exit 1 + fi + done +} + +if [[ "${BASH_VERSINFO:-0}" -lt 4 ]]; then + >&2 echo "The plugin tcp_reachability needs at least bash version 4. Aborting." + exit 1 +fi + +check_programs_installed awk date echo timeout + +targets=${targets:-"localhost/22"} +max_time=${max_time:-2} +short_label=${short_label:-"false"} + +for target in $targets; do + if [[ ! "$target" =~ $host_port_regex ]]; then + >&2 echo "Invalid configuration: target $target is not a valid 'host/port' combination" + exit 1 + fi +done + +if [[ "$1" == "config" ]]; then + echo 'multigraph tcp_reachability' + echo 'graph_args --base 1000 --lower-limit -0.25 --upper-limit 1.25 --rigid' + echo 'graph_title TCP Reachability Status' + echo 'graph_vlabel Reachability Status' + echo 'graph_category network' + echo 'graph_info This graph shows TCP reachability statuses' + echo 'graph_printf %1.0lf' + for target in $targets; do + targetId="$( my_clean_fieldname "$target" )" + echo "$targetId.label $( compute_label "$target" )" + echo "$targetId.info TCP reachability status for $target" + echo "$targetId.critical 1:" + done + echo 'multigraph tcp_connection_time' + echo 'graph_args --base 1000 -l 0' + echo 'graph_title TCP Connection Times' + echo 'graph_vlabel Connection Time in seconds' + echo 'graph_category network' + echo 'graph_info This graph shows TCP connection time statistics' + for target in $targets; do + targetId="$( my_clean_fieldname "$target" )" + echo "$targetId.label $( compute_label "$target" )" + echo "$targetId.info TCP connection time statistics for $target" + done + exit 0 +fi + +declare -A reachabilities +declare -A connection_times + +for target in $targets; do + target_id="$( my_clean_fieldname "$target" )" + reachability=1 + start=$(date +%s.%N) + timeout "$max_time" bash -c "(echo > /dev/tcp/${target}) &> /dev/null" + return_code=$? + connection_time=$( echo "$start" "$(date +%s.%N)" | awk '{ print($2 - $1); }' ) + if [[ $return_code -ne 0 ]]; then + reachability=0 + connection_time="U" + fi + reachabilities+=(["$target_id"]="$reachability") + connection_times+=(["$target_id"]="$connection_time") +done + +echo 'multigraph tcp_reachability' +for target_id in "${!reachabilities[@]}"; do + echo "${target_id}.value ${reachabilities[${target_id}]}" +done + +echo 'multigraph tcp_connection_time' +for target_id in "${!connection_times[@]}"; do + echo "${target_id}.value ${connection_times[${target_id}]}" +done From 73fcf8782bfce97771f0c0f85597c41231cee526 Mon Sep 17 00:00:00 2001 From: Klaus Sperner Date: Fri, 17 Sep 2021 17:22:02 +0200 Subject: [PATCH 4/4] improvements for tcp_reachability - update documentation "See Also" - unify error messages - check max_time for validity --- plugins/network/tcp_reachability | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/plugins/network/tcp_reachability b/plugins/network/tcp_reachability index f35b1a5cb..5aba3fe96 100755 --- a/plugins/network/tcp_reachability +++ b/plugins/network/tcp_reachability @@ -108,9 +108,10 @@ timeout There are a couple of ping plugins in L. Many -of these require additional software to be installed. The plugin +of these perform ICMP pings. The plugin L -provides timing statistics similar to this plugin. +tests TCP ports and provides timing statistics similar to this plugin, but it +does not provide a reachability graph and it does not define any alarm limits. =head1 AUTHOR @@ -199,11 +200,16 @@ short_label=${short_label:-"false"} for target in $targets; do if [[ ! "$target" =~ $host_port_regex ]]; then - >&2 echo "Invalid configuration: target $target is not a valid 'host/port' combination" + >&2 echo "Invalid configuration: target $target is not a valid 'host/port' combination. Aborting." exit 1 fi done +if [[ ! "$max_time" =~ ^[0-9]+$ ]]; then + >&2 echo "Invalid configuration: max_time $max_time must contain only digits. Aborting." + exit 1 +fi + if [[ "$1" == "config" ]]; then echo 'multigraph tcp_reachability' echo 'graph_args --base 1000 --lower-limit -0.25 --upper-limit 1.25 --rigid'