Plugin Apps-OPNSense-SSH : Différence entre versions

De SLM - MediaWiki
 
(15 révisions intermédiaires par le même utilisateur non affichées)
Ligne 1 : Ligne 1 :
[[Centreon#Plugin_APPS| Retour]]
+
<html><a href="#null" onclick="javascript:history.back();">Précédent</a></html>
  
 
==Pré-requis==
 
==Pré-requis==
 
Le serveur centreon doit pouvoir accéder sans mot de passe en ssh à la machine à superviser  
 
Le serveur centreon doit pouvoir accéder sans mot de passe en ssh à la machine à superviser  
 
*depuis le compte: '''centreon-engine'''  
 
*depuis le compte: '''centreon-engine'''  
*vers le compte: '''remote_centreon'''
+
*vers le compte: '''remote-centreon'''
suivre cet article: [[SSH]] pour Freebsd
 
  
 +
=== Generer une clé SSH ===
 +
Si ça n'est pas dejà fait, nous allons créer une clé pour l'utilisateur centreon-engine
 +
 +
Sur le serveur centreon:
 +
su centreon-engine
 +
ssh-keygen -t rsa -b 2048
 +
 +
Copier le contenue de la clé public
 +
cat /var/lib/centreon-engine/.ssh/id_rsa.pub
 +
 +
===Créer un compte sur OPNSense===
 +
''Système: Accès: Utilisateurs''
 +
 +
Renseigner:
 +
*Nom d'utilisateur: remote-centreon
 +
*Cocher: Générer un mot de passe aléatoire
 +
*Shell de connexion: /bin/sh
 +
*Membre du groupe: admins
 +
*Clés autorisées: coller la clé public créer précedement (Exemple: ssh-rsa AAAAB3NzaC1yc... ...XOQKm/x root)
 +
 +
Sauvegarder
 +
 +
Ajouter l'utilisateur au groupe proxy afin de pouvoir exécuter les commandes pf
 +
pw group mod proxy -m remote-centreon
 +
 +
===Tester la connexion en ssh depuis le serveur Centreon===
 +
su centreon-engine
 +
ssh remote-centreon@10.10.10.1 -p 8022
 +
 +
ECDSA key fingerprint is SHA256:SoX8QCm... ...6CRPJMI.
 +
Are you sure you want to continue connecting (yes/no)? yes
 +
 +
Si il ne demande pas de mot de passe, c'est gagné
 +
 +
==Installation Plugin==
 +
Installation du plugin coté OPNSense
 +
 +
sudo pkg install nagios-plugins
 +
Les plugins précompilés se trouvent maintenant dans le répertoire:
 +
/usr/local/libexec/nagios
 +
 +
Tester avec la commande
 +
/usr/local/libexec/nagios/check_procs
 +
PROCS OK: 69 processes | procs=69;;;0;
 +
 +
Installer les plugins pour PFsense
 +
<nowiki>curl -LO https://github.com/oneoffdallas/pfsense-nagios-checks/archive/master.zip
 +
sudo unzip -j master.zip -d /usr/local/libexec/nagios/
 +
sudo chmod +x /usr/local/libexec/nagios/check_pf_*</nowiki>
 +
 +
Autoriser l'utilisateur remote-centreon à lancer des commandes pf
 +
pw group mod proxy -m remote-centreon
 +
 +
== Les commandes Nagios==
 +
 +
=== Nombre de processus en cours ===
 +
 +
/usr/local/libexec/nagios/check_procs -w 200 -c 400
 +
 +
=== Nombre d'utilisateur connecté ===
 +
/usr/local/libexec/nagios/check_users -w 5 -c 1
 +
 +
 +
=== Ping depuis opnsense ===
 +
/usr/local/libexec/nagios/check_icmp -H 208.67.222.222 -w 80,10% -c 150,40%
 +
 +
=== NTP ===
 +
/usr/local/libexec/nagios/check_ntp_time -H time.google.com
 +
 +
=== DISK ===
 +
root
 +
/usr/local/libexec/nagios/check_disk -w 20% -c 5% -p /
 +
 +
/usr/local/libexec/nagios/check_disk -w 20% -c 5% -p /var/run
 +
 +
=== Load ===
 +
/usr/local/libexec/nagios/check_load -w 3,2.8,2.6 -c 10,7,5 -r
 +
 +
=== SWAP ===
 +
/usr/local/libexec/nagios/check_swap -w 90% -c 40%
 +
 +
== Les commandes PFSense ==
 +
 +
=== CPU ===
 +
/usr/local/libexec/nagios/check_pf_cpu -w 85 -c 95
 +
 +
=== Memoire ===
 +
/usr/local/libexec/nagios/check_pf_mem -w 90 -c 95
 +
 +
=== Service ===
 +
{{Rouge|Attention:}} Ne fonctionne que sur pfsense, pas sur opnsense
 +
 +
/usr/local/libexec/nagios/check_pf_services -name snort
 +
 +
/usr/local/libexec/nagios/check_pf_services -name pinger
 +
 +
/usr/local/libexec/nagios/check_pf_services -name dhcpd
 +
 +
/usr/local/libexec/nagios/check_pf_services -name squid
 +
 +
/usr/local/libexec/nagios/check_pf_services -name pfb_dnsbl
 +
 +
/usr/local/libexec/nagios/check_pf_services -name pfb_filter
 +
 +
=== interface ===
 +
/usr/local/libexec/nagios/check_pf_interface -i igb0 -name WAN
 +
 +
/usr/local/libexec/nagios/check_pf_interface -i igb1 -name LAN
 +
 +
/usr/local/libexec/nagios/check_pf_interface -i igb1_vlan6 -name VOIP
 +
 +
/usr/local/libexec/nagios/check_pf_interface -i ovpns1
 +
 +
=== VPN ===
 +
/usr/local/libexec/nagios/check_pf_ipsec_tunnel -e <IP address or hostname of remote>
 +
 +
/usr/local/libexec/nagios/check_pf_ipsec_tunnel -e <IP address or hostname of remote> -name DallasTX
 +
 +
=== FIREWALL ===
 +
/usr/local/libexec/nagios/check_pf_state_table -w 60 -c 90
 +
 +
=== Version ===
 +
{{Rouge|Attention:}} Ne fonctionne pas que sur pfsense, pas sur opnsense
 +
/usr/local/libexec/nagios/check_pf_version
 +
 +
A voir un jour pour adapter le code
 +
 +
pour info:
 +
 +
Récupérer version disponible
 +
opnsense-update -v
 +
 +
Récupérer version instalé
 +
opnsense-version -v
 +
 +
=== Uptime ===
 +
/usr/local/libexec/nagios/check_pf_uptime
 +
 +
=== Temperature CPU ===
 +
{{Rouge|Attention:}} Ne fonctionne pas avec les APU2
 +
/usr/local/libexec/nagios/check_pf_cpu_temp -w 75 -c 90
  
 
==Plugin==
 
==Plugin==
  
 +
===Le template d’hôte===
 +
Nous regrouperons les services dans un template dhôte nommé OS-Linux-ssh
 +
<syntaxhighlight lang="shell" line>clapi -o HTPL -a add -v "APP-OPNSense-SSH-SLM;APP-OPNSense-SSH-SLM;;;;"
 +
clapi -o HTPL -a addtemplate -v "APP-OPNSense-SSH-SLM;generic-active-host-custom"
 +
clapi -o HTPL -a setmacro -v "APP-OPNSense-SSH-SLM;PORTSSH;22"
 +
clapi -o HTPL -a setmacro -v "APP-OPNSense-SSH-SLM;USERLOGIN;remote-centreon"</syntaxhighlight>
 +
 +
===Cpu===
 +
<syntaxhighlight lang="shell" line>#Création commande
 +
clapi -o CMD -a ADD -v "Check_APP_OPNSense_SSH_Cpu;2;ssh \$HOSTADDRESS\$ -p \$_HOSTPORTSSH\$ -l \$_HOSTUSERLOGIN\$ /usr/local/libexec/nagios/check_pf_cpu -w '\$_SERVICEWARNING\$' -c '\$_SERVICECRITICAL\$'"
 +
clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Cpu;enable_shell;0"
 +
clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Cpu;command_activate;1"
 +
clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Cpu;command_locked;0"
 +
 +
#Création template service
 +
clapi -o STPL -a add -v "Stpl_APP_OPNSense_SSH_Cpu;Cpu;generic-active-service-custom"
 +
clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Cpu;check_command;Check_APP_OPNSense_SSH_Cpu"
 +
clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Cpu;WARNING;'70'"
 +
clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Cpu;CRITICAL;'90'"
 +
clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Cpu;graphtemplate;CPU"
 +
 +
#Ajout de la template service à la template d hôte
 +
clapi -o STPL -a addhost -v "Stpl_APP_OPNSense_SSH_Cpu;APP-OPNSense-SSH-SLM"</syntaxhighlight>
 +
 +
===Connected-Users===
 +
<syntaxhighlight lang="shell" line>#Création commande
 +
clapi -o CMD -a ADD -v "Check_APP_OPNSense_SSH_Connected-Users;2;ssh \$HOSTADDRESS\$ -p \$_HOSTPORTSSH\$ -l \$_HOSTUSERLOGIN\$ /usr/local/libexec/nagios/check_users -w '\$_SERVICEWARNING\$' -c '\$_SERVICECRITICAL\$'"
 +
clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Connected-Users;enable_shell;0"
 +
clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Connected-Users;command_activate;1"
 +
clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Connected-Users;command_locked;0"
 +
 +
#Création template service
 +
clapi -o STPL -a add -v "Stpl_APP_OPNSense_SSH_Connected-Users;Connected-Users;generic-active-service-custom"
 +
clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Connected-Users;check_command;Check_APP_OPNSense_SSH_Connected-Users"
 +
clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Connected-Users;WARNING;5"
 +
clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Connected-Users;CRITICAL;1"
 +
 +
#Ajout de la template service à la template d hôte
 +
clapi -o STPL -a addhost -v "Stpl_APP_OPNSense_SSH_Connected-Users;APP-OPNSense-SSH-SLM"</syntaxhighlight>
 +
 +
===Disk===
 +
<syntaxhighlight lang="shell" line>#Création commande
 +
clapi -o CMD -a ADD -v "Check_APP_OPNSense_SSH_Disk-Name;2;ssh \$HOSTADDRESS\$ -p \$_HOSTPORTSSH\$ -l \$_HOSTUSERLOGIN\$ /usr/local/libexec/nagios/check_disk -w '\$_SERVICEWARNING\$' -c '\$_SERVICECRITICAL\$' -p \$_SERVICEDISKNAME\$"
 +
clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Disk-Name;enable_shell;0"
 +
clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Disk-Name;command_activate;1"
 +
clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Disk-Name;command_locked;0"</syntaxhighlight>
 +
 +
====Disk-root====
 +
<syntaxhighlight lang="shell" line>#Création template service
 +
clapi -o STPL -a add -v "Stpl_APP_OPNSense_SSH_Disk-root;Disk-root;generic-active-service-custom"
 +
clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Disk-root;check_command;Check_APP_OPNSense_SSH_Disk-Name"
 +
clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Disk-root;DISKNAME;/"
 +
clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Disk-root;WARNING;20%"
 +
clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Disk-root;CRITICAL;10%"
 +
clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Disk-root;graphtemplate;Storage"
 +
 +
#Ajout de la template service à la template d hôte
 +
clapi -o STPL -a addhost -v "Stpl_APP_OPNSense_SSH_Disk-root;APP-OPNSense-SSH-SLM"</syntaxhighlight>
 +
 +
====Disk-tmp====
 +
<syntaxhighlight lang="shell" line>#Création template service
 +
clapi -o STPL -a add -v "Stpl_APP_OPNSense_SSH_Disk-tmp;Disk-tmp;generic-active-service-custom"
 +
clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Disk-tmp;check_command;Check_APP_OPNSense_SSH_Disk-Name"
 +
clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Disk-tmp;DISKNAME;/tmp"
 +
clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Disk-tmp;WARNING;20%"
 +
clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Disk-tmp;CRITICAL;10%"
 +
clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Disk-tmp;graphtemplate;Storage"
 +
 +
#Ajout de la template service à la template d hôte
 +
clapi -o STPL -a addhost -v "Stpl_APP_OPNSense_SSH_Disk-tmp;APP-OPNSense-SSH-SLM"</syntaxhighlight>
 +
 +
====Disk-var====
 +
<syntaxhighlight lang="shell" line>#Création template service
 +
clapi -o STPL -a add -v "Stpl_APP_OPNSense_SSH_Disk-var;Disk-var;generic-active-service-custom"
 +
clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Disk-var;check_command;Check_APP_OPNSense_SSH_Disk-Name"
 +
clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Disk-var;DISKNAME;/var"
 +
clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Disk-var;WARNING;20%"
 +
clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Disk-var;CRITICAL;10%"
 +
clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Disk-var;graphtemplate;Storage"
 +
 +
#Ajout de la template service à la template d hôte
 +
clapi -o STPL -a addhost -v "Stpl_APP_OPNSense_SSH_Disk-var;APP-OPNSense-SSH-SLM"</syntaxhighlight>
 +
 +
===Firewall===
 +
<syntaxhighlight lang="shell" line>#Création commande
 +
clapi -o CMD -a ADD -v "Check_APP_OPNSense_SSH_Firewall;2;ssh \$HOSTADDRESS\$ -p \$_HOSTPORTSSH\$ -l \$_HOSTUSERLOGIN\$ /usr/local/libexec/nagios/check_pf_state_table -w '\$_SERVICEWARNING\$' -c '\$_SERVICECRITICAL\$'"
 +
clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Firewall;enable_shell;0"
 +
clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Firewall;command_activate;1"
 +
clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Firewall;command_locked;0"
 +
 +
#Création template service
 +
clapi -o STPL -a add -v "Stpl_APP_OPNSense_SSH_Firewall;Firewall;generic-active-service-custom"
 +
clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Firewall;check_command;Check_APP_OPNSense_SSH_Firewall"
 +
clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Firewall;WARNING;60"
 +
clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Firewall;CRITICAL;90"
 +
 +
#Ajout de la template service à la template d hôte
 +
clapi -o STPL -a addhost -v "Stpl_APP_OPNSense_SSH_Firewall;APP-OPNSense-SSH-SLM"</syntaxhighlight>
 +
 +
===Interface===
 +
<syntaxhighlight lang="shell" line>#Création commande
 +
clapi -o CMD -a ADD -v "Check_APP_OPNSense_SSH_Interface-Name;2;ssh \$HOSTADDRESS\$ -p \$_HOSTPORTSSH\$ -l \$_HOSTUSERLOGIN\$ /usr/local/libexec/nagios/check_pf_interface -i \$_SERVICEINTERFACE\$ -name \$_SERVICEINTERFACENAME\$"
 +
clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Interface-Name;enable_shell;0"
 +
clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Interface-Name;command_activate;1"
 +
clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Interface-Name;command_locked;0"</syntaxhighlight>
 +
 +
====WAN====
 +
<syntaxhighlight lang="shell" line>#Création commande#Création template service
 +
clapi -o STPL -a add -v "Stpl_APP_OPNSense_SSH_Interface-WAN;Interface;generic-active-service-custom"
 +
clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Interface-WAN;check_command;Check_APP_OPNSense_SSH_Interface-Name"
 +
clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Interface-WAN;INTERFACENAME;WAN"
 +
clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Interface-WAN;INTERFACE;igb0"
 +
 +
#Ajout de la template service à la template d hôte
 +
clapi -o STPL -a addhost -v "Stpl_APP_OPNSense_SSH_Interface-WAN;APP-OPNSense-SSH-SLM"</syntaxhighlight>
 +
 +
====LAN====
 +
<syntaxhighlight lang="shell" line>#Création commande#Création template service
 +
clapi -o STPL -a add -v "Stpl_APP_OPNSense_SSH_Interface-LAN;Interface;generic-active-service-custom"
 +
clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Interface-LAN;check_command;Check_APP_OPNSense_SSH_Interface-Name"
 +
clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Interface-LAN;INTERFACENAME;LAN"
 +
clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Interface-LAN;INTERFACE;igb1"
 +
 +
#Ajout de la template service à la template d hôte
 +
clapi -o STPL -a addhost -v "Stpl_APP_OPNSense_SSH_Interface-LAN;APP-OPNSense-SSH-SLM"</syntaxhighlight>
 +
 +
===Load===
 +
<syntaxhighlight lang="shell" line>#Création commande
 +
clapi -o CMD -a ADD -v "Check_APP_OPNSense_SSH_Load;2;ssh \$HOSTADDRESS\$ -p \$_HOSTPORTSSH\$ -l \$_HOSTUSERLOGIN\$ /usr/local/libexec/nagios/check_load -w '\$_SERVICEWARNING\$' -c '\$_SERVICECRITICAL\$' -r"
 +
clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Load;enable_shell;0"
 +
clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Load;command_activate;1"
 +
clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Load;command_locked;0"
 +
 +
#Création template service
 +
clapi -o STPL -a add -v "Stpl_APP_OPNSense_SSH_Load;Load;generic-active-service-custom"
 +
clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Load;check_command;Check_APP_OPNSense_SSH_Load"
 +
clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Load;WARNING;'4,3,2'"
 +
clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Load;CRITICAL;'6,5,4'"
 +
clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Load;graphtemplate;LOAD_Average"
 +
 +
#Ajout de la template service à la template d hôte
 +
clapi -o STPL -a addhost -v "Stpl_APP_OPNSense_SSH_Load;APP-OPNSense-SSH-SLM"</syntaxhighlight>
 +
 +
===Memory===
 +
<syntaxhighlight lang="shell" line>#Création commande
 +
clapi -o CMD -a ADD -v "Check_APP_OPNSense_SSH_Memory;2;ssh \$HOSTADDRESS\$ -p \$_HOSTPORTSSH\$ -l \$_HOSTUSERLOGIN\$ /usr/local/libexec/nagios/check_pf_mem -w '\$_SERVICEWARNING\$' -c '\$_SERVICECRITICAL\$'"
 +
clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Memory;enable_shell;0"
 +
clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Memory;command_activate;1"
 +
clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Memory;command_locked;0"
 +
 +
#Création template service
 +
clapi -o STPL -a add -v "Stpl_APP_OPNSense_SSH_Memory;Memory;generic-active-service-custom"
 +
clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Memory;check_command;Check_APP_OPNSense_SSH_Memory"
 +
clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Memory;WARNING;70"
 +
clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Memory;CRITICAL;90"
 +
clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Memory;graphtemplate;Memory"
 +
 +
#Ajout de la template service à la template d hôte
 +
clapi -o STPL -a addhost -v "Stpl_APP_OPNSense_SSH_Memory;APP-OPNSense-SSH-SLM"</syntaxhighlight>
 +
 +
===Ntp===
 +
<syntaxhighlight lang="shell" line>#Création commande
 +
clapi -o CMD -a ADD -v "Check_APP_OPNSense_SSH_Ntp;2;ssh \$HOSTADDRESS\$ -p \$_HOSTPORTSSH\$ -l \$_HOSTUSERLOGIN\$ /usr/local/libexec/nagios/check_ntp_time -H \$_SERVICEHOST\$"
 +
clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Ntp;enable_shell;0"
 +
clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Ntp;command_activate;1"
 +
clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Ntp;command_locked;0"
 +
 +
#Création template service
 +
clapi -o STPL -a add -v "Stpl_APP_OPNSense_SSH_Ntp;Ntp;generic-active-service-custom"
 +
clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Ntp;check_command;Check_APP_OPNSense_SSH_Ntp"
 +
clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Ntp;HOST;time.google.com"
 +
 +
#Ajout de la template service à la template d hôte
 +
clapi -o STPL -a addhost -v "Stpl_APP_OPNSense_SSH_Ntp;APP-OPNSense-SSH-SLM"</syntaxhighlight>
 +
 +
===Ping-From-Host===
 +
<syntaxhighlight lang="shell" line>#Création commande
 +
clapi -o CMD -a ADD -v "Check_APP_OPNSense_SSH_Ping-From-Host;2;ssh \$HOSTADDRESS\$ -p \$_HOSTPORTSSH\$ -l \$_HOSTUSERLOGIN\$ /usr/local/libexec/nagios/check_icmp -H \$_SERVICEHOST\$ -w '\$_SERVICEWARNING\$' -c '\$_SERVICECRITICAL\$'"
 +
clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Ping-From-Host;enable_shell;0"
 +
clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Ping-From-Host;command_activate;1"
 +
clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Ping-From-Host;command_locked;0"
 +
 +
#Création template service
 +
clapi -o STPL -a add -v "Stpl_APP_OPNSense_SSH_Ping-From-Host;Ping-From-Host;generic-active-service-custom"
 +
clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Ping-From-Host;check_command;Check_APP_OPNSense_SSH_Ping-From-Host"
 +
clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Ping-From-Host;HOST;208.67.222.222"
 +
clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Ping-From-Host;WARNING;80,10%"
 +
clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Ping-From-Host;CRITICAL;150,40%"
 +
 +
#Ajout de la template service à la template d hôte
 +
clapi -o STPL -a addhost -v "Stpl_APP_OPNSense_SSH_Ping-From-Host;APP-OPNSense-SSH-SLM"</syntaxhighlight>
 +
 +
===Process===
 +
====Process-Generic====
 +
<syntaxhighlight lang="shell" line>#Création commande
 +
clapi -o CMD -a ADD -v "Check_APP_OPNSense_SSH_Process-Generic;2;ssh \$HOSTADDRESS\$ -p \$_HOSTPORTSSH\$ -l \$_HOSTUSERLOGIN\$ /usr/local/libexec/nagios/check_procs -w '\$_SERVICEWARNING\$' -c '\$_SERVICECRITICAL\$'"
 +
clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Process-Generic;enable_shell;0"
 +
clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Process-Generic;command_activate;1"
 +
clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Process-Generic;command_locked;0"
 +
 +
#Création template service
 +
clapi -o STPL -a add -v "Stpl_APP_OPNSense_SSH_Process-Generic;Process-Generic;generic-active-service-custom"
 +
clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Process-Generic;check_command;Check_APP_OPNSense_SSH_Process-Generic"
 +
clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Process-Generic;WARNING;200"
 +
clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Process-Generic;CRITICAL;400"
 +
 +
#Ajout de la template service à la template d hôte
 +
clapi -o STPL -a addhost -v "Stpl_APP_OPNSense_SSH_Process-Generic;APP-OPNSense-SSH-SLM"</syntaxhighlight>
 +
 +
===Uptime===
 +
<syntaxhighlight lang="shell" line>#Création commande
 +
clapi -o CMD -a ADD -v "Check_APP_OPNSense_SSH_Uptime;2;ssh \$HOSTADDRESS\$ -p \$_HOSTPORTSSH\$ -l \$_HOSTUSERLOGIN\$ /usr/local/libexec/nagios/check_pf_uptime"
 +
clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Uptime;enable_shell;0"
 +
clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Uptime;command_activate;1"
 +
clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Uptime;command_locked;0"
 +
 +
#Création template service
 +
clapi -o STPL -a add -v "Stpl_APP_OPNSense_SSH_Uptime;Uptime;generic-active-service-custom"
 +
clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Uptime;check_command;Check_APP_OPNSense_SSH_Uptime"
 +
 +
#Ajout de la template service à la template d hôte
 +
clapi -o STPL -a addhost -v "Stpl_APP_OPNSense_SSH_Uptime;APP-OPNSense-SSH-SLM"</syntaxhighlight>
 +
 +
===VPN-IPSEC===
 +
<syntaxhighlight lang="shell" line>#Création commande
 +
clapi -o CMD -a ADD -v "Check_APP_OPNSense_SSH_VPN-IPSEC;2;ssh \$HOSTADDRESS\$ -p \$_HOSTPORTSSH\$ -l \$_HOSTUSERLOGIN\$ /usr/local/libexec/nagios/check_pf_ipsec_tunnel -e \$_SERVICEREMOTE\$ -name \$_SERVICENAME\$"
 +
clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_VPN-IPSEC;enable_shell;0"
 +
clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_VPN-IPSEC;command_activate;1"
 +
clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_VPN-IPSEC;command_locked;0"
 +
 +
#Création template service
 +
clapi -o STPL -a add -v "Stpl_APP_OPNSense_SSH_VPN-IPSEC;VPN-IPSEC;generic-active-service-custom"
 +
clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_VPN-IPSEC;check_command;Check_APP_OPNSense_SSH_VPN-IPSEC"
 +
clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_VPN-IPSEC;REMOTE;(ex: 1.1.1.1 ou host.fr)"
 +
clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_VPN-IPSEC;NAME;"
  
==Le template d’hôte==
+
#Ajout de la template service à la template d hôte
 +
clapi -o STPL -a addhost -v "Stpl_APP_OPNSense_SSH_VPN-IPSEC;APP-OPNSense-SSH-SLM"</syntaxhighlight>

Version actuelle datée du 9 janvier 2021 à 14:37

Précédent

Pré-requis

Le serveur centreon doit pouvoir accéder sans mot de passe en ssh à la machine à superviser

  • depuis le compte: centreon-engine
  • vers le compte: remote-centreon

Generer une clé SSH

Si ça n'est pas dejà fait, nous allons créer une clé pour l'utilisateur centreon-engine

Sur le serveur centreon:

su centreon-engine
ssh-keygen -t rsa -b 2048

Copier le contenue de la clé public

cat /var/lib/centreon-engine/.ssh/id_rsa.pub

Créer un compte sur OPNSense

Système: Accès: Utilisateurs

Renseigner:

  • Nom d'utilisateur: remote-centreon
  • Cocher: Générer un mot de passe aléatoire
  • Shell de connexion: /bin/sh
  • Membre du groupe: admins
  • Clés autorisées: coller la clé public créer précedement (Exemple: ssh-rsa AAAAB3NzaC1yc... ...XOQKm/x root)

Sauvegarder

Ajouter l'utilisateur au groupe proxy afin de pouvoir exécuter les commandes pf

pw group mod proxy -m remote-centreon

Tester la connexion en ssh depuis le serveur Centreon

su centreon-engine
ssh remote-centreon@10.10.10.1 -p 8022
ECDSA key fingerprint is SHA256:SoX8QCm... ...6CRPJMI.
Are you sure you want to continue connecting (yes/no)? yes

Si il ne demande pas de mot de passe, c'est gagné

Installation Plugin

Installation du plugin coté OPNSense

sudo pkg install nagios-plugins

Les plugins précompilés se trouvent maintenant dans le répertoire:

/usr/local/libexec/nagios

Tester avec la commande

/usr/local/libexec/nagios/check_procs
PROCS OK: 69 processes | procs=69;;;0;

Installer les plugins pour PFsense

curl -LO https://github.com/oneoffdallas/pfsense-nagios-checks/archive/master.zip
sudo unzip -j master.zip -d /usr/local/libexec/nagios/
sudo chmod +x /usr/local/libexec/nagios/check_pf_*

Autoriser l'utilisateur remote-centreon à lancer des commandes pf

pw group mod proxy -m remote-centreon

Les commandes Nagios

Nombre de processus en cours

/usr/local/libexec/nagios/check_procs -w 200 -c 400

Nombre d'utilisateur connecté

/usr/local/libexec/nagios/check_users -w 5 -c 1


Ping depuis opnsense

/usr/local/libexec/nagios/check_icmp -H 208.67.222.222 -w 80,10% -c 150,40%

NTP

/usr/local/libexec/nagios/check_ntp_time -H time.google.com

DISK

root

/usr/local/libexec/nagios/check_disk -w 20% -c 5% -p /
/usr/local/libexec/nagios/check_disk -w 20% -c 5% -p /var/run

Load

/usr/local/libexec/nagios/check_load -w 3,2.8,2.6 -c 10,7,5 -r

SWAP

/usr/local/libexec/nagios/check_swap -w 90% -c 40%

Les commandes PFSense

CPU

/usr/local/libexec/nagios/check_pf_cpu -w 85 -c 95

Memoire

/usr/local/libexec/nagios/check_pf_mem -w 90 -c 95

Service

Attention: Ne fonctionne que sur pfsense, pas sur opnsense

/usr/local/libexec/nagios/check_pf_services -name snort
/usr/local/libexec/nagios/check_pf_services -name pinger
/usr/local/libexec/nagios/check_pf_services -name dhcpd
/usr/local/libexec/nagios/check_pf_services -name squid
/usr/local/libexec/nagios/check_pf_services -name pfb_dnsbl 
/usr/local/libexec/nagios/check_pf_services -name pfb_filter

interface

/usr/local/libexec/nagios/check_pf_interface -i igb0 -name WAN
/usr/local/libexec/nagios/check_pf_interface -i igb1 -name LAN
/usr/local/libexec/nagios/check_pf_interface -i igb1_vlan6 -name VOIP
/usr/local/libexec/nagios/check_pf_interface -i ovpns1

VPN

/usr/local/libexec/nagios/check_pf_ipsec_tunnel -e <IP address or hostname of remote>
/usr/local/libexec/nagios/check_pf_ipsec_tunnel -e <IP address or hostname of remote> -name DallasTX

FIREWALL

/usr/local/libexec/nagios/check_pf_state_table -w 60 -c 90

Version

Attention: Ne fonctionne pas que sur pfsense, pas sur opnsense

/usr/local/libexec/nagios/check_pf_version

A voir un jour pour adapter le code

pour info:

Récupérer version disponible

opnsense-update -v

Récupérer version instalé

opnsense-version -v

Uptime

/usr/local/libexec/nagios/check_pf_uptime

Temperature CPU

Attention: Ne fonctionne pas avec les APU2

/usr/local/libexec/nagios/check_pf_cpu_temp -w 75 -c 90

Plugin

Le template d’hôte

Nous regrouperons les services dans un template dhôte nommé OS-Linux-ssh

1 clapi -o HTPL -a add -v "APP-OPNSense-SSH-SLM;APP-OPNSense-SSH-SLM;;;;"
2 clapi -o HTPL -a addtemplate -v "APP-OPNSense-SSH-SLM;generic-active-host-custom"
3 clapi -o HTPL -a setmacro -v "APP-OPNSense-SSH-SLM;PORTSSH;22"
4 clapi -o HTPL -a setmacro -v "APP-OPNSense-SSH-SLM;USERLOGIN;remote-centreon"

Cpu

 1 #Création commande
 2 clapi -o CMD -a ADD -v "Check_APP_OPNSense_SSH_Cpu;2;ssh \$HOSTADDRESS\$ -p \$_HOSTPORTSSH\$ -l \$_HOSTUSERLOGIN\$ /usr/local/libexec/nagios/check_pf_cpu -w '\$_SERVICEWARNING\$' -c '\$_SERVICECRITICAL\$'"
 3 clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Cpu;enable_shell;0"
 4 clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Cpu;command_activate;1"
 5 clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Cpu;command_locked;0"
 6 
 7 #Création template service
 8 clapi -o STPL -a add -v "Stpl_APP_OPNSense_SSH_Cpu;Cpu;generic-active-service-custom"
 9 clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Cpu;check_command;Check_APP_OPNSense_SSH_Cpu"
10 clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Cpu;WARNING;'70'"
11 clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Cpu;CRITICAL;'90'"
12 clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Cpu;graphtemplate;CPU"
13 
14 #Ajout de la template service à la template d hôte
15 clapi -o STPL -a addhost -v "Stpl_APP_OPNSense_SSH_Cpu;APP-OPNSense-SSH-SLM"

Connected-Users

 1 #Création commande
 2 clapi -o CMD -a ADD -v "Check_APP_OPNSense_SSH_Connected-Users;2;ssh \$HOSTADDRESS\$ -p \$_HOSTPORTSSH\$ -l \$_HOSTUSERLOGIN\$ /usr/local/libexec/nagios/check_users -w '\$_SERVICEWARNING\$' -c '\$_SERVICECRITICAL\$'"
 3 clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Connected-Users;enable_shell;0"
 4 clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Connected-Users;command_activate;1"
 5 clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Connected-Users;command_locked;0"
 6 
 7 #Création template service
 8 clapi -o STPL -a add -v "Stpl_APP_OPNSense_SSH_Connected-Users;Connected-Users;generic-active-service-custom"
 9 clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Connected-Users;check_command;Check_APP_OPNSense_SSH_Connected-Users"
10 clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Connected-Users;WARNING;5"
11 clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Connected-Users;CRITICAL;1"
12 
13 #Ajout de la template service à la template d hôte
14 clapi -o STPL -a addhost -v "Stpl_APP_OPNSense_SSH_Connected-Users;APP-OPNSense-SSH-SLM"

Disk

1 #Création commande
2 clapi -o CMD -a ADD -v "Check_APP_OPNSense_SSH_Disk-Name;2;ssh \$HOSTADDRESS\$ -p \$_HOSTPORTSSH\$ -l \$_HOSTUSERLOGIN\$ /usr/local/libexec/nagios/check_disk -w '\$_SERVICEWARNING\$' -c '\$_SERVICECRITICAL\$' -p \$_SERVICEDISKNAME\$"
3 clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Disk-Name;enable_shell;0"
4 clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Disk-Name;command_activate;1"
5 clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Disk-Name;command_locked;0"

Disk-root

 1 #Création template service
 2 clapi -o STPL -a add -v "Stpl_APP_OPNSense_SSH_Disk-root;Disk-root;generic-active-service-custom"
 3 clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Disk-root;check_command;Check_APP_OPNSense_SSH_Disk-Name"
 4 clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Disk-root;DISKNAME;/"
 5 clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Disk-root;WARNING;20%"
 6 clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Disk-root;CRITICAL;10%"
 7 clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Disk-root;graphtemplate;Storage"
 8 
 9 #Ajout de la template service à la template d hôte
10 clapi -o STPL -a addhost -v "Stpl_APP_OPNSense_SSH_Disk-root;APP-OPNSense-SSH-SLM"

Disk-tmp

 1 #Création template service
 2 clapi -o STPL -a add -v "Stpl_APP_OPNSense_SSH_Disk-tmp;Disk-tmp;generic-active-service-custom"
 3 clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Disk-tmp;check_command;Check_APP_OPNSense_SSH_Disk-Name"
 4 clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Disk-tmp;DISKNAME;/tmp"
 5 clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Disk-tmp;WARNING;20%"
 6 clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Disk-tmp;CRITICAL;10%"
 7 clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Disk-tmp;graphtemplate;Storage"
 8 
 9 #Ajout de la template service à la template d hôte
10 clapi -o STPL -a addhost -v "Stpl_APP_OPNSense_SSH_Disk-tmp;APP-OPNSense-SSH-SLM"

Disk-var

 1 #Création template service
 2 clapi -o STPL -a add -v "Stpl_APP_OPNSense_SSH_Disk-var;Disk-var;generic-active-service-custom"
 3 clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Disk-var;check_command;Check_APP_OPNSense_SSH_Disk-Name"
 4 clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Disk-var;DISKNAME;/var"
 5 clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Disk-var;WARNING;20%"
 6 clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Disk-var;CRITICAL;10%"
 7 clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Disk-var;graphtemplate;Storage"
 8 
 9 #Ajout de la template service à la template d hôte
10 clapi -o STPL -a addhost -v "Stpl_APP_OPNSense_SSH_Disk-var;APP-OPNSense-SSH-SLM"

Firewall

 1 #Création commande
 2 clapi -o CMD -a ADD -v "Check_APP_OPNSense_SSH_Firewall;2;ssh \$HOSTADDRESS\$ -p \$_HOSTPORTSSH\$ -l \$_HOSTUSERLOGIN\$ /usr/local/libexec/nagios/check_pf_state_table -w '\$_SERVICEWARNING\$' -c '\$_SERVICECRITICAL\$'"
 3 clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Firewall;enable_shell;0"
 4 clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Firewall;command_activate;1"
 5 clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Firewall;command_locked;0"
 6 
 7 #Création template service
 8 clapi -o STPL -a add -v "Stpl_APP_OPNSense_SSH_Firewall;Firewall;generic-active-service-custom"
 9 clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Firewall;check_command;Check_APP_OPNSense_SSH_Firewall"
10 clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Firewall;WARNING;60"
11 clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Firewall;CRITICAL;90"
12 
13 #Ajout de la template service à la template d hôte
14 clapi -o STPL -a addhost -v "Stpl_APP_OPNSense_SSH_Firewall;APP-OPNSense-SSH-SLM"

Interface

1 #Création commande
2 clapi -o CMD -a ADD -v "Check_APP_OPNSense_SSH_Interface-Name;2;ssh \$HOSTADDRESS\$ -p \$_HOSTPORTSSH\$ -l \$_HOSTUSERLOGIN\$ /usr/local/libexec/nagios/check_pf_interface -i \$_SERVICEINTERFACE\$ -name \$_SERVICEINTERFACENAME\$"
3 clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Interface-Name;enable_shell;0"
4 clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Interface-Name;command_activate;1"
5 clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Interface-Name;command_locked;0"

WAN

1 #Création commande#Création template service
2 clapi -o STPL -a add -v "Stpl_APP_OPNSense_SSH_Interface-WAN;Interface;generic-active-service-custom"
3 clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Interface-WAN;check_command;Check_APP_OPNSense_SSH_Interface-Name"
4 clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Interface-WAN;INTERFACENAME;WAN"
5 clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Interface-WAN;INTERFACE;igb0"
6 
7 #Ajout de la template service à la template d hôte
8 clapi -o STPL -a addhost -v "Stpl_APP_OPNSense_SSH_Interface-WAN;APP-OPNSense-SSH-SLM"

LAN

1 #Création commande#Création template service
2 clapi -o STPL -a add -v "Stpl_APP_OPNSense_SSH_Interface-LAN;Interface;generic-active-service-custom"
3 clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Interface-LAN;check_command;Check_APP_OPNSense_SSH_Interface-Name"
4 clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Interface-LAN;INTERFACENAME;LAN"
5 clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Interface-LAN;INTERFACE;igb1"
6 
7 #Ajout de la template service à la template d hôte
8 clapi -o STPL -a addhost -v "Stpl_APP_OPNSense_SSH_Interface-LAN;APP-OPNSense-SSH-SLM"

Load

 1 #Création commande
 2 clapi -o CMD -a ADD -v "Check_APP_OPNSense_SSH_Load;2;ssh \$HOSTADDRESS\$ -p \$_HOSTPORTSSH\$ -l \$_HOSTUSERLOGIN\$ /usr/local/libexec/nagios/check_load -w '\$_SERVICEWARNING\$' -c '\$_SERVICECRITICAL\$' -r"
 3 clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Load;enable_shell;0"
 4 clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Load;command_activate;1"
 5 clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Load;command_locked;0"
 6 
 7 #Création template service
 8 clapi -o STPL -a add -v "Stpl_APP_OPNSense_SSH_Load;Load;generic-active-service-custom"
 9 clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Load;check_command;Check_APP_OPNSense_SSH_Load"
10 clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Load;WARNING;'4,3,2'"
11 clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Load;CRITICAL;'6,5,4'"
12 clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Load;graphtemplate;LOAD_Average"
13 
14 #Ajout de la template service à la template d hôte
15 clapi -o STPL -a addhost -v "Stpl_APP_OPNSense_SSH_Load;APP-OPNSense-SSH-SLM"

Memory

 1 #Création commande
 2 clapi -o CMD -a ADD -v "Check_APP_OPNSense_SSH_Memory;2;ssh \$HOSTADDRESS\$ -p \$_HOSTPORTSSH\$ -l \$_HOSTUSERLOGIN\$ /usr/local/libexec/nagios/check_pf_mem -w '\$_SERVICEWARNING\$' -c '\$_SERVICECRITICAL\$'"
 3 clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Memory;enable_shell;0"
 4 clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Memory;command_activate;1"
 5 clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Memory;command_locked;0"
 6 
 7 #Création template service
 8 clapi -o STPL -a add -v "Stpl_APP_OPNSense_SSH_Memory;Memory;generic-active-service-custom"
 9 clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Memory;check_command;Check_APP_OPNSense_SSH_Memory"
10 clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Memory;WARNING;70"
11 clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Memory;CRITICAL;90"
12  clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Memory;graphtemplate;Memory"
13  
14 #Ajout de la template service à la template d hôte
15 clapi -o STPL -a addhost -v "Stpl_APP_OPNSense_SSH_Memory;APP-OPNSense-SSH-SLM"

Ntp

 1 #Création commande
 2 clapi -o CMD -a ADD -v "Check_APP_OPNSense_SSH_Ntp;2;ssh \$HOSTADDRESS\$ -p \$_HOSTPORTSSH\$ -l \$_HOSTUSERLOGIN\$ /usr/local/libexec/nagios/check_ntp_time -H \$_SERVICEHOST\$"
 3 clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Ntp;enable_shell;0"
 4 clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Ntp;command_activate;1"
 5 clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Ntp;command_locked;0"
 6 
 7 #Création template service
 8 clapi -o STPL -a add -v "Stpl_APP_OPNSense_SSH_Ntp;Ntp;generic-active-service-custom"
 9 clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Ntp;check_command;Check_APP_OPNSense_SSH_Ntp"
10 clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Ntp;HOST;time.google.com"
11 
12 #Ajout de la template service à la template d hôte
13 clapi -o STPL -a addhost -v "Stpl_APP_OPNSense_SSH_Ntp;APP-OPNSense-SSH-SLM"

Ping-From-Host

 1 #Création commande
 2 clapi -o CMD -a ADD -v "Check_APP_OPNSense_SSH_Ping-From-Host;2;ssh \$HOSTADDRESS\$ -p \$_HOSTPORTSSH\$ -l \$_HOSTUSERLOGIN\$ /usr/local/libexec/nagios/check_icmp -H \$_SERVICEHOST\$ -w '\$_SERVICEWARNING\$' -c '\$_SERVICECRITICAL\$'"
 3 clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Ping-From-Host;enable_shell;0"
 4 clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Ping-From-Host;command_activate;1"
 5 clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Ping-From-Host;command_locked;0"
 6 
 7 #Création template service
 8 clapi -o STPL -a add -v "Stpl_APP_OPNSense_SSH_Ping-From-Host;Ping-From-Host;generic-active-service-custom"
 9 clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Ping-From-Host;check_command;Check_APP_OPNSense_SSH_Ping-From-Host"
10 clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Ping-From-Host;HOST;208.67.222.222"
11 clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Ping-From-Host;WARNING;80,10%"
12 clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Ping-From-Host;CRITICAL;150,40%"
13 
14 #Ajout de la template service à la template d hôte
15 clapi -o STPL -a addhost -v "Stpl_APP_OPNSense_SSH_Ping-From-Host;APP-OPNSense-SSH-SLM"

Process

Process-Generic

 1 #Création commande
 2 clapi -o CMD -a ADD -v "Check_APP_OPNSense_SSH_Process-Generic;2;ssh \$HOSTADDRESS\$ -p \$_HOSTPORTSSH\$ -l \$_HOSTUSERLOGIN\$ /usr/local/libexec/nagios/check_procs -w '\$_SERVICEWARNING\$' -c '\$_SERVICECRITICAL\$'"
 3 clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Process-Generic;enable_shell;0"
 4 clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Process-Generic;command_activate;1"
 5 clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Process-Generic;command_locked;0"
 6 
 7 #Création template service
 8 clapi -o STPL -a add -v "Stpl_APP_OPNSense_SSH_Process-Generic;Process-Generic;generic-active-service-custom"
 9 clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Process-Generic;check_command;Check_APP_OPNSense_SSH_Process-Generic"
10 clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Process-Generic;WARNING;200"
11 clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_Process-Generic;CRITICAL;400"
12 
13 #Ajout de la template service à la template d hôte
14 clapi -o STPL -a addhost -v "Stpl_APP_OPNSense_SSH_Process-Generic;APP-OPNSense-SSH-SLM"

Uptime

 1 #Création commande
 2 clapi -o CMD -a ADD -v "Check_APP_OPNSense_SSH_Uptime;2;ssh \$HOSTADDRESS\$ -p \$_HOSTPORTSSH\$ -l \$_HOSTUSERLOGIN\$ /usr/local/libexec/nagios/check_pf_uptime"
 3 clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Uptime;enable_shell;0"
 4 clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Uptime;command_activate;1"
 5 clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_Uptime;command_locked;0"
 6 
 7 #Création template service
 8 clapi -o STPL -a add -v "Stpl_APP_OPNSense_SSH_Uptime;Uptime;generic-active-service-custom"
 9 clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_Uptime;check_command;Check_APP_OPNSense_SSH_Uptime"
10 
11 #Ajout de la template service à la template d hôte
12 clapi -o STPL -a addhost -v "Stpl_APP_OPNSense_SSH_Uptime;APP-OPNSense-SSH-SLM"

VPN-IPSEC

 1 #Création commande
 2 clapi -o CMD -a ADD -v "Check_APP_OPNSense_SSH_VPN-IPSEC;2;ssh \$HOSTADDRESS\$ -p \$_HOSTPORTSSH\$ -l \$_HOSTUSERLOGIN\$ /usr/local/libexec/nagios/check_pf_ipsec_tunnel -e \$_SERVICEREMOTE\$ -name \$_SERVICENAME\$"
 3 clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_VPN-IPSEC;enable_shell;0"
 4 clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_VPN-IPSEC;command_activate;1"
 5 clapi -o CMD -a setparam -v "Check_APP_OPNSense_SSH_VPN-IPSEC;command_locked;0"
 6 
 7 #Création template service
 8 clapi -o STPL -a add -v "Stpl_APP_OPNSense_SSH_VPN-IPSEC;VPN-IPSEC;generic-active-service-custom"
 9 clapi -o STPL -a setparam -v "Stpl_APP_OPNSense_SSH_VPN-IPSEC;check_command;Check_APP_OPNSense_SSH_VPN-IPSEC"
10 clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_VPN-IPSEC;REMOTE;(ex: 1.1.1.1 ou host.fr)"
11 clapi -o STPL -a setmacro -v "Stpl_APP_OPNSense_SSH_VPN-IPSEC;NAME;"
12 
13 #Ajout de la template service à la template d hôte
14 clapi -o STPL -a addhost -v "Stpl_APP_OPNSense_SSH_VPN-IPSEC;APP-OPNSense-SSH-SLM"