Check portsindex age - NRPE ports age check: Difference between revisions
No edit summary |
No edit summary |
||
Line 5: | Line 5: | ||
<pre> | <pre> | ||
#update ports | #update ports | ||
0 3 * * * root /usr/sbin/portsnap cron && /usr/sbin/portsnap -I update && /usr/local/sbin/portmaster -L > /tmp/check_portmaster.tmp | 0 3 * * * root /usr/sbin/portsnap cron && /usr/sbin/portsnap -I update && /usr/local/sbin/portmaster -L > /tmp/check_portmaster.tmp | ||
</pre> | </pre> | ||
Revision as of 11:23, 15 February 2010
I monitor the age of the file /usr/ports/INDEX-8 (or 7 or whatever the version of FreeBSD is running on the server) and trigger a warning if it is older than 14 days, and go critical if it is older than one month. I update ports nightly from /etc/crontab
with the following portsnap
commands:
#update ports 0 3 * * * root /usr/sbin/portsnap cron && /usr/sbin/portsnap -I update && /usr/local/sbin/portmaster -L > /tmp/check_portmaster.tmp
Note: The above /etc/crontab
line will download the latest snapsnot and update the ports index files. The ports themselves will not be extracted. As explained in the portsnap manpage, it is a bad idea to automatically update /etc/ports - bad things will happen if you accidently update while installing something.
Note 2: The portmaster command at the end creates a text file called /tmp/check_portmaster.tmp
which contains the output of the portmaster -L
command. I use this textfile in the Nagios check check_portmaster to check the number of outdated ports.
Configuring Nagios
I added the following service to the configuration on the Nagios server:
define service{ use generic-service hostgroup_name freebsd-servers,freebsd-jails service_description nrpe_check_portsindex_age check_command check_nrpe2!check_portsindex_age }
I want all my FreeBSD servers and jails to have their ports age checked, so I added the hostgroup freebsd-servers
and freebsd-jails
to this check.
Configuring NRPE
Add the following line to /usr/local/etc/nrpe.cfg
:
command[check_portsindex_age]=/usr/local/libexec/nagios/check_file_age -w 1209600 -c 2592000 -f /usr/ports/INDEX-7
1209600 seconds is 14 days, 2592000 is 30 days. Remember to use the correct INDEX-x file, in this example I am monitoring a FreeBSD 7 server.
Remember to restart NRPE after changing the config:
sudo /usr/local/etc/rc.d/nrpe2 restart