From 205277d08ea40a051cce411b13df7903bc23b61c Mon Sep 17 00:00:00 2001 From: Benjamin Renard Date: Wed, 12 May 2021 11:23:30 +0200 Subject: [PATCH] Initial version --- .gitignore | 2 ++ README.md | 47 +++++++++++++++++++++++++++++++++ check_clamd | 76 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 125 insertions(+) create mode 100644 .gitignore create mode 100644 README.md create mode 100755 check_clamd diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..4c5f88a --- /dev/null +++ b/.gitignore @@ -0,0 +1,2 @@ +*~ +.*.swp diff --git a/README.md b/README.md new file mode 100644 index 0000000..667d0d2 --- /dev/null +++ b/README.md @@ -0,0 +1,47 @@ +# Icinga/Nagios plugin to check Clamav daemon + +This script could be used as Icinga/Nagios check plugin to check Clamav daemon status. + +This script use *clamdscan* utility to check a file and verify Clamav daemon status. + +## Installation + +``` +apt-get install clamdscan +git clone https://gogs.zionetrix.net/bn8/check_clamd.git /usr/local/src/check_clamd +mkdir -p /usr/local/lib/nagios/plugins +ln -s /usr/local/src/check_mdb/check_clamd /usr/local/lib/nagios/plugins/ +echo "command[check_clamd]=/usr/local/lib/nagios/plugins/check_clamd" > /etc/nagios/nrpe.d/clamd.cfg +service nagios-nrpe-server reload +``` + + +## Usage + +``` +Usage : check_clamd [-d] [-h] [options] + -c Path to clamdscan (Default : auto-detected) + -f Path of the file to check with clamdscan (Default : /etc/mtab) + -d Debug mode + -h Show this message +``` + +## Copyright + +Copyright (c) 2021 Benjamin Renard + +## License + +This program is free software; you can redistribute it and/or +modify it under the terms of the GNU General Public License version 3 +as published by the Free Software Foundation. + +This program is distributed in the hope that it will be useful, +but WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +GNU General Public License for more details. + +You should have received a copy of the GNU General Public License +along with this program; if not, write to the Free Software +Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. + diff --git a/check_clamd b/check_clamd new file mode 100755 index 0000000..32bb55e --- /dev/null +++ b/check_clamd @@ -0,0 +1,76 @@ +#!/bin/bash +# +# Nagios plugin to check clamav daemon status +# +# Author : Benjamin Renard +# Date : Wed, 12 Jun 2019 13:15:33 +0200 +# Source : http://gogs.zionetrix.net/check_clamd +# + +CLAMDSCAN=clamdscan +FILE_TO_CHECK="/etc/mtab" +DEBUG=0 + +function debug() { + if [ $DEBUG -eq 1 ] + then + >&2 echo -e "[DEBUG] $1" + fi +} + +function usage() { + cat << EOF +Usage : $0 [-d] [-h] [options] + -c Path to clamdscan (Default : auto-detected) + -f Path of the file to check with clamdscan (Default : $FILE_TO_CHECK) + -d Debug mode + -h Show this message +EOF +} + +while getopts "hf:c:n:d" OPTION +do + case $OPTION in + f) + FILE_TO_CHECK=$OPTARG + ;; + c) + CLAMDSCAN=$OPTARG + ;; + d) + DEBUG=1 + ;; + h) + usage + exit 0 + ;; + *) + echo "Unkown option '$OPTION'" + usage + exit 1 + esac +done + +CMD="$CLAMDSCAN --stream --stdout --infected --no-summary $FILE_TO_CHECK" +debug "clamdscan command = '$CMD'" + +ERRORS=$( $CMD 2>&1 ) +EXITCODE=$? + +debug "clamdscan exit code = $EXITCODE" +debug "clamdscan output =\n$ERRORS" + +if [ $EXITCODE -ne 0 ] +then + echo "CRITICAL - clamdscan exit with $EXITCODE" + [ -n "$ERRORS" ] && echo -e "clamdscan return:\n$ERRORS" + exit 2 +elif [ -z "$ERRORS" ] +then + echo "OK - Clamav daemon is running and answer to scan request" + exit 0 +else + echo "WARNING - clamdscan return some errors checking $FILE_TO_CHECK file" + echo -e "$ERRORS" + exit 1 +fi