forked from munin-monitoring/munin
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsnort_pkts
executable file
·94 lines (67 loc) · 2.13 KB
/
snort_pkts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
#!/bin/sh
: << =cut
=head1 NAME
snort_pktsec - Plugin to monitor the number of packets per second
passed through Snort filters
=head1 CONFIGURATION
The following configuration variables are used by this plugin
[snort_pkts]
env.statsfile - Logfile to Snort's perfmonitor logfile
env.warning - Warning percentage
env.critical - Critical percentage
=head2 DEFAULT CONFIGURATION
[snort_pkts]
env.statsfile=/var/snort/snort.stats
=head1 AUTHORS
Copyright (C) 2009 Edward Bjarte Fjellskål
Copyright (C) 2010 Rado Rovny
=head1 LICENSE
GNU GPLv2
=begin comment
This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; version 2 dated June,
1991.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
=end comment
=head1 MAGIC MARKERS
#%# family=auto
#%# capabilities=autoconf
=cut
if [ -z $statsfile ]; then
_target=/var/snort/snort.stats
else
_target=$statsfile
fi
if [ "$1" = "autoconf" ]; then
if [ -f $_target ]; then
echo yes
else
echo "no ($_target not readable)"
fi
exit 0
fi
if [ "$1" = "config" ]; then
echo 'graph_title Snort Avg packets/s'
echo 'graph_args --base 1000 -l 0'
echo 'graph_vlabel Packets / second'
echo 'graph_scale no'
echo 'pktsec.label Packets/second'
if [ -n "$warning" ]; then
echo "pktsec.warning $warning"
fi
if [ -n "$critical" ]; then
echo "pktsec.critical $critical"
fi
echo 'pktsec.info The number of packets per second'
echo 'graph_category Snort'
exit 0
fi
printf "pktsec.value "
echo $( tail -n1 $_target| awk -F, '{ print $5 }') \* 1000|bc -l