Hallo,
thank you very much for the Guide. I am using it and its working
fine.
But in the OpenLDAP Version 2.2.x the Developers changed the
Monitoring Backend, so that the monitor-jp.pl Script doesn't work.
After using lot of ldapsearch, internet, source code,...
i finally have a version who works with the new openldap version.
Also i changed it , to use LDAPS over Port 636 or 389 ans
starttls. Kerberos GSSAPI is difficult because of Tickets expiring after
a few days,
I send the modified Script in the hope to save hours of
searching and testing.
Thank you very much.
Greetings,
------------------------------------------------------------------------
#!/usr/bin/perl
# Usage in english !
# no argument -> return result in stdout
# 1st arg=0 -> stdout in csv format
# 1st arg=1 -> same as 0 with header line describing the fields
# arg1=mrtg + arg2=valXXXX where xxxx is in TotConnexions ... cf calls to
# &RecupSimple below in the source !
# example ./monitor-jp.pl mrtg valTotConnexions
# or for single value mrtg extract (no header):
# ./monitor-jp.pl 0 mrtg valTotConnexions
# below original french "usage"
# monitor.pl
# monitor le serveur LDAP local
# retourne les infos en stdout
# si pas de parametres, on affiche avec baratin
# si parametre = 0, les infos sont sorties dans une ligne CSV
# si parametre = 1, idem 0 avec une ligne en entete (donne signification des champs)
# Pour mrtg -> donner le parametre mrtg suivit d'une valeur a monitorer
# valuer dont le nom doit etre du type valTotConnexions ($arg =~ "^val") !.
# cf section if($mrtg) 2eme argument de &RecupSimple(); -> aameliorer ...
use strict;
use Net::LDAP;
use Net::LDAPS;
use Net::LDAP::LDIF;
use Authen::SASL;
#use Carp 'verbose';
use Switch;
use vars qw( $connLDAP %Result $Discret $AffConn $Entete $mrtg $mrtgval);
{
my ($DNConn, $PassConn, $BaseDN);
my ($Serveur, $Port);
my ($arg);
$Serveur = "";
$Port = 389;
$DNConn = "";
$PassConn = "";
$BaseDN = "cn=Monitor";
$Discret = 1 if (($ARGV[0] eq "0") ||($ARGV[0] eq "1"));
$Entete = 1 if ($ARGV[0] eq "1");
foreach $arg (@ARGV){
if ($arg eq "mrtg"){$mrtg=1;}
elsif ($arg =~ "^val") {$mrtgval=$arg;}
}
#$connLDAP = new Net::LDAPS($Serveur, version=> 3, capath => '/etc/ssl/certs') || die "probleme $!\n";
#$connLDAP->bind ( dn => $DNConn, password => $PassConn ) || die "probleme $! ",$@;
$connLDAP = Net::LDAP->new( $Serveur,version => 3 , port => 389, debug => '0', onerror => 'warn')|| die "LDAP error: $@\n";
$connLDAP->start_tls(verify => 'require',sslversion => 'tlsv1',capath => '/etc/ssl/certs/')|| die "probleme $! ",$@;
#my $sasl = Authen::SASL->new( 'GSSAPI',callback => {user => sub { '' }});
#my $ldapmsg = $connLDAP->bind(sasl => $sasl);
my $ldapmsg=$connLDAP->bind ( dn => $DNConn , password => $PassConn ) || die "probleme $! ",$@;
##my $ldapmsg=$connLDAP->bind || die "probleme $! ",$@;
$ldapmsg->code() && die "[",$ldapmsg->code(), "]", $ldapmsg->error;
if ($mrtg){
switch ($mrtgval) {
case "valTotConnexions"
{&RecupSimple("cn=Total,cn=Connections,cn=monitor", "TotConnexions")}
case "valTotSearch"
{&RecupSimple("cn=Search,cn=Operations,cn=Monitor", "TotSearch")}
case "valTotAdd"
{&RecupSimple("cn=Add,cn=Operations,cn=Monitor", "monitorOpCompleted")}
case "valTotModify"
{&RecupSimple("cn=Modify,cn=Operations,cn=Monitor", "TotModify")}
case"valTotDelete"
{&RecupSimple("cn=Delete,cn=Operations,cn=Monitor", "TotDelete")}
case"valTotBind"
{&RecupSimple("cn=Bind,cn=Operations,cn=Monitor", "TotBind")}
case "valTotBytes"
{&RecupSimple("cn=Bytes,cn=Statistics,cn=Monitor", "TotBytes")}
case "valTotPDU"
{&RecupSimple("cn=PDU,cn=Statistics,cn=Monitor", "TotPDU")}
else { print "entrez apres l'argument mrtg une valeur a monitorer: valTotConnexions, valTotSearch ...\nEnter after the mrtg argument, a value that you want to monitor, value starting with valXXXX, ei valTotConnexions, valTotSearch ...\n"}
}
$connLDAP->unbind;
exit();
}
&RecupSimple("cn=Total,cn=Connections,cn=Monitor", "TotConnexions");
&RecupSimple("cn=Current,cn=Connections,cn=Monitor", "CurrentConnexions");
&RecupSimple("cn=Threads,cn=Monitor", "NumThreads","max=");
&RecupSimple("cn=Read,cn=Waiters,cn=Monitor", "ReadWaiters" );
&RecupSimple("cn=Write,cn=Waiters,cn=Monitor", "WriteWaiters");
&RecupSimple("cn=Bytes,cn=Statistics,cn=Monitor", "TotBytes");
&RecupSimple("cn=Entries,cn=Statistics,cn=Monitor", "TotEntries");
&RecupSimple("cn=PDU,cn=Statistics,cn=Monitor", "TotPDU");
&RecupSimple("cn=Extended,cn=Operations,cn=Monitor", "TotOperations");
&RecupSimple("cn=Add,cn=Operations,cn=Monitor", "TotAdd");
&RecupSimple("cn=Bind,cn=Operations,cn=Monitor", "TotBind");
&RecupSimple("cn=Compare,cn=Operations,cn=Monitor", "TotCompare");
&RecupSimple("cn=Delete,cn=Operations,cn=Monitor", "TotDelete");
&RecupSimple("cn=Modify,cn=Operations,cn=Monitor", "TotModify");
&RecupSimple("cn=Search,cn=Operations,cn=Monitor", "TotSearch");
&RecupSimple("cn=Unbind,cn=Operations,cn=Monitor", "TotUnbind");
# &RecupAllConn("cn=Connections,cn=Monitor") if (! $Discret);
$connLDAP->unbind;
&PrintEntete() if ($Entete);
&PrintLigne() if ($Discret);
}
sub RecupSimple
{
my($mesg, $entry, $BaseDN, $NomInfo, $Info, $Filtre);
$BaseDN = shift;
$NomInfo = shift;
$Filtre = shift;
$mesg = $connLDAP->search (
base => $BaseDN,
scope => "sub",
filter => "(objectclass=*)",
attrs => ['monitorCounter','monitoredInfo']
) or die (" Echec de recherche sur search.$!");
$entry = $mesg->entry(0);
#Net::LDAP::LDIF->new( \*STDOUT,"w" )->write( $mesg->entries );
$Info="";
if ($BaseDN=="cn=Threads,cn=Monitor"){
$Info = $entry->get_value( 'monitoredInfo' );
}
$Info = $entry->get_value( 'monitorCounter' );
if( !defined $Info ){
$Info = $entry->get_value( 'monitorOpCompleted' );
}
if ($Filtre ne "")
{
$Info =~ /$Filtre(.*)/;
$Info = $1;
}
print "$NomInfo : $Info\n" if (! $Discret);
print "$Info\n" if ($mrtg);
$Result{$NomInfo} = $Info;
}
sub RecupAllConn
{
my($mesg, $entry, $BaseDN, $Info, $LeDN, $LaConn);
$BaseDN = shift;
print "\n***************** Connexions courantes *************************\n";
$mesg = $connLDAP->search (
base => $BaseDN,
scope => "one",
filter => "(objectclass=*)",
attrs => "monitorCounter"
) or die (" Echec de recherche sur search.$!");
foreach $entry ($mesg->all_entries){
$LeDN = $entry->get_value( 'dn' );
if ($LeDN =~ /cn=connection (.*),cn=connec/i)
{
$LaConn = $1;
print "$LeDN\n";
$Info = $entry->get_value( 'monitorCounter');
print "** $Info\n";
}
}
}
sub PrintLigne
{
my($Heure);
$Heure = GetDateHeure();
print "$Heure;$Result{TotConnexions};$Result{CurrentConnexions}";
print ";$Result{TotEntries};$Result{TotBytes};$Result{TotOperations}";
print ";$Result{TotBind};$Result{TotSearch};$Result{TotAdd};$Result{TotDelete}";
print ";$Result{TotModify};$Result{TotCompare}\n";
}
sub PrintEntete
{
print "Date;TotConn;CurrConn;TotEntries;TotBytes;TotOpe;TotBind;TotSearch;TotAdd";
print ";TotDel;TotMod;TotComp\n";
}
# ----------------------------------------------------------------------------
# -- Fonction GetDateHeure --
# retourne la date du jour en format JJ/MM/AAAA:HHMM -
# ----------------------------------------------------------------------------
sub GetDateHeure
{
my ($dateE, $an);
my ($sec, $min, $heure, $mjour, $mois, $annee, $sjour, $ajour, $isdst) = localtime(time);
$mois++;
$an = 1900 + $annee;
if (length($mois) == 1)
{$mois = "0" . $mois; }
if (length($mjour) == 1)
{$mjour = "0" . $mjour; }
if (length($heure) == 1)
{$heure = "0" . $heure; }
if (length($min) == 1)
{$min = "0" . $min; }
$dateE = "$mjour/$mois/$an:$heure$min";
return $dateE;
}