fws
/
pfsense-zabbix
4
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Reverted Interface Discovery to Interface Name

Browse Source
master
Riccardo Bicelli 4 years ago
parent 0afe87a596
commit fe2c5b0b37
3 changed files with 42 additions and 76 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 47
      README.md.backup
  2. 38
      Template pfSense Active.xml
  3. 33
      pfsense_zbx.php

47
README.md.backup
Unescape View File

@ -1,47 +0,0 @@
# pfSense Zabbix template
This is a pfSense active template for zabbix, based on [Keenton Zabbix Template](https://github.com/keentonsas/zabbix-template-pfsense) for freeBSD part and a php script using pfSense functions library for monitoring specific data.
Tested with pfSense 2.4 and Zabbix 4.0
## What it does
- pfSense Version/Update Available
- Gateway Monitoring (Gateway Status/RTT with discovery)
- OpenVPN Server Monitoring (Server Status/Tunnel Status with discovery)
- CARP Monitoring (Global CARP State)
- Basic service monitoring (Service Status with discovery)
## Configuration
First copy the file pfsense_zbx.php to your pfsense box (e.g. to /root/scripts).
Then install package "Zabbix Agent 4" on your pfSense Box
In Advanced Features-> User Parameters
```bash
AllowRoot=1
UserParameter=pfsense.states.max,grep "limit states" /tmp/rules.limits | cut -f4 -d ' '
UserParameter=pfsense.states.current,grep "current entries" /tmp/pfctl_si_out | tr -s ' ' | cut -f4 -d ' '
UserParameter=pfsense.mbuf.current,netstat -m | grep "mbuf clusters" | cut -f1 -d ' ' | cut -d '/' -f1
UserParameter=pfsense.mbuf.cache,netstat -m | grep "mbuf clusters" | cut -f1 -d ' ' | cut -d '/' -f2
UserParameter=pfsense.mbuf.max,netstat -m | grep "mbuf clusters" | cut -f1 -d ' ' | cut -d '/' -f4
UserParameter=pfsense.discovery[*],/usr/local/bin/php /root/scripts/pfsense_zbx.php discovery $1
UserParameter=pfsense.value[*],/usr/local/bin/php /root/scripts/pfsense_zbx.php $1 $2 $3
```
__Please note that **AllowRoot=1** option is required in order to execute correctly OpenVPN checks and others._
Then import xml template in Zabbix and add your pfSense hosts.
If you are running a redundant CARP setup you can adjust the macro {#EXPECTED_CARP_STATUS} to a value representing what is CARP expected status on monitored box.
Possible values are:
- 0: Disabled
- 1: Master
- 2: Backup
This is useful when monitoring services which could stay stopped on CARP Backup Member.

38
template_pfsense_active.xml → Template pfSense Active.xml
Unescape View File

@ -1,7 +1,7 @@
<?xml version="1.0" encoding="UTF-8"?>
<zabbix_export>
<version>4.0</version>
<date>2020-01-07T08:11:29Z</date>
<date>2020-03-27T07:54:22Z</date>
<groups>
<group>
<name>Templates</name>
@ -10,8 +10,9 @@
<templates>
<template>
<template>Template pfSense Active</template>
<name>Template pfSense Active</name>
<description>Active template for pfsense, requires pfsense_zbx.php installed to pfSense Box</description>
<name>Pfsense Active</name>
<description>Active template for pfsense, requires pfsense_zbx.php installed to pfSense Box.&#13;
Version 1.0.0</description>
<groups>
<group>
<name>Templates</name>
@ -2980,8 +2981,8 @@
<type>7</type>
<snmp_community/>
<snmp_oid/>
<key>pfsense.discovery[interfaces]</key>
<delay>3600</delay>
<key>net.if.discovery</key>
<delay>3600s</delay>
<status>0</status>
<allowed_hosts/>
<snmpv3_contextname/>
@ -3015,7 +3016,7 @@
<description>Discovery of network interfaces as defined in global regular expression &quot;Network interfaces for discovery&quot;.</description>
<item_prototypes>
<item_prototype>
<name>Incoming network traffic on {#IFDESCR}</name>
<name>Incoming network traffic on $1</name>
<type>7</type>
<snmp_community/>
<snmp_oid/>
@ -3084,7 +3085,7 @@
<master_item/>
</item_prototype>
<item_prototype>
<name>Outgoing network traffic on {#IFDESCR}</name>
<name>Outgoing network traffic on $1</name>
<type>7</type>
<snmp_community/>
<snmp_oid/>
@ -3156,7 +3157,7 @@
<trigger_prototypes/>
<graph_prototypes>
<graph_prototype>
<name>Network traffic on {#IFDESCR}</name>
<name>Network traffic on $1</name>
<width>900</width>
<height>200</height>
<yaxismin>0.0000</yaxismin>
@ -3164,7 +3165,7 @@
<show_work_period>1</show_work_period>
<show_triggers>1</show_triggers>
<type>0</type>
<show_legend>1</show_legend>
<show_legend>0</show_legend>
<show_3d>0</show_3d>
<percent_left>0.0000</percent_left>
<percent_right>0.0000</percent_right>
@ -3988,18 +3989,7 @@
</applications>
<valuemap/>
<logtimefmt/>
<preprocessing>
<step>
<type>5</type>
<params>(.*)
\1p2p_tls=1:p2p_shared_key:2,server_tls:3,server_user:4,server_tls_user:5</params>
</step>
<step>
<type>5</type>
<params>(p2p_tls,p2p_shared_key,server_tls,server_user,server_tls_user)
\2</params>
</step>
</preprocessing>
<preprocessing/>
<jmx_endpoint/>
<timeout>3s</timeout>
<url/>
@ -4028,7 +4018,7 @@
<snmp_community/>
<snmp_oid/>
<key>pfsense.value[openvpn_servervalue,{#SERVER},status]</key>
<delay>30s</delay>
<delay>60s</delay>
<history>90d</history>
<trends>365d</trends>
<status>0</status>
@ -4065,11 +4055,11 @@
<step>
<type>5</type>
<params>(.*)
\1:up=1:down=0:none=0</params>
\1:up=1:down=0:none=2:reconnecting=3</params>
</step>
<step>
<type>5</type>
<params>(up|down|none)(?=.*:\1=(\d))
<params>(up|down|none|reconnecting)(?=.*:\1=(\d))
\2</params>
</step>
</preprocessing>

33
pfsense_zbx.php
Unescape View File

@ -56,9 +56,10 @@ function pfz_test(){
}
function pfz_get_if_name($hwif){
$ifdescrs = get_configured_interface_with_descr(true);
function pfz_get_if_name($hwif, $ifdescrs=""){
if !(is_array($if_descrs))
$ifdescrs = get_configured_interface_with_descr(true);
foreach ($ifdescrs as $ifdescr => $ifname){
$ifinfo = get_interface_info($ifdescr);
if($ifinfo["hwif"]==$hwif){
@ -70,7 +71,9 @@ function pfz_get_if_name($hwif){
}
//Interface Discovery
function pfz_interface_discovery() {
function pfz_interface_discovery_legacy() {
$ifdescrs = get_configured_interface_with_descr(true);
$ifaces = get_interface_arr();
$json_string = '{"data":[';
@ -91,6 +94,22 @@ function pfz_interface_discovery() {
}
function pfz_interface_discovery() {
$ifdescrs = get_configured_interface_with_descr(true);
foreach ($ifdescr as $descr=>$iface) {
$json_string .= '{"{#IFNAME}":"' . $iface["hwif"] . '"';
$json_string .= ',"{#IFDESCR}":"' . $descr . '"';
$json_string .= '},';
}
$json_string = rtrim($json_string,",");
$json_string .= "]}";
echo $json_string;
}
//OpenVPN Server Discovery
function pfz_openvpn_get_all_servers(){
@ -109,7 +128,7 @@ function pfz_openvpn_serverdiscovery() {
foreach ($servers as $server){
$name = trim(preg_replace('/\w{3}(\d)?\:\d{4,5}/i', '', $server['name']));
$json_string .= '{"{#SERVER}":"' . $server['vpnid'] . '"';
$json_string .= ',"{#NAME}":"' . $name . '"';
$json_string .= ',"{#NAME}":"' . $name . '"';
$json_string .= '},';
}
@ -120,6 +139,10 @@ function pfz_openvpn_serverdiscovery() {
}
/*
* Get OpenVPN Server Value
* TODO: If the server type is user auth consider the server Up/Listening if status is "none"
*/
function pfz_openvpn_servervalue($server_id,$valuekey){
$servers = pfz_openvpn_get_all_servers();
foreach($servers as $server) {

Write Preview
Loading…
Cancel
Save