2
0
mirror of https://github.com/munin-monitoring/contrib.git synced 2018-11-08 00:59:34 +01:00
contrib-munin/plugins/system/debsecan
Ben 2e566be36d Update plugins/system/debsecan
adjusted patterns to grep
2012-09-01 11:15:54 +02:00

75 lines
1.7 KiB
Bash
Executable File

#!/bin/sh
#
# Plugin to monitor the number of CVE vulnerabilities present on a Debian
# system (using debsecan). Might work on other distib, who knows...
#
# Inspiration of the moment 10/10/2007
#
# Nicolas BOUTHORS <nbouthors@nbi.fr> http://nbi.fr/
#
# Licence : Public Domain
#
#%# family=auto
#%# capabilities=autoconf
# Auto enable if we have debsecan only
if [ "$1" = "autoconf" ] ; then
if [ -x /usr/bin/debsecan ]; then
echo yes
else
echo no
fi
exit 0
fi
# Fail if we don't have debsecan
if [ ! -x /usr/bin/debsecan ]; then
exit 1
fi
if [ "$1" = "config" ] ; then
cat <<EOF_
graph_title DebSecan : vulnerabilities
graph_args -l 0 --base 1000
graph_vlabel number of CVE
graph_category system
graph_period second
graph_info This graph show the number of known vulnerabilities present on your system. Use debsecan to see detail.
high.label high
high.type GAUGE
high.max 50000
high.min 0
high.info The number CVE marked high high priority
medium.label medium
medium.type GAUGE
medium.max 50000
medium.min 0
medium.info The number CVE marked medium high priority
low.label low
low.type GAUGE
low.max 50000
low.min 0
low.info The number CVE marked low high priority
other.label other
other.type GAUGE
other.max 50000
other.min 0
other.info The number CVE with unspecified priority
EOF_
exit 0
fi
debsecan 2> /dev/null > /tmp/debsecan.munin.$$
high=`grep -c 'high urgency' /tmp/debsecan.munin.$$`
medium=`grep -c 'medium urgency' /tmp/debsecan.munin.$$`
low=`grep -c 'low urgency)' /tmp/debsecan.munin.$$`
other=`grep -c -v -e 'low urgency' -e 'medium urgency' -e 'high urgency' /tmp/debsecan.munin.$$`
cat <<EOF_
high.value $high
medium.value $medium
low.value $low
other.value $other
EOF_
rm -f /tmp/debsecan.munin.$$