1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
|
#!/usr/bin/perl -w
#
# ~/check_logfiles/test/086macroinglobals.t
#
# Test replacements of macros in seekfilesdir
#
use strict;
use Test::More tests => 3;
use Cwd;
use File::Path;
use lib "../plugins-scripts";
use Nagios::CheckLogfiles::Test;
use constant TESTDIR => ".";
my $protocolsdir = ($^O =~/MSWin/) ? 'C:\TEMP\$MACAMACA$' : '/tmp/$MACAMACA$';
my $seekfilesdir = ($^O =~/MSWin/) ? 'C:\TEMP\$MACAMACA$' : '/tmp/$MACAMACA$';
my $resolved_seekfilesdir = $seekfilesdir;
$resolved_seekfilesdir =~ s/\$MACAMACA\$/gsuhjch/;
my $configfile = <<EOCFG;
\$protocolsdir = \'$protocolsdir\';
\$seekfilesdir = \'$seekfilesdir\';
\@searches = ({
tag => "ssh",
logfile => "./var/adm/messages",
criticalpatterns => "Failed password",
warningpatterns => "Unknown user",
rotation => "SOLARIS",
});
EOCFG
open CCC, ">./etc/check_macroseek.cfg";
print CCC $configfile;
close CCC;
my $cl = Nagios::CheckLogfiles::Test->new({
protocolsdir => $seekfilesdir,
seekfilesdir => $seekfilesdir,
searches => [
{
tag => "ssh",
logfile => "./var/adm/messages",
criticalpatterns => "Failed password",
warningpatterns => "Unknown user"
}
] });
my $ssh = $cl->get_search_by_tag("ssh");
$ssh->delete_logfile();
$ssh->delete_seekfile();
$ssh->trace("deleted logfile and seekfile");
File::Path::rmtree($resolved_seekfilesdir);
ok(! -d $resolved_seekfilesdir);
my $perlpath = `which perl`;
chomp $perlpath;
if ($^O =~ /MSWin/) {
if (-f 'C:\strawberry\perl\bin\perl.exe') {
$perlpath = 'C:\strawberry\perl\bin\perl';
} else {
$perlpath = 'C:\Perl\bin\perl';
}
$ssh->{logfile} =~ s/\//\\/g;
}
my $command = $perlpath.' ../plugins-scripts/check_logfiles --config ./etc/check_macroseek.cfg --macro MACAMACA=gsuhjch';
$ssh->trace("executing %s", $command);
$ssh->trace("deleting logfile and seekfile");
$ssh->delete_logfile();
$ssh->delete_seekfile();
$ssh->trace("deleted logfile and seekfile");
# logfile will be created. there is no seekfile. position at the end of file
# and remember this as starting point for the next run.
$ssh->trace("==== 1 ====");
$ssh->logger(undef, undef, 2, "Failed password for invalid user1");
my $output = `$command`;
diag($output);
diag($seekfilesdir);
diag($resolved_seekfilesdir);
ok(($output =~ /OK - no errors or warnings/) && (($? >> 8) == 0));
ok(-d $resolved_seekfilesdir);
File::Path::rmtree($resolved_seekfilesdir);
|
