nbuchwitz / check_opnsense Goto Github PK

hi,

is there a list what I can check which modules are available ? For example how can I check the interfaces, traffic, local health ... etc. maybe it is possible to extend the plugin and replace SNMP.

hello
each time i enter the whole code i got a error and the line brake with error
./check_opnsense.py -H 10.147.42.7 --api-key gZY632BtFxwZrkQ9w

maybe because the code is soooo long to use
and to help my self i wrote down what to do...
http://wombat3.kozo.ch/j/icinga-list/9780-icinga2-add-opnsense

please have a look and tell me if i am wrong or how to make it better

around 22.7.x (couldn't find anything in the update history) the api seems to have partially changed and the check now doesn't get to know about new updates.
content of 'status' is now 'update' instead of 'ok', 'status_upgrade_action' has disappeared.
good news is, that the number of updates has not to be counted any more but is reported as 'status_msg'.

here is a recent result of a current api request (22.7.8):

{"api_version":"2","connection":"ok","downgrade_packages":[],"download_size":"25MiB","last_check":"Tue Dec 20 12:54:59 CET 2022","needs_reboot":"1","new_packages":[],"os_version":"FreeBSD 13.1-RELEASE-p3","product_id":"opnsense","product_target":"opnsense","product_version":"22.7.8","reinstall_packages":[],"remove_packages":[],"repository":"ok","upgrade_major_message":"","upgrade_major_version":"","upgrade_needs_reboot":"0","upgrade_packages":[{"name":"ca_root_nss","repository":"OPNsense","current_version":"3.83","new_version":"3.85"},{"name":"git","repository":"OPNsense","current_version":"2.38.1_3","new_version":"2.38.1_4"},{"name":"glib","repository":"OPNsense","current_version":"2.74.1,2","new_version":"2.74.2_1,2"},{"name":"opnsense","repository":"OPNsense","current_version":"22.7.8","new_version":"22.7.9_3"},{"name":"opnsense-update","repository":"OPNsense","current_version":"22.7.7","new_version":"22.7.9"},{"name":"php80","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-ctype","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-curl","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-dom","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-filter","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-gettext","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-ldap","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-mbstring","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-pdo","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-session","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-simplexml","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-sockets","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-sqlite3","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-xml","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-zlib","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"py39-Babel","repository":"OPNsense","current_version":"2.10.3","new_version":"2.11.0"},{"name":"readline","repository":"OPNsense","current_version":"8.1.2","new_version":"8.2.0"},{"name":"sqlite3","repository":"OPNsense","current_version":"3.39.3_1,1","new_version":"3.40.0,1"},{"name":"suricata","repository":"OPNsense","current_version":"6.0.8_1","new_version":"6.0.9_1"},{"name":"base","size":"114228228","repository":"OPNsense","current_version":"22.7.7","new_version":"22.7.9"},{"name":"kernel","size":"32275752","repository":"OPNsense","current_version":"22.7.7","new_version":"22.7.9"}],"upgrade_sets":[],"product":{"product_abi":"22.7","product_arch":"amd64","product_check":{"api_version":"2","connection":"ok","downgrade_packages":[],"download_size":"25MiB","last_check":"Tue Dec 20 12:54:59 CET 2022","needs_reboot":"1","new_packages":[],"os_version":"FreeBSD 13.1-RELEASE-p3","product_id":"opnsense","product_target":"opnsense","product_version":"22.7.8","reinstall_packages":[],"remove_packages":[],"repository":"ok","upgrade_major_message":"","upgrade_major_version":"","upgrade_needs_reboot":"0","upgrade_packages":[{"name":"ca_root_nss","repository":"OPNsense","current_version":"3.83","new_version":"3.85"},{"name":"git","repository":"OPNsense","current_version":"2.38.1_3","new_version":"2.38.1_4"},{"name":"glib","repository":"OPNsense","current_version":"2.74.1,2","new_version":"2.74.2_1,2"},{"name":"opnsense","repository":"OPNsense","current_version":"22.7.8","new_version":"22.7.9_3"},{"name":"opnsense-update","repository":"OPNsense","current_version":"22.7.7","new_version":"22.7.9"},{"name":"php80","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-ctype","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-curl","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-dom","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-filter","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-gettext","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-ldap","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-mbstring","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-pdo","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-session","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-simplexml","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-sockets","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-sqlite3","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-xml","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"php80-zlib","repository":"OPNsense","current_version":"8.0.25","new_version":"8.0.26"},{"name":"py39-Babel","repository":"OPNsense","current_version":"2.10.3","new_version":"2.11.0"},{"name":"readline","repository":"OPNsense","current_version":"8.1.2","new_version":"8.2.0"},{"name":"sqlite3","repository":"OPNsense","current_version":"3.39.3_1,1","new_version":"3.40.0,1"},{"name":"suricata","repository":"OPNsense","current_version":"6.0.8_1","new_version":"6.0.9_1"},{"name":"base","size":"114228228","repository":"OPNsense","current_version":"22.7.7","new_version":"22.7.9"},{"name":"kernel","size":"32275752","repository":"OPNsense","current_version":"22.7.7","new_version":"22.7.9"}],"upgrade_sets":[]},"product_copyright_owner":"Deciso B.V.","product_copyright_url":"https://www.deciso.com/","product_copyright_years":"2014-2022","product_crypto":"OpenSSL","product_email":"[email protected]","product_flavour":"OpenSSL","product_hash":"107b07d90","product_id":"opnsense","product_latest":"22.7.9","product_license":[],"product_log":1,"product_mirror":"https://pkg.opnsense.org/FreeBSD:13:amd64/22.7","product_name":"OPNsense","product_nickname":"Powerful Panther","product_repos":"OPNsense","product_series":"22.7","product_time":"Fri Nov 25 07:17:19 CET 2022","product_version":"22.7.8","product_website":"https://opnsense.org/"},"all_packages":{"base":{"reason":"upgrade","old":"22.7.7","new":"22.7.9","repository":"OPNsense","name":"base"},"ca_root_nss":{"reason":"upgrade","old":"3.83","new":"3.85","repository":"OPNsense","name":"ca_root_nss"},"git":{"reason":"upgrade","old":"2.38.1_3","new":"2.38.1_4","repository":"OPNsense","name":"git"},"glib":{"reason":"upgrade","old":"2.74.1,2","new":"2.74.2_1,2","repository":"OPNsense","name":"glib"},"kernel":{"reason":"upgrade","old":"22.7.7","new":"22.7.9","repository":"OPNsense","name":"kernel"},"opnsense":{"reason":"upgrade","old":"22.7.8","new":"22.7.9_3","repository":"OPNsense","name":"opnsense"},"opnsense-update":{"reason":"upgrade","old":"22.7.7","new":"22.7.9","repository":"OPNsense","name":"opnsense-update"},"php80":{"reason":"upgrade","old":"8.0.25","new":"8.0.26","repository":"OPNsense","name":"php80"},"php80-ctype":{"reason":"upgrade","old":"8.0.25","new":"8.0.26","repository":"OPNsense","name":"php80-ctype"},"php80-curl":{"reason":"upgrade","old":"8.0.25","new":"8.0.26","repository":"OPNsense","name":"php80-curl"},"php80-dom":{"reason":"upgrade","old":"8.0.25","new":"8.0.26","repository":"OPNsense","name":"php80-dom"},"php80-filter":{"reason":"upgrade","old":"8.0.25","new":"8.0.26","repository":"OPNsense","name":"php80-filter"},"php80-gettext":{"reason":"upgrade","old":"8.0.25","new":"8.0.26","repository":"OPNsense","name":"php80-gettext"},"php80-ldap":{"reason":"upgrade","old":"8.0.25","new":"8.0.26","repository":"OPNsense","name":"php80-ldap"},"php80-mbstring":{"reason":"upgrade","old":"8.0.25","new":"8.0.26","repository":"OPNsense","name":"php80-mbstring"},"php80-pdo":{"reason":"upgrade","old":"8.0.25","new":"8.0.26","repository":"OPNsense","name":"php80-pdo"},"php80-session":{"reason":"upgrade","old":"8.0.25","new":"8.0.26","repository":"OPNsense","name":"php80-session"},"php80-simplexml":{"reason":"upgrade","old":"8.0.25","new":"8.0.26","repository":"OPNsense","name":"php80-simplexml"},"php80-sockets":{"reason":"upgrade","old":"8.0.25","new":"8.0.26","repository":"OPNsense","name":"php80-sockets"},"php80-sqlite3":{"reason":"upgrade","old":"8.0.25","new":"8.0.26","repository":"OPNsense","name":"php80-sqlite3"},"php80-xml":{"reason":"upgrade","old":"8.0.25","new":"8.0.26","repository":"OPNsense","name":"php80-xml"},"php80-zlib":{"reason":"upgrade","old":"8.0.25","new":"8.0.26","repository":"OPNsense","name":"php80-zlib"},"py39-Babel":{"reason":"upgrade","old":"2.10.3","new":"2.11.0","repository":"OPNsense","name":"py39-Babel"},"readline":{"reason":"upgrade","old":"8.1.2","new":"8.2.0","repository":"OPNsense","name":"readline"},"sqlite3":{"reason":"upgrade","old":"3.39.3_1,1","new":"3.40.0,1","repository":"OPNsense","name":"sqlite3"},"suricata":{"reason":"upgrade","old":"6.0.8_1","new":"6.0.9_1","repository":"OPNsense","name":"suricata"}},"all_sets":[],"status_msg":"There are 26 updates available, total download size is 164.7MiB. This update requires a reboot.","status_reboot":"1","status":"update"}

Hi there - using debian 10 and 11:

Even though I'm using the -k -switch to turn off certificate-validation I'm getting the following error:
./check_opnsense.py -k -H myopnsensebox.local --api-key "" --api-secret "" -m updates
UNKNOWN - Could not connect to OPNsense: Certificate validation failed

Any ideas on that?

Already tried setting verify=False in the script with the same result...
Best regards and thanks in advance.

Florian

hello
your example
./check_pve.py -H <OP
is wrong!
should be something like
./check_opnsense.py -H