Repository
Munin (master)
Last change
2018-08-17
Graph Categories
Family
auto
Capabilities
Language
Shell
License
GPL-2.0-only
Authors

snort_pkts

Name

snort_pktsec - Plugin to monitor the number of packets per second passed through Snort filters

Configuration

The following configuration variables are used by this plugin

[snort_pkts]
 env.statsfile - Logfile to Snort's perfmonitor logfile
 env.warning - Warning percentage
 env.critical - Critical percentage

Default Configuration

[snort_pkts]
 env.statsfile=/var/snort/snort.stats

Authors

Copyright (C) 2009 Edward Bjarte Fjellskål

Copyright (C) 2010 Rado Rovny

License

GNU GPLv2

Magic Markers

#%# family=auto
#%# capabilities=autoconf

#!/bin/sh

: << =cut

=head1 NAME

snort_pktsec - Plugin to monitor the number of packets per second
               passed through Snort filters

=head1 CONFIGURATION

The following configuration variables are used by this plugin

 [snort_pkts]
  env.statsfile - Logfile to Snort's perfmonitor logfile
  env.warning - Warning percentage
  env.critical - Critical percentage

=head2 DEFAULT CONFIGURATION

 [snort_pkts]
  env.statsfile=/var/snort/snort.stats

=head1 AUTHORS

Copyright (C) 2009 Edward Bjarte Fjellskål

Copyright (C) 2010 Rado Rovny

=head1 LICENSE

GNU GPLv2

=begin comment

This program is free software; you can redistribute it and/or
modify it under the terms of the GNU General Public License
as published by the Free Software Foundation; version 2 dated June,
1991.

This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
GNU General Public License for more details.

You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.

=end comment

=head1 MAGIC MARKERS

  #%# family=auto
  #%# capabilities=autoconf

=cut

statsfile=${statsfile:-}

if [ -z "$statsfile" ]; then
        _target=/var/snort/snort.stats
else
        _target=$statsfile
fi

if [ "$1" = "autoconf" ]; then
        if [ -f "$_target" ]; then
                echo yes
        else
                echo "no ($_target not readable)"
        fi
        exit 0
fi

if [ "$1" = "config" ]; then
        echo 'graph_title Snort Avg packets/s'
        echo 'graph_args --base 1000 -l 0'
        # shellcheck disable=SC2016
        echo 'graph_vlabel Packets / ${graph_period}'
        echo 'graph_scale no'
        echo 'pktsec.label Packets'
        if [ -n "${warning:-}" ]; then
            echo "pktsec.warning $warning"
        fi
        if [ -n "${critical:-}" ]; then
            echo "pktsec.critical $critical"
        fi
        echo 'pktsec.info The number of packets per second'
        echo 'graph_category security'

        exit 0
fi

printf "pktsec.value "
tail -n1 "$_target" | awk -F, '{ print $5 * 1000 }'