Changeset 1847

Timestamp:

04/03/12 16:23:39 (12 years ago)

Author:

oschonef

Message:

• add IDP monitroing script
• cosmetic changes to SP script
• add section about IDP script to README

Location:

monitoring/plugins/ids

Files:

• README.txt (modified) (1 diff)
• check_shib_idp (added)
• check_shib_sp (modified) (3 diffs)

monitoring/plugins/ids/README.txt

@@ +1 @@
+Name:
+  check_shib_idp - checks status of Shibboleth identitiy provider
+Requirements:
+  Perl-Modules: LWP, Date::Parse, Crypt::OpenSSL::X509
+
+  NB: Shibboleth-IDP needs to have an appropiate ACL in Status handler for
+  monitoring host (see Shibboleth documentation)
+Arguments:
+  -H        host, mandatory
+  -u        url, default: idp/status
+  -t        timeout, default 10 seconds
+  -S        use https
+  -D        maximum clock skew, default 120
+  -C        certificate expiry in days, will warn, if cert expires in less
+
+
+
+
 Name:
   check_shib_sp - checks status of Shibboleth service provider
 Requirements:
   Perl-Modules: LWP, XML::Parser, Date::Parse, Crypt::OpenSSL::X509
-  Shibboleth-IDP needs to put appropiate ACL in Status handler for
-  monitoring host
 
+  NB: Shibboleth-SP needs to have an appropiate ACL in Status handler for
+  monitoring host (see Shibbolteh documentation)
 Arguments:
   -H        host, mandatory

monitoring/plugins/ids/check_shib_sp

@@ -1 +1 @@
 #!/usr/bin/perl
 #
-# check_shib_sp, version 2012-03-28
+# check_shib_sp, version 2012-04-03
 #
 
@@ -139 +139 @@
     my $message = shift;
 
+    $message =~ s/\n*$//;
     printf("%s: %s\n", $CODE2STRING->{$code}, $message);
     exit $code;
@@ -234 +235 @@
         if ($cert->checkend(0)) {
             status(CRITICAL,
-                   sprintf('%s certificate is expired',
-                           $key->{'use'}, $cert->subject()));
+                   sprintf('%s certificate is expired since %s',
+                           $key->{'use'}, $cert->notAfter()));
         }
         elsif ($cert->checkend($cert_warn_days * 86400)) {