From: Robin Roevens <robin.roevens@disroot.org>
To: development@lists.ipfire.org
Subject: [PATCH 2/2] zabbix_agentd: Add IPS throughput and guardian blocked IP count items
Date: Tue, 05 Nov 2024 23:36:18 +0100 [thread overview]
Message-ID: <20241105223618.4086546-2-robin.roevens@disroot.org> (raw)
In-Reply-To: <20241105223618.4086546-1-robin.roevens@disroot.org>
[-- Attachment #1: Type: text/plain, Size: 2176 bytes --]
- Adds Zabbix Agent userparameter `ipfire.ips.throughput.get` for the agent to get details about IPS throughput bypassed/scanned/whitelisted in bytes (JSON)
- Adds Zabbix Agent userparameter `ipfire.guardian.blocked.count` for the agent to get the number of currently blocked IP's by Addon: Guardian.
Signed-off-by: Robin Roevens <robin.roevens(a)disroot.org>
---
config/zabbix_agentd/userparameter_ipfire.conf | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/config/zabbix_agentd/userparameter_ipfire.conf b/config/zabbix_agentd/userparameter_ipfire.conf
index cc0bd9f8e..c8ead1608 100644
--- a/config/zabbix_agentd/userparameter_ipfire.conf
+++ b/config/zabbix_agentd/userparameter_ipfire.conf
@@ -11,4 +11,12 @@ UserParameter=ipfire.dhcpd.clients,grep -s -E 'lease|bind' /var/state/dhcp/dhcpd
# Number of Captive Portal clients
UserParameter=ipfire.captive.clients,awk -F ',' 'length($2) == 17 {sum += 1} END {if (length(sum) == 0) print 0; else print sum}' /var/ipfire/captive/clients
# Services list and state
-UserParameter=ipfire.services.get,sudo /var/ipfire/zabbix_agentd/scripts/ipfire_services.pl
\ No newline at end of file
+UserParameter=ipfire.services.get,sudo /var/ipfire/zabbix_agentd/scripts/ipfire_services.pl
+# IPS throughput bypassed/scanned/whitelisted in bytes/type (JSON)
+UserParameter=ipfire.ips.throughput.get,sudo /usr/local/bin/getipstat -xm | awk 'BEGIN{ORS="";print "{"}/Chain IPS/{f=1}/BYPASSED/&&f{printf "\"bypassed\":%s",$2}/SCANNED/&&f{printf ",\"scanned\":%s",$2}/WHITELISTED/&&f{printf ",\"whitelisted\":%s",$2}/^$/{f=0}END{print "}"}'
+# Addon: Guardian: Number of currently blocked IP's
+UserParameter=ipfire.guardian.blocked.count,sudo /usr/local/bin/getipstat | awk 'BEGIN{ORS="";c=0}/Chain GUARDIAN/{f=1}/DROP/&&f{c++}/^$/{f=0}END{print c}'
+#
+# Allow item key to be called with (unused) parameters. This allows the #SINGLETON method of discovering this item only when specific service is active
+Alias=ipfire.ips.throughput.get[]:ipfire.ips.throughput.get
+Alias=ipfire.guardian.blocked.count[]:ipfire.guardian.blocked.count
\ No newline at end of file
--
2.47.0
prev parent reply other threads:[~2024-11-05 22:36 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-11-05 22:36 [PATCH 1/2] zabbix_agentd: Update to 6.0.35 (LTS) Robin Roevens
2024-11-05 22:36 ` Robin Roevens [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20241105223618.4086546-2-robin.roevens@disroot.org \
--to=robin.roevens@disroot.org \
--cc=development@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox