This metric compares the database engine server version with the specified
ranges. The version string [[[[A.]B.]C.]D.]E[.] is returned as E + D*100 +
C*10000 + B*1000000 + A*100000000 (see libdbi's dbi_conn_get_engine_version()
documentation).
These options may be used to specify an extended POSIX regular expression that
is applied to the query result. When using -R, a case-insensitive match is
done.
The options may not be mixed with -w/-c/-e.
This option may be used to specify a string that is expected as the query
return value. The string is compared to the query result using strcmp().
The option may not be mixed with -w/-c.
This metric checks the execution time of the specified query. In case the
query does not return any (parsable) data, this is not treated as an error
when using this metric.
The -m option may be used to specify a metric to check the thresholds against.
This is more flexible than --conntime-warning/--conntime-critical (-W/-C) as
it may be extended to support further metrics without introducing tons of
arguments. Also, it does not make much sense to check the conntime and query
result at the same time.
Currently, the metrics CONN_TIME and QUERY_RESULT are available.
A query is no longer required unless QUERY_RESULT (the default) is used.
This plugin connects to an SQL database using libdbi, thus supporting all
database backends supported by libdbi. It will then issue the specified SQL
query and check the result (the numeric value of the first column of the first
row to be precise) against the specified warning/critical ranges.
The performance data includes the connection time (µs-resolution as provided
by gettimeofday()) and the query result.
Some versions of OpenSSL fail to negotiate the SSL connection with at
least some versions of Tomcat if stateless SSL session resumption
support (see RFC4507) is enabled:
| CRITICAL - Cannot make SSL connection
| 140099330348712:error:140943F2:SSL routines:SSL3_READ_BYTES:sslv3 alert unexpected message:s3_pkt.c:1195:SSL alert number 10
The problem is reproducible with OpenSSL 1.0.0h, but not with OpenSSL
0.9.8o-4squeeze12 (as shipped with Debian 6.0.4). We work around it by
disabling the RFC4507 functionality when using OpenSSL versions which
support it.
Thanks to Dag Bakke for reporting the issue and for giving me access to
a server I could use to reproduce the problem.
Add a note to the --help output which clarifies that check_http doesn't
perform certificate verification (beyond what the "-C" option does).
(Suggested by Michael Renner in Debian bug report #644627, forwarded by
Jan Wagner.)
Fix the code which accepts a comma-separated list of labels specified
via the "-l" option.
(Spotted by Oskar Liljeblad in Debian bug report #647020, forwarded by
Jan Wagner.)
The Solaris package creation has been updated to newer standards to match those
of the NRPE package. The following changes have been made:
- the plugins now install under /opt/nagios
- the name of package is now NGOSplugin
- the files installed are now owned by the nagios user
- the package includes a pre-installation script that creates a nagios user
and a nagios group if one did not previously exist
On Solaris, in the case where the mysql libraries were compiled using a
non-gcc compiler, but the plugins are being compiled with gcc, the configure
process would incorrectly determine the MYSQLCFLAGS. This has been corrected
in the m4/np_mysqlclient.m4 file.
Return an UNKNOWN status if a faulty sensor is detected. This can be
suppressed with the new "--ignore-fault" option.
(Fixes Debian bug #615133, patch suggested by Jan Wagner.)
When specifying a host-name on the command line, each of its IPs is added to
the host table (and each one is pinged). So, the buffer has to be large enough
to hold all of the respective host objects. (argc - 1) only fits hosts with a
single IP.
Thanks to Max Kosmach <max@tcen.ru> for reporting this in Debian bug #623702.
Abort immediately if we don't receive a server greeting or if the
greeting doesn't contain the "--expect"ed string (by default: "220")
instead of blindly sending the EHLO/HELO line.
Spotted by Daniel Piddock, see Debian bug report #611914.
This patch adds a check for the certificate cn (hostname) to normal
certificate checks. It returns CRITICAL if th cn is missing, otherwise it
prints it in the normal output.
Patch by Stéphane Urbanovski
1. Timetick test could fail with uptime > 115 days. Thresholds are
double type, so it's safe to put a large number even for 32bit systems.
2. Add a test based on an invalid bug report, worthy anyway.
