Last active
February 2, 2017 13:48
-
-
Save adionditsak/69f7db61fa3e02de659a to your computer and use it in GitHub Desktop.
Check_mk plugin to check for last log from Elasticsearch compared to current time
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
import requests | |
import datetime | |
import json | |
import os | |
""" | |
Check_mk plugin to check for last log from Elasticsearch compared to current time | |
""" | |
class lastlog_check(object): | |
def __init__(self): | |
os.environ['TZ'] = 'UTC' | |
self.host = "localhost" | |
self.es_port = "9200" | |
self.log_dir = "/usr/lib/check_mk_agent/local/log/" | |
def logit(self, filename, content): | |
with open(filename, "a") as log: | |
log.write(content) | |
def run(self): | |
self.get_last_arr = self.get_last() | |
self.diff = self.get_last_arr[1] - self.get_last_arr[0] | |
self.seconds_difference = int(self.diff.seconds) | |
if self.seconds_difference > 600: | |
return (2, self.seconds_difference, "Critical - %ss since last log" % self.seconds_difference) | |
elif self.seconds_difference > 300: | |
return (1, self.seconds_difference, "WARN - %ss since last log" % self.seconds_difference) | |
else: | |
return (0, self.seconds_difference, "OK - %ss since last log" % self.seconds_difference) | |
return (3, "No status") | |
def get_last(self): | |
self.url = "http://{0}:{1}/_search?pretty&fields=source,timestamp".format(self.host, self.es_port) | |
self.headers = {"Content-type": "application/json", "Accept": "text/plain"} | |
self.data = { | |
"query": { | |
"match_all": {} | |
}, | |
"size": 1, | |
"sort": [ | |
{ | |
"timestamp": { | |
"order": "desc" | |
} | |
} | |
] | |
} | |
self.r = requests.post(self.url, data=json.dumps(self.data), headers=self.headers) | |
self.json_output = self.r.json() | |
self.json_timestamp = self.json_output["hits"]["hits"][0]['fields']['timestamp'][0] | |
self.timestamp_lastlog = datetime.datetime.strptime(self.json_timestamp, "%Y-%m-%d %H:%M:%S.%f") | |
self.timestamp_now = datetime.datetime.now() | |
self.result = [self.timestamp_lastlog, self.timestamp_now] | |
# Logging delayed logs | |
diff = self.result[1] - self.result[0] | |
minutes_difference = int(diff.seconds) | |
if minutes_difference > 600: | |
self.logit("%sdelayed_logs.log" % self.log_dir, "%s\n" % str(self.json_output)) | |
self.logit("%sdelayed_logs.log" % self.log_dir, "%s\n" % self.timestamp_lastlog) | |
self.logit("%sdelayed_logs.log" % self.log_dir, "%s\n\n\n" % self.timestamp_now) | |
return self.result | |
llc = lastlog_check() | |
llc_arr = llc.run() | |
print("%s Elasticsearch_lastlog seconds_since_last_log=%s %s" % (llc_arr[0], llc_arr[1], llc_arr[2])) |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment