New nagios check to see if all your network hosts are logging well in graylog2

Hooray! I' ve just completed another nagios script to help you find if some of your network hosts aren't logging well in graylog2. This script is using graylog2 API ex. http://graylog2.somehost.com:12900/api-browser and exchange JSON data. To understand the logic behind the script you are going to query the graylog2 api to send to you all the hosts for the last n hours.

for example:  ./check_graylog2_sources.pl -H 192.168.1.1 -P 12900 -u admin -p password -t 24 -s 60 -w 1 -c 2 -v  is checking host 192.168.1.1 on port 12900 with username admin and password "password" for the last 24h to see all the hosts are logging. -s switch is telling to script "You must see 60 total hosts" and if you get less than 60 hosts alert me with warning if missing 1 hosts or with critical if missing 2 or more hosts.

You can download the script here

:)

Controlling Opsview downtimes from PowerShell (via REST API)

I'm currently developing an open source script to create scheduled downtimes from command line with Powershell called 'opsviewctl_dowtime.ps1'. Our Development team needs a custom script to create a scheduled downtimes in opsview, while they release their new code to the webservers. So now we 're no getting alerts (as sysadmins) if they are doing changes!

You can find my powershell script HERE. I would be happy to hear you for changes, improvments and new funtions! 

Nagios script to check if windows Administrator account is enabled.

Many companies ...as mine nowadays, decide to disable default windows Administrator account for security reasons or to a have an account for third party partner and opening it only when this is absolute necessary for a while and then disable it again.

After a little search at Nagios Exchange i din't find something similar so i decide to create a simple script myself.

Here is my first basic script written in VBscript to check if specific account is disable or not. If this account is disabled returns OK, if not returns Critical and finally if account is not exist returns Warning.

Needs Opsview agent or NSClient++ to be running already on the system you 're trying to check and you must add the following line to opsview.ini or NSC.ini file, to let NRPE recognize it rightly.

check_mswin_user=cscript.exe //T:190 //NoLogo scripts\\check-user.vbs

After that, create check-user.vbs in scripts folder and paste the following code inside.

Const rOK = 0
Const rWarning = 1
CONST rCritical = 2
CONST rUnknown = 3
Const ADS_UF_ACCOUNTDISABLE = &H0002

strComputer = "."
strUser = "Administrator"

on error resume next
Set objUser = GetObject("WinNT://" & strComputer & "/" & strUser)

If IsObject(objUser) Then
flag = objUser.GET("UserFlags")
If flag AND ADS_UF_ACCOUNTDISABLE Then
    Wscript.Echo "OK: Account is disabled."
Wscript.Quit(rOK)
Else
   Wscript.Echo "CRITICAL: Account is not disabled."
   Wscript.Quit(rCritical)
End If
Else
      WScript.Echo "WARNING: User does not exist"
      Wscript.Quit(rWarning)

End If

Download: check-user.vbs

Pretty straight ...right? You can also change strUser value in anything you want :)

The last things is to restart opsview/nsclient service from windows services and create your new custom script using nagios check_nrpe

Here is a simple example: 

check_nrpe -H $HOSTADDRESS$ -c check_mswin_user

My next target is to parse user as an argument to make our life easier ;)