Skip to content

Instantly share code, notes, and snippets.

@hanynowsky

hanynowsky/sensu-remediation.rb

Created January 11, 2018 16:54
Show Gist options
  • Save hanynowsky/19466599603f71dffb6155c5e6346ae0 to your computer and use it in GitHub Desktop.
Save hanynowsky/19466599603f71dffb6155c5e6346ae0 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
sensu-remediation.rb
#!/opt/sensu/embedded/bin/ruby
# Author: Hanine.H - magicOnline
# January 2018
# Rudimentary Remediation For Sensu Client
#
# WARNING: Please do not forget to added permissions for user sensu
# in sudoers file. Example:
# sensu ALL=(root) NOPASSWD:/usr/sbin/service httpd reload
# sensu ALL=(root) NOPASSWD:/usr/sbin/service httpd restart
# sensu ALL=(root) NOPASSWD:/usr/sbin/service zabbix-agent restart
# sensu ALL=(root) NOPASSWD:/usr/bin/systemctl restart zabbix-agent
# sensu ALL=(root) NOPASSWD:/usr/bin/systemctl restart httpd
#
require 'json'
require 'time'
require 'open3'
result = ''
@logfile= '/tmp/sensu-remediation.log'
def execute_command(cmd)
stdout, stderr, status = Open3.capture3(cmd)
return stdout, stderr, status
rescue => e
return 3,3,3
end
def critical_action(check_name, check_output, remediation_level)
if check_name =~ /check-zabbix-agent/
if remediation_level.to_i == 2
puts "Processing CORRECTIVE remediation action as per level #{remediation_level}"
cmd = 'ps faux; sudo service zabbix-agent restart'
cmd = 'sudo service zabbix-agent restart' if check_output =~ /Found 0/
stdout, stderr, status = execute_command(cmd)
File.open(@logfile, 'a') { |file| file.write("#{stdout} #{stderr} #{status}") }
else
puts "No action for level #{remediation_level}"
end
elsif check_name =~ /check-apache-status/
puts '#TODO Logic here'
else
puts "No action for #{check_name}"
end
rescue => e
puts "Remediation could not be performed #{e.message}"
end
def warning_action(check_name, check_output, remediation_level)
puts "Processing PREVENTIVE remediation action as per level #{remediation_level}"
end
def unknown_action(check_name, check_output, remediation_level)
puts "Processing analytic remediation action as per level #{remediation_level}"
end
begin
tin = STDIN.read
j = JSON.parse(tin)
tin.split("\n").each do |a|
result = a
break
end
File.open(@logfile, 'w') { |file| file.write("#{Time.now}") }
File.open(@logfile, 'a') { |file| file.write("#{j}") }
client_name = j['client']['name']
client_address = j['client']['address']
check_name = j['check']['name']
check_status = j['check']['status']
check_output = j['check']['output']
remediation_level = j['check']['remediation']['level'] || 0
warning_action(check_name, check_output, remediation_level) if check_status.to_i == 1
critical_action(check_name, check_output, remediation_level) if check_status.to_i == 2
unknown_action(check_name, check_output, remediation_level) if check_status.to_i == 3 or check_status.to_i == 127
puts check_name
puts "Results logged in #{@logfile}"
rescue => e
puts "#{e.message}"
puts "#{result}"
ensure
STDIN.close
end
84,1 Bot
@hanynowsky
Copy link
Author

hanynowsky commented Jan 12, 2018
edited
Loading 

        "checks": {
                "check-zabbix-agentd-srv895-hook": {
                        "command": "check-process.rb -p zabbix_agentd -C 1",
                        "standalone":true,
                        "interval": 60,
                        "remediation":{
                                "contacts":["[email protected]"],
                                "level":"2"
                        },
                        "hooks": {
                                "non-zero": {
                                        "command": "/etc/sensu/remediation/remediation.rb 2>/dev/null",
                                        "stdin": true,
                                        "timeout": 30
                                }
                        }
                }
        }
}

@hanynowsky
Copy link
Author

hanynowsky commented Jan 12, 2018
edited
Loading 

sensu ALL=(root) NOPASSWD:/usr/sbin/service httpd reload
sensu ALL=(root) NOPASSWD:/usr/sbin/service httpd restart
sensu ALL=(root) NOPASSWD:/usr/sbin/service zabbix-agent restart
sensu ALL=(root) NOPASSWD:/usr/bin/systemctl restart zabbix-agent
sensu ALL=(root) NOPASSWD:/usr/bin/systemctl restart httpd```

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment