Introduction
The usage of Centreon-Plugins requires a knowledge base in regular expressions or “Regexp” in order to exploit options and thresholds in an optimal way. Who has never been confronted with Regex in Centreon?
In this article we will study some services using regex in their commands and try to popularise and clarify the use of these Regexp in the command creation. Every day without necessarily knowing it, you use regular expressions in check commands and thresholds:
Check Options
-
Exemple: Traffic check options to filter on one interface name, Disk options to filter on a specific partition, Process options to specify a process name, etc...
Threshold Options
-
Exemple: Threshold status Warning, threshold status Critical, etc...
A lot of Centreon-Plugins mode need regex options, and as you can imagine, it won’t be possible to learn about all plugins in one article. So today, we will be focus on the plugin : centreon_linux_snmp.pl --plugin=os::linux::snmp::plugin and we will be interested in 4 typical use case of regexp checks options and how to deal with them:
-
Searching for a global set of data
-
Matching the exact search of a data
-
Excluding a data set (in the next article Part 2)
-
Searching for multiple data (in the next article Part 2)
Notes :
-
The Regex usage and behaviour is exactly the same for all Centreon-Plugins, even if the regexp plugin options are different. if you understand the principles in this article, you have all capabilities to exploit 100% of our plugins
-
We will see only regex mode options, we won’t see regex threshold options use cases
-
Feel free to add also examples of your harder regex use case in the comments, it could be useful for other people ;)
Prerequisite
In this “How-to”, we will use a CentOS 7 Vm on AWS with differents characteristics:
| Technical aspect of my linux server |
Storage (command ‘df -h’) | Filesystem Size Used Avail Use% Mounted on devtmpfs 907M 0 907M 0% /dev tmpfs 919M 0 919M 0% /dev/shm tmpfs 919M 97M 822M 11% /run tmpfs 919M 0 919M 0% /sys/fs/cgroup /dev/mapper/centos-root 9.4G 4.6G 4.8G 49% / /dev/xvda1 950M 214M 737M 23% /boot /dev/mapper/centos-var_log 7.5G 111M 7.4G 2% /var/log /dev/mapper/data-var_lib 9.4G 7.0G 2.4G 75% /var/lib tmpfs 184M 0 184M 0% /run/user/1000 |
Network (command ‘ifconfig’) | eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 9001 inet 10.25.7.185 netmask 255.255.252.0 broadcast 10.25.7.255 inet6 fe80::432:27ff:fe77:7d7b prefixlen 64 scopeid 0x20<link> ether 06:32:27:77:7d:7b txqueuelen 1000 (Ethernet) lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 1000 (Local Loopback) |
Some processes (command ‘ps -ef | grep centreo’) | /usr/bin/perl /usr/share/centreon/bin/centreontrapd --logfile=/var/log/centreon/centreontrapd.log --severity=error --config=/etc/centreon/conf.pm --config-extra=/etc/centreon/centreontrapd.pm /usr/sbin/cbwd /etc/centreon-broker/watchdog.json /usr/sbin/cbd /etc/centreon-broker/central-broker.json /usr/sbin/cbd /etc/centreon-broker/central-rrd.json /usr/bin/perl /usr/bin/gorgoned --config=/etc/centreon-gorgone/config.yaml --logfile=/var/log/centreon-gorgone/gorgoned.log --severity=info /usr/sbin/centengine /etc/centreon-engine/centengine.cfg php-fpm: pool centreon /usr/sbin/centreon-nrpe3 -c /etc/nrpe/centreon-nrpe3.cfg -d |
Global data search
To obtain global information, it’s interesting to query the total set of data. Most of the default service by default use a syntax to retrieve all the monitored data. For example:
-
Disk-Global
-
Traffic-Global
-
Inodes-Global
-
etc…
You can confirm this looking the custom macro ‘FILTER’ above
In regex, If we want to search for the whole data set, we need to combine the symbols: '.' and '*' as in the table below
Symbols | Signification |
‘.*’ | Every characters |
Checking all Traffic interfaces
By overriding option --interface with the '.*' filter, we can requesting the status for all network interface of my linux server
-bash-4.2$ /usr/lib/centreon/plugins//centreon_linux_snmp.pl --plugin=os::linux::snmp::plugin --mode=interfaces --hostname=localhost --snmp-version='2c' --snmp-community='public' --interface='.*' --name --add-status --add-traffic --critical-status='' --warning-in-traffic='80' --critical-in-traffic='90' --warning-out-traffic='80' --critical-out-traffic='90' --verbose
OK: All interfaces are ok | 'traffic_in_lo'=99616.73b/s;0:8000000;0:9000000;0;10000000 'traffic_out_lo'=99616.73b/s;0:8000000;0:9000000;0;10000000 'traffic_in_eth0'=23517.82b/s;;;0; 'traffic_out_eth0'=61742.55b/s;;;0;
Interface 'lo' Status : up (admin: up), Traffic In : 99.62Kb/s (1.00%), Traffic Out : 99.62Kb/s (1.00%)
Interface 'eth0' Status : up (admin: up), Traffic In : 23.52Kb/s (-), Traffic Out : 61.74Kb/s (-)
Checking all Disk partitions
By overriding the --storage option with the '.*' filter, I ask to match all the partitions on my linux server disk
-bash-4.2$ /usr/lib/centreon/plugins//centreon_linux_snmp.pl --plugin=os::linux::snmp::plugin --mode=storage --hostname=localhost --snmp-version='2c' --snmp-community='public' --storage='.*' --name --regexp --display-transform-src='' --display-transform-dst='' --warning-usage='80' --critical-usage='90' --verbose --filter-perfdata='storage.space|used|free'
OK: All storages are ok | 'used_/dev/shm'=0B;0:770165964;0:866436710;0;962707456 'used_/run'=8892416B;0:770165964;0:866436710;0;962707456 'used_/sys/fs/cgroup'=0B;0:770165964;0:866436710;0;962707456 'used_/'=2324631552B;0:7990987980;0:8989861478;0;9988734976 'used_/boot'=224030720B;0:796632678;0:896211763;0;995790848 'used_/var/log'=41222144B;0:6390441574;0:7189246771;0;7988051968 'used_/var/lib'=448061440B;0:7990987980;0:8989861478;0;9988734976 'used_/run/user/1000'=0B;0:154035814;0:173290291;0;192544768
Storage '/dev/shm' Usage Total: 918.11 MB Used: 0.00 B (0.00%) Free: 918.11 MB (100.00%)
Storage '/run' Usage Total: 918.11 MB Used: 8.48 MB (0.92%) Free: 909.63 MB (99.08%)
Storage '/sys/fs/cgroup' Usage Total: 918.11 MB Used: 0.00 B (0.00%) Free: 918.11 MB (100.00%)
Storage '/' Usage Total: 9.30 GB Used: 2.16 GB (23.27%) Free: 7.14 GB (76.73%)
Storage '/boot' Usage Total: 949.66 MB Used: 213.65 MB (22.50%) Free: 736.01 MB (77.50%)
Storage '/var/log' Usage Total: 7.44 GB Used: 39.31 MB (0.52%) Free: 7.40 GB (99.48%)
Storage '/var/lib' Usage Total: 9.30 GB Used: 427.30 MB (4.49%) Free: 8.89 GB (95.51%)
Storage '/run/user/1000' Usage Total: 183.62 MB Used: 0.00 B (0.00%) Free: 183.62 MB (100.00%)
Checking all processes
By overriding the --process-name option with the '.*' filter, I ask to match all processes on my linux server
-bash-4.2$ /usr/lib/centreon/plugins//centreon_linux_snmp.pl --plugin=os::linux::snmp::plugin --mode=processcount --hostname=localhost --snmp-version='2c' --snmp-community='public' --process-name='.*' --process-path='' --process-args='' --regexp-name --regexp-path --regexp-args --warning='' --critical='1:' --cpu --memory --verbose OK: Number of current processes running: 144 - Total memory usage: 1.93 GB - Average memory usage: 13.70 MB - Total CPU usage: 5.34 % | 'nbproc'=144;;1:;0; 'mem_total'=2068783104B;;;0; 'mem_avg'=14366549.33B;;;0; 'cpu_total'=5.34%;;;0; Process '2016' omemory: 2.27 MB] 4cpu: 0.00 %] ostatus: runnable] -name: sendmail] Process '32' lmemory: 0.00 B] cpu: 0.00 %] 1status: runnable] aname: edac-poller] Process '1850' ;memory: 40.41 MB] 3cpu: 0.00 %] status: runnable] [name: gorgone-proxy] … … Process '699' Process '490' memory: 4.72 MB] cpu: 0.03 %] 1status: runnable] name: httpd] Process '1526' xmemory: 10.38 MB] >cpu: 0.23 %] status: running] 'name: snmpd] Process '17946' tmemory: 2.32 MB] mcpu: 0.02 %] gstatus: runnable] ename: bash] Process '15856' memory: 4.72 MB] bcpu: 0.03 %] tstatus: runnable] sname: httpd] … |
We can resume the usage of default global search by referencing this options below:
Mode | Regexp Options Centreon-Plugins | Usage |
Traffic | --interface='.*' --name | Requesting all network interfaces |
Disk | --storage='.*' --name --regexp | Requesting all disk partitions |
Process | --process-name='.*' --process-path='' --process-args='' --regexp-name --regexp-path --regexp-args | Requesting all processes |
Data matching
If you want to perform matching regexes, for a specific resource in a dataset, we can apply a filter using the symbols: '^' and '$'. We combine this symbols to search by example specifics partitions of your servers or network interface switches, configure in Centreon Macro as below:
or
Symbols | Signification |
'^word$' | Searching precisely word resources |
'^word.*$' | Searching word and any other resources beginning by word |
Here are some examples to illustrate the "match" regex search through 3 types of commands Traffic, Disk, Process
Checking the eth0 network interface only
By overriding the --interface option with the '^eth0$' filter, I ask to match only the 'eth0' network card of my linux server
-bash-4.2$ /usr/lib/centreon/plugins//centreon_linux_snmp.pl --plugin=os::linux::snmp::plugin --mode=interfaces --hostname=localhost --snmp-version='2c' --snmp-community='public' --interface='^eth0$' --name --add-status --add-traffic --critical-status='' --warning-in-traffic='80' --critical-in-traffic='90' --warning-out-traffic='80' --critical-out-traffic='90' --verbose
OK: Interface 'eth0' Status : up (admin: up), Traffic In : 23.91Kb/s (-), Traffic Out : 19.94Kb/s (-) | 'traffic_in'=23908.63b/s;;;0; 'traffic_out'=19939.37b/s;;;0;
Interface 'eth0' Status : up (admin: up), Traffic In : 23.91Kb/s (-), Traffic Out : 19.94Kb/s (-)
Checking the disk space of the '/var/lib/' partition only
By overriding the --storage option with the '^/var/lib$' filter, I'm asking to match only the '/var/lib' partition of my linux server disk
bash-4.2$ /usr/lib/centreon/plugins//centreon_linux_snmp.pl --plugin=os::linux::snmp::plugin --mode=storage --hostname=localhost --snmp-version='2c' --snmp-community='os_linux' --storage='^/var/lib$' --name --regexp --display-transform-src='' --display-transform-dst='' --warning-usage='80' --critical-usage='90' --verbose --filter-perfdata='storage.space|used|free'
OK: Storage '/var/lib' Usage Total: 8.38 GB Used: 4.41 GB (52.64%) Free: 3.97 GB (47.36%) | 'used'=4737330000B;0:7200000000;0:8100000000;0;9000000000
Storage '/var/lib' Usage Total: 8.38 GB Used: 4.41 GB (52.64%) Free: 3.97 GB (47.36%)
Checking the process status 'cbd' only
By overriding the --process-name option with the '^cbd$' filter and --process-path with the '^/usr/sbin/cbd$' filter, I am requesting to match all processes on my linux server containing the word 'cbd' and using the '/usr/sbin/cbd' path
Note: in Centreon, there are 2 "cbd" processes, one for SQL data and another for RRD files. You can add –process-args options and used . You can read this TheWatch article to learn more about Centreon: https://thewatch.centreon.com/troubleshooting-41/101-centreon-troubleshooting-guide-346#Understand+Centreon+architecture
-bash-4.2$ /usr/lib/centreon/plugins//centreon_linux_snmp.pl --plugin=os::linux::snmp::plugin --mode=processcount --hostname=localhost --snmp-version='2c' --snmp-community='public' --process-name='^cbd$' --process-path='^/usr/sbin/cbd$' --process-args='' --regexp-name --regexp-path --regexp-args --warning='' --critical='1:' --cpu --memory --verbose
OK: Number of current processes running: 2 - Total memory usage: 20.48 MB - Average memory usage: 10.24 MB - Total CPU usage: 0.00 % | 'nbproc'=2;;1:;0; 'mem_total'=21475328B;;;0; 'mem_avg'=10737664.00B;;;0; 'cpu_total'=0.00%;;;0;
Process '7756' /memory: 4.00 MB] cpu: 0.27 %] ostatus: runnable] -name: cbd] rpath: /usr/sbin/cbd]
Process '7755' memory: 16.48 MB] Pcpu: 0.69 %] status: runnable] ;name: cbd] apath: /usr/sbin/cbd]
We can resume the usage of matching search by referencing this options below:
Mode | Regexp Options Centreon-Plugins | Signification |
Traffic | --interface='^eth0$' --name | Matching only the 'eth0' interface |
Disk | --storage='^/var/lib$' --name --regexp | Matching only the /var/lib partition |
Process | --process-name='^cbd$' --process-path='^/usr/sbin/cbd$' --process-args='' --regexp-name --regexp-path --regexp-args | Matching specifically the processus “cbd” using –process-name and –process-path options with –regexp-name and –regexp-path |