How to play with Regex - Part II

  • 11 March 2022
  • 2 replies
  • 4853 views
M
Rank
Userlevel 3
Badge +1

 

 

Multiple search 

In regex, it is possible to simultaneously request multiple searches with the logical OR operator. In this example we will see the possibility of using multiple search filters in regexp options.

3UsJAegfY1u0PSAUxZcmOoDBCr_rpUv-F4Ek0FEcUrGc9R2H3MT4D6w0mSvw_nM97wp1yH_x7Mnzh7wKS0q-b3Gbcu662ycnhEUk7pWhXtCrXdCHh-UZiC12S0WeUzOeUoAeWH6A

 

Symbole

Signification

'^((word|word1)$)'

Requesting specifically word and word1 resources

'^((word|word1.*)$)'

Requesting word resources and all resources beginning by word1


 

Check  '/' and ‘/var/log’ Disk partitions 

By overriding the --storage option with the filter '^(/|/var/log)$', I ask to exclude all disks on my linux server starting with '/var/'

-bash-4.2$ /usr/lib/centreon/plugins//centreon_linux_snmp.pl --plugin=os::linux::snmp::plugin --mode=storage --hostname=localhost --snmp-version='2c' --snmp-community='public'  --storage='^(/|/var/lib)$' --name --regexp --display-transform-src='' --display-transform-dst='' --warning-usage='80' --critical-usage='90' --verbose --filter-perfdata='storage.space|used|free'

OK: All storages are ok | 'used_/'=4859703296B;0:7990987980;0:8989861478;0;9988734976 'used_/var/lib'=7819071488B;0:7990987980;0:8989861478;0;9988734976
Storage '/' Usage Total: 9.30 GB Used: 4.53 GB (48.65%) Free: 4.78 GB (51.35%)
Storage '/var/lib' Usage Total: 9.30 GB Used: 7.28 GB (78.28%) Free: 2.02 GB (21.72%)

 

Check the status of processes 'cbd' and ‘centengine’.

By overriding the --process-name option with the '^(cbd|centengine)$' filter, I include cbd and centengine processes in my command line

-bash-4.2$ /usr/lib/centreon/plugins//centreon_linux_snmp.pl --plugin=os::linux::snmp::plugin --mode=processcount --hostname=10.25.5.88 --snmp-version='2c' --snmp-community='public'  --process-name='^(cbd|centengine)$' --process-path='' --process-args='' --regexp-name --regexp-path --regexp-args --warning='' --critical='1:' --cpu --memory --verbose

OK: Number of current processes running: 3 - Total memory usage: 32.50 MB - Average memory usage: 10.83 MB - Total CPU usage: 1.48 % | 'nbproc'=3;;1:;0; 'mem_total'=34082816B;;;0; 'mem_avg'=11360938.67B;;;0; 'cpu_total'=1.48%;;;0;
Process '29050' [memory: 2.92 MB] [cpu: 0.36 %] [status: runnable] [name: cbd]
Process '15108' [memory: 4.96 MB] [cpu: 0.15 %] [status: runnable] [name: centengine]
Process '29049' [memory: 24.62 MB] [cpu: 0.97 %] [status: runnable] [name: cbd]

 

We can resume the usage of multiple search by referencing this options below:

Mode

Regexp Options Centreon-Plugins

Signification

Disk

--storage='^(/|/var/lib)$' --name --regexp

Matching both the /var/lib and / partition

Process

--process-name='^(cbd|centengine)$' --process-path='' --process-args='' --regexp-name --regexp-path --regexp-args

Matching specifically the processus “cbd” using –process-name and –process-path options with –regexp-name and –regexp-path

 

 

Data exclusion 

In regex, it is possible to exclude certain information from the search. In this example we will see the possibility of using exclusion filters in the regexp options.

If we want to exclude a specific resource in a dataset, we can apply a filter using the symbols ('?','!','.','*') as in the table below

 

voSZTK_bEZuAb3z-EfyjwlP0VplZd7r8yI54GfcqKkWQ2AL10hU4IyqgaDCBRaRTqIHWZ7RdsUwLga4RnWNj6NmIMRGVDpELBVctU6CEZ7yzb6x-DAAXjY0Q1Jp7uJ0TcfjYQqfE

 

Symbole

Signification

'^(?!word$)'

Specifically exclude the resource word in our check

'^(?!word.*$)'

Exclude all resources starting with word in our check

'^(?!(word|word1)$)'

Exclude all multiples resources word and word1

 

Control of all network interfaces excluding the loopback card

By overriding the --interface option with the '^(?!lo$)' filter, I ask to exclude all network cards on my linux server using the name 'lo'

-bash-4.2$ /usr/lib/centreon/plugins//centreon_linux_snmp.pl --plugin=os::linux::snmp::plugin --mode=interfaces --hostname=localhost --snmp-version='2c' --snmp-community='public'  --interface='^(?!lo$)' --name --add-status --add-traffic --critical-status='' --warning-in-traffic='80' --critical-in-traffic='90' --warning-out-traffic='80' --critical-out-traffic='90' --verbose

OK: Interface 'eth0' Status : up (admin: up), Traffic In : 10.15Kb/s (-), Traffic Out : 15.47Kb/s (-) | 'traffic_in'=10154.67b/s;;;0; 'traffic_out'=15472.00b/s;;;0;
Interface 'eth0' Status : up (admin: up), Traffic In : 10.15Kb/s (-), Traffic Out : 15.47Kb/s (-)

 

Check all partitions excluding all '/var/' partitions 

By overriding the --storage option with the filter '^(?!/var/)', I ask to exclude all disks on my linux server starting with '/var/'

-bash-4.2$  /usr/lib/centreon/plugins//centreon_linux_snmp.pl --plugin=os::linux::snmp::plugin --mode=storage --hostname=localhost --snmp-version='2c' --snmp-community='public'  --storage='^(?!/var/)' --name --regexp --display-transform-src='' --display-transform-dst='' --warning-usage='80' --critical-usage='90' --verbose --filter-perfdata='storage.space|used|free'

OK: All storages are ok | 'used_/dev/shm'=0B;0:770165964;0:866436710;0;962707456 'used_/run'=25669632B;0:770165964;0:866436710;0;962707456 'used_/sys/fs/cgroup'=0B;0:770165964;0:866436710;0;962707456 'used_/'=2326142976B;0:7990987980;0:8989861478;0;9988734976 'used_/boot'=224030720B;0:796632678;0:896211763;0;995790848 'used_/run/user/1000'=0B;0:154035814;0:173290291;0;192544768
Storage '/dev/shm' Usage Total: 918.11 MB Used: 0.00 B (0.00%) Free: 918.11 MB (100.00%)
Storage '/run' Usage Total: 918.11 MB Used: 24.48 MB (2.67%) Free: 893.63 MB (97.33%)
Storage '/sys/fs/cgroup' Usage Total: 918.11 MB Used: 0.00 B (0.00%) Free: 918.11 MB (100.00%)
Storage '/' Usage Total: 9.30 GB Used: 2.17 GB (23.29%) Free: 7.14 GB (76.71%)
Storage '/boot' Usage Total: 949.66 MB Used: 213.65 MB (22.50%) Free: 736.01 MB (77.50%)
Storage '/run/user/1000' Usage Total: 183.62 MB Used: 0.00 B (0.00%) Free: 183.62 MB (100.00%)

 

Check the status of all processes excluding 'cbd'.

By overriding the --process-name option with the '^(?!cbd$)' filter, I ask to exclude all processes on my linux server containing the word 'cbd

-bash-4.2$ /usr/lib/centreon/plugins//centreon_linux_snmp.pl --plugin=os::linux::snmp::plugin --mode=processcount --hostname=10.25.5.88 --snmp-version='2c' --snmp-community='public'  --process-name='^(?!cbd$)' --process-path='' --process-args='' --regexp-name --regexp-path --regexp-args --warning='' --critical='1:' --cpu --memory --verbose

OK: Number of current processes running: 118 - Total memory usage: 1003.08 MB - Average memory usage: 8.50 MB - Total CPU usage: 0.75 % | 'nbproc'=118;;1:;0; 'mem_total'=1051803648B;;;0; 'mem_avg'=8913590.24B;;;0; 'cpu_total'=0.75%;;;0;
Process '33' [memory: 0.00 B] [cpu: 0.00 %] [status: runnable] [name: ksmd]
Process '32' [memory: 0.00 B] [cpu: 0.00 %] [status: runnable] [name: kswapd0]
Process '7887' [memory: 36.82 MB] [cpu: 0.00 %] [status: runnable] [name: gorgone-proxy]


 

We can resume the usage of exclusion search by referencing this options below:

Mode

Regexp Options Centreon-Plugins

Signification

Traffic

--interface='^(?!lo$)' --name

Excluding localhost interface

Disk

--storage='^(?!/var/)' --name --regexp

Excluding all /var/lib/* partitions. Example: /var/lib/centreon, /var/lib/centreon-broker, etc

Process

--process-name='^(?!cbd$)' --process-path='' --process-args='' --regexp-name --regexp-path --regexp-args

Excluding cbd process


 

 

To resume

We have seen through some examples, and explored the possibilities of using regexes in Centreon-Plugins options. We can resume differents bases and use case in this table as below:

Symbole

Signification

. + * ? ^ $ ( ) [ ] { } | \

These characters have special meaning in regex

.

Anyone character except newline

*

The preceding item will be matched zero or more times

?

The preceding item is optional and matched at most once (0 or 1 time)

|

This character is used to separate multiples possibilities

\

To match a character having special meaning in regex, you need to use a escape sequence prefix with a backslash

You also need to use regex \\ to match "\" (back-slash).

[]

Accept ANY ONE of the character within the square bracket


 

Examples

Signification

.*

Every characters

^word$

Search exact word resource

^word

Search all resource beginning by word

word$

Search all resource ending by word

^word|word1$

Search word and word1 resources

^(?!word$)

Exclude word resource

^(?!(word|word1)$)

Exclude word and word1 resources

 

Reminder of the Regexp characters used, to go further, do not hesitate to visit the Perl for Regexp website : https://perldoc.perl.org/perlre

 

Reminder for Traffic Mode

  1. The use of the 'interface' mode corresponds to the Traffic mode in Centreon. 

  2. It requires the use of the "--interface --name" options to use regular expressions.

The 'interface' mode help shows you the use of the regexp options seen earlier

/usr/lib/centreon/plugins//centreon_linux_snmp.pl --plugin=os::linux::snmp::plugin --mode=interfaces --help

--interface

            Set the interface (number expected) ex: 1,2,... (empty means

            'check all interface').

--name  Allows to use interface name with option --interface instead of

            interface oid index (Can be a regexp)

 

Reminder for Disk mode

  • The use of the storage mode corresponds to the Disk mode in Centreon. 

  • It requires the options "--storage --name --regexp" to use regular expressions.

The help of this mode allows to help you on the use of these options 

  -bash-4.2$ /usr/lib/centreon/plugins//centreon_linux_snmp.pl --plugin=os::linux::snmp::plugin --mode=storage --help

 --storage

            Set the storage (number expected) ex: 1, 2,... (empty means

            'check all storage').

 

    --name  Allows to use storage name with option --storage instead of

            storage oid index.

 

    --regexp

            Allows to use regexp to filter storage (with option --name).

 

Reminder for Process mode

  • The use of the processcount mode corresponds to the Process mode in Centreon. 

  • It requires at least the "--process-name --regexp-name" option and if necessary additional options "--process-path --process-args --regexp-path --regexp-args" to use regular expressions.

The help of this mode allows you to make the best use of all these options

-bash-4.2$ /usr/lib/centreon/plugins//centreon_linux_snmp.pl --plugin=os::linux::snmp::plugin --mode=processcount --help

 --process-name

            Filter process name.

 

    --regexp-name

            Allows to use regexp to filter process name (with option

            --process-name).

 

    --process-path

            Filter process path.

 

    --regexp-path

            Allows to use regexp to filter process path (with option

            --process-path).

 

    --process-args

            Filter process arguments.

 

    --regexp-args

            Allows to use regexp to filter process arguments (with option

            --process-args).

 

2 replies

sdouce
Userlevel 2
Badge +11

And for this case who does not work

--critical-status='%{status}!="~/WORD/i"'

 

I mean , that my check should return a CRITICAL when %{status} is strictly different than WORD.

 

Any Idea ?

sdouce
Userlevel 2
Badge +11

Ok i found it :

--critical-status= %{status} !~/^WORD$/i

Reply


Terms & ConditionsCookie settings