Internet Storm Center Infocon Status in Nagios

Save the following script in your libexec folder in nagios

<?php
$fp = fsockopen("isc.sans.org", 80, $errno, $errstr, 30);
if (!$fp) {
echo "Infocon Security Status: $data"; exit(3);
} else {
$out = "GET /infocon.txt HTTP/1.1\r\n";
$out .= "Host: isc.sans.org\r\n";
$out .= "Connection: Close\r\n\r\n";
fwrite($fp, $out);
while (!feof($fp)) {
$data = fgets($fp, 128);
}
fclose($fp);
}
if ($data == "green") { echo "Infocon Security Status: $data"; exit(0); }
if ($data == "yellow") { echo "Infocon Security Status: $data"; exit(1); }
if ($data == "orange") { echo "Infocon Security Status: $data"; exit(2); }
if ($data == "red") { echo "Infocon Security Status: $data"; exit(2); }
?>

Then add the following to your commands.cfg

define command{
command_name    check_sans
command_line    php $USER1$/check_sans.php
}

 

you can then add the command to your nagios. if the current status is green then nagios will report OK. If its yellow it will report Warning and if Orange or Red nagios will report Critical.

 

Comments are closed.

bleak
bleak
bleak
bleak