[Check_mk (english)] Blacklist check

All,

Check_mk Raw 1.4.0p23

I have written a shell script to check the following items and report back to the Check_mk master server. There is one “master” and several “slave” servers working properly via Distributed Monitoring.

Check Public dnsblacklist servers (such as zen.spamhaus.org and many others)

Check SPF record

Check DKIM record

Check DMARC record

Check DNS IP record

Each server to be checked is behind a firewall and has one NAT IP address and one Internal IP address. I have the agent installed and can check normal things via the agent on the Internal IP address. Since the public IP address is not on
the server I have to check the blacklist information in another way.

Each public DNS server record is setup on the check_mk master. Each unique hostname similar to (mail.server.com) more than 20 hostnames to be checked.

I have placed the shell script here /opt/omd/sites/master2/local/blcheck_cmk

I am using “Individual program call instead of agent access” to run this. blcheck_cmk $HOSTNAME$ (only for the folder that contains the hosts to be checked).

The check works properly if it is run manually via WATO. The check doesn’t change status when it is regularly scheduled. Even if a host becomes blacklisted.

Not sure what to change to get the status changed automatically.

Thanks, Greg

1 Like

Have you tried putting it in ~/local/bin/ ?

···

From: checkmk-en [mailto:checkmk-en-bounces@lists.mathias-kettner.de]
On Behalf Of Greg Rombeck
Sent: Tuesday, May 15, 2018 09:07
To: checkmk-en@lists.mathias-kettner.de
Subject: [Check_mk (english)] Blacklist check

All,

Check_mk Raw 1.4.0p23

I have written a shell script to check the following items and report back to the Check_mk master server. There is one “master” and several “slave” servers working properly via Distributed Monitoring.

Check Public dnsblacklist servers (such as zen.spamhaus.org and many others)

Check SPF record

Check DKIM record

Check DMARC record

Check DNS IP record

Each server to be checked is behind a firewall and has one NAT IP address and one Internal IP address. I have the agent installed and can check normal things via the agent on the Internal IP address. Since the public IP address is not on
the server I have to check the blacklist information in another way.

Each public DNS server record is setup on the check_mk master. Each unique hostname similar to (mail.server.com) more than 20 hostnames to be checked.

I have placed the shell script here /opt/omd/sites/master2/local/blcheck_cmk

I am using “Individual program call instead of agent access” to run this. blcheck_cmk $HOSTNAME$ (only for the folder that contains the hosts to be checked).

The check works properly if it is run manually via WATO. The check doesn’t change status when it is regularly scheduled. Even if a host becomes blacklisted.

Not sure what to change to get the status changed automatically.

Thanks, Greg


Warning:

  • This message contains confidential information and is intended only for the individual named. Please discard the email immediately and notify the sender if you received
    this email in error.*

Spencer,

Sorry typo on the path. The script is located in ~/local/bin (/opt/omd/sites/master2/local/bin/blcheck_cmk).

···

Thanks, Greg

From: Spencer Butler [mailto:spencerb@honeycomb.net]
Sent: Tuesday, May 15, 2018 8:17 AM
To: Greg Rombeck grombeck@ssgcorp.com; checkmk-en@lists.mathias-kettner.de
Subject: RE: Blacklist check

Have you tried putting it in ~/local/bin/ ?

From: checkmk-en [mailto:checkmk-en-bounces@lists.mathias-kettner.de]
On Behalf Of Greg Rombeck
Sent: Tuesday, May 15, 2018 09:07
To: checkmk-en@lists.mathias-kettner.de
Subject: [Check_mk (english)] Blacklist check

All,

Check_mk Raw 1.4.0p23

I have written a shell script to check the following items and report back to the Check_mk master server. There is one “master” and several “slave” servers working properly via Distributed Monitoring.

Check Public dnsblacklist servers (such as zen.spamhaus.org and many others)

Check SPF record

Check DKIM record

Check DMARC record

Check DNS IP record

Each server to be checked is behind a firewall and has one NAT IP address and one Internal IP address. I have the agent installed and can check normal things via the agent on the Internal IP address. Since the public IP address is not on
the server I have to check the blacklist information in another way.

Each public DNS server record is setup on the check_mk master. Each unique hostname similar to (mail.server.com) more than 20 hostnames to be checked.

I have placed the shell script here /opt/omd/sites/master2/local/blcheck_cmk

I am using “Individual program call instead of agent access” to run this. blcheck_cmk $HOSTNAME$ (only for the folder that contains the hosts to be checked).

The check works properly if it is run manually via WATO. The check doesn’t change status when it is regularly scheduled. Even if a host becomes blacklisted.

Not sure what to change to get the status changed automatically.

Thanks, Greg


Warning:

  • This message contains confidential information and is intended only for the individual named. Please discard the email immediately and notify the sender if you received this
    email in error.*