OPNSense Firmware Check

katamadone · November 19, 2021, 1:38pm

Result could be like that - but on checkmk host itself

Prepare OPNsense

Create API Keys under the user
Create CRON to check for firmware updates

Prepare Checkmk
install jq

/usr/lib/check_mk_agent/local/omd_runner.sh

#!/bin/bash
runuser -l ***CHECKMKINSTANCE*** -c 'bash /usr/lib/check_mk_agent/local/lq_localcheck.sh'

Script itself

#!/bin/bash
#needs jq "yum install jq"
#https://www.predic8.de/jq-json-kommandozeile.htm
#https://jqplay.org/
#https://jsonformatter.org/json-parser

NAME="OPNSense"
key=" ***created key**** "
secret=" ***created secret*** "
firmwarestatusURL="https:// ***ipandporttoopensense*** /api/core/firmware/status"

RESULT=$(curl -s -k -u $key:$secret $firmwarestatusURL)


#echo $RESULT

COUNTUPDATES=$(echo $RESULT | jq '.upgrade_packages | length')
NAMEUPDATES=$(echo $RESULT | jq -r '[.upgrade_packages[].new_version] | join(", ")')
MESSAGE=$(echo $RESULT | jq -r '.status_msg')

        if (($COUNTUPDATES < 1));
        then
                STATE="0"
        else
                STATE="1"
        fi

echo "$STATE $NAME - $MESSAGE $NAMEUPDATES"

List item