nagios_check_cron_changes

#!/bin/bash

# Dit script checkt of de crontab op een machine veranderd is.
# we doen een crontab -l , redirecten dit naar een file en diffen deze met een statefile.
# de check is te resetten door de statefile /var/tmp/croncheck-${HOST}.old te verwijderen. de check zal dan zelf opnieuw de info gatheren.

 # GLOBAL VARIABLES:

  PATH='/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin'
  SCRIPT_PATH="${0}"
  STATE_OK=0
  STATE_WARNING=1
  STATE_CRITICAL=2
  STATE_UNKNOWN=3


  # Functions:

  # The main function.
  function fMain()
{
  local DATE=`date '+%Y%m%d'`
  local USER="nagios"
  local HOST=${1}
  local SSH="ssh -i /home/nagios/.ssh/id_rsa"

  # Check whether any arguments are given:
  if [ ${#} -eq 0 ]
  then
    fShowUsage
    exit "${STATE_UNKNOWN}"
  fi

  if [ -z "${HOST}" ]
  then
    fShowUsage
    exit "${STATE_UNKNOWN}"
  fi

  # Check whether we have SSH access:
  if ( ! ${SSH} -o 'BatchMode yes' -qq "${USER}@${HOST}" exit 0 )
  then
    echo "No SSH access to host \"${HOST}\"."
    exit "${STATE_UNKNOWN}"
  fi

 #check state file
  if [ ! -e /var/tmp/croncheck-${HOST}.old ]
  then
    fCheckReset
    echo "WARNING - check has been reset - a new error state file is created "
    exit "${STATE_WARNING}"
  fi

  # Gather the crontab information:
  ${SSH} ${USER}@${HOST} sudo crontab -l |grep -Ev '(^#|^$|PATH|MAILTO)' > /var/tmp/croncheck-${HOST}.tmp

  # check exit code:
   if [ ${?} != 0 ]
    then
      echo "Bark Bark! information gathering went wrong, script went haywire"
      exit "${STATE_CRITICAL}"
    fi

  # count total cron entries:
  TOTAL="$(cat /var/tmp/croncheck-${HOST}.tmp |wc -l)"

  # define difference, separate timing from cron command and define changed command, replace diff <|> with nice info
  DIFFS="$( diff "/var/tmp/croncheck-${HOST}.tmp" "/var/tmp/croncheck-${HOST}.old" |grep -E '(<|>)' | sed -re 's/([0-9*/,-]+[\t ]+){5}//' \
  |while read line; do echo "\"$line\" "; done   |sed -e 's/">/"missing cron job:/g;s/"</"new cron job:/g' )"

  # remove old tmp file
  if [ -e /var/tmp/croncheck-${HOST}.tmp ]
   then
      rm /var/tmp/croncheck-${HOST}.tmp
  fi

  # make results
  if [ -z "${DIFFS}" ]
  then
     echo "ALL OK: \"${TOTAL}\" known crontab jobs on \"${HOST}\" are active "
     exit ${STATE_OK}
  else
     echo "CRITICAL - crontab on \"${HOST}\" has changed "
     echo "${DIFFS}"
     exit ${STATE_CRITICAL}
   fi

  return "${?}"
}

# Shows usage.
function fShowUsage()
{
  echo "Bark Bark! script went haywire"
  echo "Usage: ${SCRIPT_PATH} <IP address>"
  return 0
}

# resets
function fCheckReset()
{

 # Reset state old file
  if [ ! -e /var/tmp/croncheck-${HOST}.old ]
     then
       touch /var/tmp/croncheck-${HOST}.old
       ${SSH} ${USER}@${HOST} sudo crontab -l |grep -Ev '(^#|^$|PATH|MAILTO)' > /var/tmp/croncheck-${HOST}.old
  fi

  # remove old tmp file
  if [ -e /var/tmp/croncheck-${HOST}.tmp ]
   then
      rm /var/tmp/croncheck-${HOST}.tmp
  fi

  return 0
}


# Start the program:
fMain "${@}"

# Exit with previous return code:
exit "${?}"