TheGeekery

The Usual Tech Ramblings

Nagios, and Monitoring WHOIS

One of the LinkedIn groups, Nagios related, I am on recently had a discussion about monitoring WHOIS servers, and checking for a certain response. This is just a small exercise in some simple bash scripting, reading input, output, and passing exit results.

Nagios has some pretty easy specifications when it comes to rolling your own plugin. The most important part is the exit codes.

0	OK
1	WARNING
2	CRITICAL
3	UNKNOWN

Fairly simple. So if you passed the exit code 1 to Nagios, it’d consider the service/host to be in a warning state. With that in mind, I decided 2 should occur if the service was unreachable, 1 if the string was missing, and 0 if all was OK.

The basic order of code is to get the data from the WHOIS server, scan the results for a string, and return the data overall outcome. The below code, rough around the edges, is below.

#!/bin/sh

WHOIS="/usr/bin/whois"
GREP="/bin/grep"
WC="/usr/bin/wc"

W_HOST=$1
D_LOOK=$2
S_MATCH=$3

R_OUT=`${WHOIS} -h ${W_HOST} ${D_LOOK} 2>/dev/null`

if [ $? -ne 0 ];
then
  echo "WHOIS server '${W_HOST}' did not respond"
  exit 2
fi

L_CNT=`echo ${R_OUT} | ${GREP} ${S_MATCH} | ${WC} -l`

if [ ${L_CNT} -eq 0 ];
then
  echo "WHOIS server '${W_HOST}' did not return a match on ${D_LOOKUP}"
  exit 1
else
  echo "OK - Found ${L_CNT} match"
  exit 0
fi

Because the Nagios daemon usually doesn’t setup any environmental variables (PATH specifically), I map out the paths to the binaries I need on lines 3-5. Lines 7-9 fetch command line arguments. Before this point, I should probably validate the calls to the script to make sure the user passed in the right arguments. W_HOST is the hostname of the WHOIS server to be queried, D_LOOK *is the domain to search for, and *S_MATCH is the string to search for.

To execute the script, it’d simply be something like this:

./check_whois whois.internic.net google.com GOOGLE

If successful, as the above case will be, you should get something like this:

OK – Found 1 match

Otherwise you’d get an error telling you the string wasn’t found, or the server didn’t respond.

Comments