checkmk-plugins/check_mk-cisco_gdoi/local/lib/check_mk/base/plugins/agent_based/cisco_gdoi.py

#!/usr/bin/env python3
#
# More information about this Cisco system:
# https://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_getvpn/configuration/15-2mt/sec-get-vpn.html
#

from dataclasses import dataclass
from typing import Dict, List

from cmk.base.plugins.agent_based.agent_based_api.v1 import (
    register,
    Service,
    Result,
    State,
    SNMPTree,
    contains,
    OIDEnd,
)

@dataclass
class Section:
    kek_info: dict

def chars_to_ip_addr(chars):
    return ".".join(map(lambda c: str(ord(c)), [*chars]))

conversions = {
    "1": "using",
    "2": "new",
    "3": "old",
}

# SNMP parsing function
def parse_cisco_gdoi(string_table):
    def parse(data):
        lookup = {}

        for val in data:
            ip = chars_to_ip_addr(val[0])
            remaining = int(val[1])
            state = conversions[val[2]]

            lookup.setdefault(ip, {})
            lookup[ip][state] = remaining

        return lookup

    if string_table == [[]]:
        return

    return Section(
        kek_info=parse(string_table[0]),
    )

# Inventory function, returning inventory based upon SNMP parsed result above
def discovery_cisco_gdoi(section):
    yield Service(item="Keyservers", parameters=section.kek_info)

# Check function, returning ok/crit based upon SNMP parsed result above
def check_cisco_gdoi(item, params, section):
    state = params
    registered = False

    for ip, state in params.items():
        in_use = state.get("using")

        if in_use > 0:
            registered = True
            yield Result(state=State.OK, summary="Registered, using KEK from " + ip)

    if not registered:
        yield Result(state=State.CRIT, summary="Unregistered")

register.snmp_section(
    name="cisco_gdoi",
    parse_function=parse_cisco_gdoi,
    fetch=[
       SNMPTree(
            # ciscoGdoiMIB::cgmGdoiGmKekRemainingLifetime
            base=".1.3.6.1.4.1.9.9.759.1.3.2.1",
            oids=[
                "5",  # cgmGdoiGmKekSrcIdValue
                "20", # cgmGdoiGmKekRemainingLifetime
                "21", # cgmGdoiGmKekStatus
            ]
        ),
    ],
    detect=contains(".1.3.6.1.2.1.1.1.0", "Cisco"),
)

register.check_plugin(
    name="cisco_gdoi",
    service_name="Cisco GDOI %s",
    discovery_function=discovery_cisco_gdoi,
    check_function=check_cisco_gdoi,
    check_default_parameters={},
    check_ruleset_name="cisco_gdoi",
)