#!/usr/local/bin/perl
# checks udapps grouper status page
# 
# $Header: /home/doke/work/nagios/RCS/check_grouper,v 1.6 2017/04/05 15:12:14 doke Exp $


use strict;
use warnings;
no warnings 'uninitialized';
no warnings 'redefine';
use Getopt::Long qw(:config no_ignore_case);
use HTTP::Request;
use LWP::Simple;
use LWP::Protocol::http;
use LWP::UserAgent qw( ssl_opts );
use Date::Parse;
#use Data::Dumper;

use vars qw( $host $uri $user $password $help $verbose 
	@crits @warns @unknowns @oks $rc $sep $error_age );


# can't put the auth password in services.cfg because of the !

$host = 'myhost.mydomain.com';
$user = 'nagios-user-name';
$password = '***';
$uri = 'your grouper status uri';

$error_age = 3600;  # warn on errors within this many seconds of now



########################
sub usage() {
        my($rc) = @_;
        print "Usage: $0 [options] -H <host>
        -H s  hostname [$host]
	-u s  user [$user]
	-p s  password [$password]
	-U s  uri [$uri]
        -v    verbose
        -h    help
";
        exit $rc;

}


#######################

Getopt::Long::Configure ("bundling");
GetOptions(
    'H=s' => \$host,
    'u=s' => \$user, 
    'p=s' => \$password, 
    'U=s' => \$uri, 
    'v' => \$verbose, 
    'h' => \$help);

&usage( 0 ) if ( $help );
&usage( 1 ) if ( ! $host );

get_test_results();

$rc = 0;
$sep = '';
if ( $#crits >= 0 ) {
    $rc = 2;
    print "CRITICAL ", join( ", ", @crits );
    $sep = '; ';
    }
if ( $#warns >= 0 ) {
    $rc = 1 if ( $rc == 0 );
    print $sep, "Warning ", join( ", ", @warns );
    $sep = '; ';
    }
if ( $#unknowns >= 0 ) {
    $rc = 3 if ( $rc == 0 );
    print $sep, "Unknown ", join( ", ", @unknowns );
    $sep = '; ';
    }
if ( $rc == 0 || $verbose ) {
    print $sep, "Ok ", join( ", ", @oks );
    $sep = '; ';
    }
print "\n";
exit $rc;


########################

sub get_test_results {
    my( $url, $req, $ua, $res, $data, $line, $status, $appname, $details,
	$server, $version, $upsince, $requests, $errors, $elapsed,
	$error_date, $error_time );

    $url = "https://" . $host . $uri;

    @LWP::Protocol::http::EXTRA_SOCK_OPTS = ( SSL_verify_mode => 0 );

    $req = HTTP::Request->new( "GET", $url );;
    $req->protocol( 'HTTP/1.0' );  

    $ua = LWP::UserAgent->new;
    #$ua->ssl_opts( verify_hostname => 0 );
    #$ua->credentials( $host, $host, $user, $password );
    $ua->credentials( "$host:443", 'Limited Access Area - Admin', 
	$user, $password );

    $res = $ua->request($req);
    $verbose && print $res->headers_as_string, $res->decoded_content;
    if ($res->is_success) {
        $verbose && print $res->decoded_content;
        } 
    elsif ( $res->status_line =~ m/5\d\d Internal Server Error/i ) {
        push @crits, "got " . $res->status_line;
        }
    else {
        push @unknowns, "can't get '$url': " . $res->status_line;
        }

    $data = $res->decoded_content;

    if ( length $data < 2 ) { 
	push @unknowns, "no grouper status retrieved"; 
	return;
	}
    elsif ( $data =~ m/Unauthorized/i ) { 
	push @unknowns, "authentication failed"; 
	return;
	}

    $data =~ s/<\w+>/\n/g;
    $data =~ s/<\/\w+>/\n/g;
    $data =~ s/<\w+\s*\/>/\n/g;
    $data =~ s/[<>]/\n/g;

    $errors = 0;
    $error_date = '';
    $error_time = 0;
    foreach $_ ( split( m/\n/, $data ) ) {
	chomp;
	$verbose && print "<$_\n";
	
	if ( m%Grouper status (\S.*+)%i ) { 
	    $status = $1;
	    if ( $status eq 'SUCCESS' ) { 
		push @oks, "grouper status $status";
		}
	    else { 
		push @crits, "grouper status $status";
		}
	    }

	elsif ( m%Server: (\S+), grouperVersion: (\S+), up since: (\S.+), (\d+) requests%i ) { 
	    $server = $1;
	    $version = $2;
	    $upsince = $3;
	    $requests = $4;
	    push @oks, "server $server";
	    push @oks, "grouperVersion $version";
	    push @oks, "up since $upsince";
	    push @oks, "requests $requests";
	    }

	elsif ( m%^ (\S+) \s+ (\S+): \s* (\S.*) %ix ) { 
	    $status = $1;
	    $appname = $2;
	    $details = $3;
	    $verbose && print "$status, $appname, $details\n";

	    if ( $status ne 'SUCCESS' ) { 
		push @crits, "$status $appname: $details"; 
		}
	    }
	elsif ( m%Diagnostics errors since start: (\d+) \((.*) elapsed\)%i ) { 
	    $errors = $1;
	    $elapsed = $2;
	    $verbose && print "errors $errors, elapsed $elapsed\n";
	    }
	elsif ( m%Last diagnostics error date: (\S.*)%i ) {
	    $error_date = $1;
	    $error_time = str2time( $error_date );

	    $verbose && print "last error $error_date -> $error_time\n";

	    }
	elsif ( m%There was an error in%i ) { 
	    push @warns, $_;
	    }
	elsif ( m%Exception: Cant find a success since%i ) { 
	    push @warns, $_;
	    }
	elsif ( $verbose ) { 
	    print "can't parse '$_'\n";
	    }
	}

    if ( $errors == 0 ) { 
	push @oks, "diagnostic errors since start $errors"; 
	if ( $elapsed ) { 
	    push @oks, "$elapsed elapsed"; 
	    }
	}
    elsif ( $error_time > time() - $error_age ) { 
	push @warns, "diagnostic errors since start $errors, $elapsed elapsed"; 
	if ( $error_date ) { 
	    push @warns, "last error $error_date"; 
	    }
	}
    else { 
	push @oks, "diagnostic errors since start $errors, $elapsed elapsed"; 
	if ( $error_date ) { 
	    push @oks, "last error $error_date"; 
	    }
	}
    }