280 lines
11 KiB
PHP
Executable File
280 lines
11 KiB
PHP
Executable File
#!/usr/bin/env php
|
|
<?php
|
|
/**
|
|
* Observium
|
|
*
|
|
* This file is part of Observium.
|
|
*
|
|
* @package observium
|
|
* @subpackage cli
|
|
* @copyright (C) 2006-2013 Adam Armstrong, (C) 2013-2023 Observium Limited
|
|
*
|
|
*/
|
|
|
|
/// FIXME. This is mostly DERP arguments parsing, new cmd will be soon
|
|
|
|
chdir(dirname($argv[0]));
|
|
|
|
$options = getopt("dhpt");
|
|
if (isset($options['d'])) {
|
|
array_shift($argv);
|
|
}
|
|
|
|
include("includes/observium.inc.php");
|
|
include("includes/discovery/functions.inc.php");
|
|
|
|
print_message("%g" . OBSERVIUM_PRODUCT . " " . OBSERVIUM_VERSION . "\n%WAdd Device(s)%n\n", 'color');
|
|
|
|
if (OBS_DEBUG) {
|
|
print_versions();
|
|
}
|
|
|
|
if (isset($options['h'])) {
|
|
print_help(OBS_SCRIPT_NAME);
|
|
exit;
|
|
}
|
|
|
|
$snmp_options = [];
|
|
// Just test, do not add device
|
|
if (isset($options['t'])) {
|
|
$snmp_options['test'] = TRUE;
|
|
array_shift($argv);
|
|
}
|
|
// Add skip pingable checks if argument -p passed
|
|
if (isset($options['p'])) {
|
|
$snmp_options['ping_skip'] = 1;
|
|
array_shift($argv);
|
|
}
|
|
|
|
$added = 0;
|
|
|
|
if (!empty($argv[1])) {
|
|
$add_array = [];
|
|
if (is_file($argv[1])) {
|
|
// Parse file into array with devices to add
|
|
foreach (new SplFileObject($argv[1]) as $line) {
|
|
$d = preg_split('/\s/', $line, -1, PREG_SPLIT_NO_EMPTY);
|
|
if (empty($d) || strpos(reset($d), '#') === 0) {
|
|
continue;
|
|
}
|
|
$add_array[] = $d;
|
|
}
|
|
} else {
|
|
$add_array[0] = $argv;
|
|
array_shift($add_array[0]);
|
|
}
|
|
|
|
// Save base SNMP v3 credentials and v2c/v1 community
|
|
$snmp_config_v3 = $config['snmp']['v3'];
|
|
$snmp_config_community = $config['snmp']['community'];
|
|
|
|
foreach ($add_array as $add) {
|
|
$hostname = strtolower($add[0]);
|
|
$snmp_community = $add[1];
|
|
$snmp_version = strtolower($add[2]);
|
|
|
|
$snmp_port = 161;
|
|
if (str_contains($hostname, ':') && get_ip_version($hostname) !== 6) {
|
|
// Allow pass common hostname:port
|
|
[$host_tmp, $port_tmp] = explode(':', $hostname, 2);
|
|
if (is_valid_param($port_tmp, 'port')) {
|
|
$hostname = $host_tmp;
|
|
$snmp_port = $port_tmp;
|
|
}
|
|
unset($host_tmp, $port_tmp);
|
|
}
|
|
$snmp_transport = 'udp';
|
|
|
|
if ($snmp_version === "v3") {
|
|
$config['snmp']['v3'] = $snmp_config_v3; // Restore base SNMP v3 credentials
|
|
$snmp_v3_seclevel = $snmp_community;
|
|
|
|
// These values are the same as in defaults.inc.php
|
|
$snmp_v3_auth = [
|
|
'authlevel' => "noAuthNoPriv",
|
|
'authname' => "observium",
|
|
'authpass' => "",
|
|
'authalgo' => "MD5",
|
|
'cryptopass' => "",
|
|
'cryptoalgo' => "AES"
|
|
];
|
|
|
|
$add_context = FALSE; // Derp, last arg after transport is context
|
|
if ($snmp_v3_seclevel === "nanp" || $snmp_v3_seclevel === "any" || $snmp_v3_seclevel === "noAuthNoPriv") {
|
|
$snmp_v3_auth['authlevel'] = "noAuthNoPriv";
|
|
$snmp_v3_args = array_slice($add, 3);
|
|
|
|
while ($arg = array_shift($snmp_v3_args)) {
|
|
// parse all remaining args
|
|
if (is_valid_param($arg, 'port')) {
|
|
$snmp_port = $arg;
|
|
} elseif (preg_match('/^(' . implode("|", $config['snmp']['transports']) . ')$/', $arg)) {
|
|
$snmp_transport = $arg;
|
|
$add_context = TRUE; // Derp, last arg after transport is context
|
|
} elseif ($add_context && strlen($arg)) {
|
|
$snmp_context = $arg;
|
|
break;
|
|
} else {
|
|
// FIXME: should add a sanity check of chars allowed in user
|
|
$user = $arg;
|
|
}
|
|
}
|
|
|
|
if ($snmp_v3_seclevel !== "any") {
|
|
$config['snmp']['v3'] = [$snmp_v3_auth];
|
|
}
|
|
} elseif ($snmp_v3_seclevel === "anp" || $snmp_v3_seclevel === "authNoPriv") {
|
|
|
|
$snmp_v3_auth['authlevel'] = "authNoPriv";
|
|
$snmp_v3_args = array_slice($argv, 4);
|
|
$snmp_v3_auth['authname'] = array_shift($snmp_v3_args);
|
|
$snmp_v3_auth['authpass'] = array_shift($snmp_v3_args);
|
|
|
|
while ($arg = array_shift($snmp_v3_args)) {
|
|
// parse all remaining args
|
|
if (is_valid_param($arg, 'port')) {
|
|
$snmp_port = $arg;
|
|
} elseif (preg_match('/^(' . implode("|", $config['snmp']['transports']) . ')$/i', $arg)) {
|
|
$snmp_transport = $arg;
|
|
$add_context = TRUE; // Derp, last arg after transport is context
|
|
} elseif (is_valid_param($arg, 'snmp_authalgo')) {
|
|
$snmp_v3_auth['authalgo'] = $arg;
|
|
} elseif ($add_context && strlen($arg)) {
|
|
$snmp_context = $arg;
|
|
break;
|
|
}
|
|
}
|
|
|
|
$config['snmp']['v3'] = [$snmp_v3_auth];
|
|
} elseif ($snmp_v3_seclevel === "ap" || $snmp_v3_seclevel === "authPriv") {
|
|
$snmp_v3_auth['authlevel'] = "authPriv";
|
|
$snmp_v3_args = array_slice($argv, 4);
|
|
$snmp_v3_auth['authname'] = array_shift($snmp_v3_args);
|
|
$snmp_v3_auth['authpass'] = array_shift($snmp_v3_args);
|
|
$snmp_v3_auth['cryptopass'] = array_shift($snmp_v3_args);
|
|
|
|
while ($arg = array_shift($snmp_v3_args)) {
|
|
// parse all remaining args
|
|
if (is_valid_param($arg, 'port')) {
|
|
$snmp_port = $arg;
|
|
} elseif (preg_match('/^(' . implode("|", $config['snmp']['transports']) . ')$/i', $arg)) {
|
|
$snmp_transport = $arg;
|
|
$add_context = TRUE; // Derp, last arg after transport is context
|
|
} elseif (is_valid_param($arg, 'snmp_authalgo')) {
|
|
$snmp_v3_auth['authalgo'] = $arg;
|
|
} elseif (is_valid_param($arg, 'snmp_cryptoalgo')) {
|
|
$snmp_v3_auth['cryptoalgo'] = $arg;
|
|
} elseif ($add_context && strlen($arg)) {
|
|
$snmp_context = $arg;
|
|
break;
|
|
}
|
|
}
|
|
|
|
$config['snmp']['v3'] = [$snmp_v3_auth];
|
|
}
|
|
//print_debug_vars($snmp_v3_auth);
|
|
//print_debug_vars($config['snmp']['v3']);
|
|
} else {
|
|
// v1 or v2c
|
|
$snmp_v2_args = array_slice($argv, 2);
|
|
|
|
$add_context = FALSE; // Derp, last arg after transport is context
|
|
while ($arg = array_shift($snmp_v2_args)) {
|
|
// parse all remaining args
|
|
if (is_valid_param($arg, 'port')) {
|
|
$snmp_port = $arg;
|
|
} elseif (preg_match('/(' . implode("|", $config['snmp']['transports']) . ')/i', $arg)) {
|
|
$snmp_transport = $arg;
|
|
$add_context = TRUE; // Derp, last arg after transport is context
|
|
} elseif (preg_match('/^(v1|v2c)$/i', $arg)) {
|
|
$snmp_version = $arg;
|
|
} elseif ($add_context && strlen($arg)) {
|
|
$snmp_context = $arg;
|
|
break;
|
|
}
|
|
}
|
|
|
|
$config['snmp']['community'] = ($snmp_community ? [$snmp_community] : $snmp_config_community);
|
|
}
|
|
|
|
// Add snmp context to params
|
|
if (isset($snmp_context)) {
|
|
$snmp_options['snmp_context'] = $snmp_context;
|
|
unset($snmp_context);
|
|
}
|
|
|
|
print_message("Try to add $hostname:");
|
|
if (in_array($snmp_version, ['v1', 'v2c', 'v3'])) {
|
|
// If snmp version passed in arguments, then use the exact version
|
|
$device_id = add_device($hostname, $snmp_version, $snmp_port, $snmp_transport, $snmp_options);
|
|
} else {
|
|
// If snmp version unknown check all possible snmp versions and auth options
|
|
$device_id = add_device($hostname, NULL, $snmp_port, $snmp_transport, $snmp_options);
|
|
}
|
|
|
|
if ($device_id) {
|
|
if (!isset($options['t'])) {
|
|
$device = device_by_id_cache($device_id);
|
|
print_success("Added device " . $device['hostname'] . " (" . $device_id . ").");
|
|
} // Else this is device testing, success message already written by add_device()
|
|
$added++;
|
|
}
|
|
}
|
|
}
|
|
|
|
$count = safe_count($add_array);
|
|
$failed = $count - $added;
|
|
if ($added) {
|
|
print_message("\nDevices success: $added.");
|
|
if ($failed) {
|
|
print_message("Devices failed: $failed.");
|
|
}
|
|
} else {
|
|
if ($count) {
|
|
print_message("Devices failed: $failed.");
|
|
}
|
|
print_help(OBS_SCRIPT_NAME);
|
|
}
|
|
|
|
function print_help($scriptname)
|
|
{
|
|
global $config;
|
|
|
|
$snmp_version = get_versions('snmp');
|
|
if (version_compare($snmp_version, '5.8', '<')) {
|
|
$snmpv3_auth = '[md5|sha]';
|
|
$snmpv3_crypto = '[des|aes]';
|
|
} else {
|
|
$snmpv3_auth = '[md5|sha|sha-224|sha-256|sha-384|sha-512]';
|
|
$snmpv3_crypto = '[des|aes|aes-192|aes-192-c|aes-256|aes-256-c]';
|
|
}
|
|
$snmp_transports = '[' . implode("|", $config['snmp']['transports']) . ']';
|
|
print_message("%n
|
|
USAGE:
|
|
$scriptname <hostname> [community] [v1|v2c] [port] $snmp_transports
|
|
$scriptname <hostname> [any|nanp|anp|ap] [v3] [user] [password] [enckey] $snmpv3_auth $snmpv3_crypto [port] $snmp_transports
|
|
$scriptname <filename>
|
|
|
|
EXAMPLE:
|
|
%WSNMPv1/2c%n: $scriptname <%Whostname%n> [community] [v1|v2c] [port] $snmp_transports [context]
|
|
%WSNMPv3%n : Defaults : $scriptname <%Whostname%n> any v3 [user] [port] $snmp_transports [context]
|
|
No Auth, No Priv : $scriptname <%Whostname%n> nanp v3 [user] [port] $snmp_transports [context]
|
|
Auth, No Priv : $scriptname <%Whostname%n> anp v3 <user> <password> $snmpv3_auth [port] $snmp_transports [context]
|
|
Auth, Priv : $scriptname <%Whostname%n> ap v3 <user> <password> <enckey> $snmpv3_auth $snmpv3_crypto [port] $snmp_transports [context]
|
|
%WFILE%n : $scriptname <%Wfilename%n>
|
|
|
|
ADD FROM FILE:
|
|
To add multiple devices, create a file in which each line contains one device with or without options.
|
|
Format for device options, the same as specified in USAGE.
|
|
|
|
OPTIONS:
|
|
-p Skip icmp echo checks, device added only by SNMP checks
|
|
|
|
DEBUGGING OPTIONS:
|
|
-d Enable debugging output.
|
|
-dd More verbose debugging output.
|
|
-t Do not add device(s), only test auth options.", 'color', FALSE);
|
|
}
|
|
|
|
// EOF
|