ubuntu – sjekke oppdateringer i zabbix

Dette kan enkelt overvåkes i zabbix

Opprett fil /etc/zabbix/zabbix_agentd.conf.d/apt.conf på klient:

# Find number of updates, ubuntu
UserParameter=apt.security,/usr/lib/update-notifier/apt-check 2>&1 | cut -f2 -d";"
UserParameter=apt.updates,/usr/lib/update-notifier/apt-check 2>&1 | cut -f1 -d";"
UserParameter=ubuntu.reboot-required,test -f /var/run/reboot-required && echo 1 || echo 0
UserParameter=ubuntu.reboot-required-age,test -f /var/run/reboot-required && echo $(( `date +%s` - `stat -c%Y /var/run/reboot-required`)) || echo 0

På zabbix-server

  1. lag en template, Ubuntu Template
  2. Lag item Ubuntu reboot required. Type: Zabbix agent, Key: ubuntu.reboot-required, Type of information: Numeric (unsigned), Units: boolean, Update interval: 5m…
  3. Lag item Ubuntu security updates, som over men Key: apt.security
  4. Lag item Ubuntu updates, som over men Key: apt.updates
  5. Lag item Ubuntu reboot required file age, Type: Zabbix agent, Key: ubuntu.reboot-required-age, Type of information: Numeric (unsigned), Units: seconds, Update interval: 5m…
  6. Lag trigger Available security updates on {HOST.NAME}, Expression: {Ubuntu Template:system.run[«/usr/lib/update-notifier/apt-check 2>&1 | cut -f2 -d’;'»].avg(6h)}>=1 and {Ubuntu Template:system.run[«/usr/lib/update-notifier/apt-check 2>&1 | cut -f2 -d’;'»].last()}>0
    eller
    {Ubuntu Template:apt.security.last()}>0
  7. Lag trigger Available updates on {HOST.NAME} high, Expression: {Ubuntu Template:apt.updates.last()}>35
  8. Lag trigger Reboot required, Expression: {Ubuntu Template:ubuntu.reboot-required-age.last()}>0
  9. Lag trigger Reboot required long time ago, Expression:  {Ubuntu Template:ubuntu.reboot-required-age.last()}>604800

Ubuntu – hvor «viktig» er reboot

Her er et skript som returnerer alvorlighetsgrad av ev. reboot

#! /bin/bash
#
# check if reboot is required, and if how important it is
#
# can be:
# - low
# - medium
# - high
# - emergency
# - critical
#

# reboot required?
# if yes, return packages updated
pkgs=$(test -f /var/run/reboot-required.pkgs && cat /var/run/reboot-required.pkgs)

if [ "$pkgs" != "" ]; then
   urgencies=$(for pkg in $pkgs; do apt-get changelog $pkg | grep -ioP '(?<=[Uu]rgency[=:])\w*' ; done | sort -u)

   urgency=""
   for t in $urgencies
   do
      if [[ $t == critical ]]; then
         urgency=$t
         break
      elif [[ $t == emergency ]]; then
         urgency=$t
      elif [[ $t == high ]] && \
           [[ $urgency != emergency ]]; then
         urgency=$t
      elif [[ $t == medium ]] && \
           [[ $urgency != emergency ]] && \
           [[ $urgency != high ]]; then
         urgency=$t
      elif [[ $t == low ]] && \
           [[ $urgency != emergency ]] && \
           [[ $urgency != high ]] && \
           [[ $urgency != medium ]]; then
         urgency=$t
      fi
   done
   echo $urgency
fi

Skriptet kan f.eks brukes i zabbix