check_openmanage man page

check_openmanage — Nagios plugin for checking the hardware status on Dell servers running OpenManage

Synopsis

check_openmanage [option...]

check_openmanage -H hostname [option...]

Description

check_openmanage is a plugin for Nagios which checks the hardware health of Dell servers running OpenManage Server Administrator (OMSA). The plugin checks the health of the storage subsystem, power supplies, memory modules, temperature probes etc., and gives an alert if any of the components are faulty or operate outside normal parameters.

check_openmanage is designed to be used by either locally (using NRPE or similar) or remotely (using SNMP). In either mode, the output is (nearly) the same. Note that checking the alert log is not supported in SNMP mode.

General Options

-f, --config file

Specify a configuration file. For reference on the config file syntax and options, consult the check_openmanage.conf(5) manual page.

-t, --timeout seconds

The number of seconds after which the plugin will abort. Default timeout is 30 seconds if the option is not present.

-p, --perfdata [argument]

Collect performance data. Performance data collected include temperatures (in Celsius) and fan speeds (in rpm). On systems that support it, power consumption is also collected (in Watts). This option takes one of two arguments, both of which are optional:

minimal
If minimal is specified as argument, the plugin will use shorter names for the performance data labels, e.g. “t0” instead of “temp_0_system_board_ambient”. This can be used as a workaround in cases where the plugin output needs shortening, for example if the 1024 character limit of NRPE is reached.

multiline
If multiline is specified as argument, the plugin will output the performance data on multiple lines, for Nagios 3.x and above.

The default behaviour should be sufficient for most users.

--legacy-perfdata

With version 3.7.0, performance data output changed. The new format is not compatible with the old format. Users who wish to postpone switching to the new performance data API may set this option.

-w, --warning string | file

Override the machine-default temperature warning thresholds. Syntax is:

id1=max[/min],id2=max[/min],...

The following example sets warning limits to max 50C for probe 0, and max 45C and min 10C for probe 1:

check_openmanage -w 0=50,1=45/10

The minimum limit can be omitted, if desired. Most often, you are only interested in setting the maximum thresholds.

This parameter can be either a string with the limits, or a file containing the limits string. The option can be specified multiple times.

NOTE: This option should only be used to narrow the field of OK temperatures wrt. the OMSA defaults. To expand the field of OK temperatures, increase the OMSA thresholds. See the plugin web page for more information.

-c, --critical string | file

Override the machine-default temperature critical thresholds. Syntax and behaviour is the same as for warning thresholds described above.

-F, --fahrenheit

Set Fahrenheit as unit for all temperatures. This option will override the --tempunit option, if used simultaneously.

--tempunit unit

Set temperature unit. Legal values are:

F: Fahrenheit

C: Celsius

K: Kelvin

R: Rankine

Default: C

--omreport path

Specify full path to omreport, if it is not installed in any of the regular places. Usually this option is only needed on Windows, if omreport is not installed on the C: drive.

--vdisk-critical

Make any alerts concerning virtual disks appear as critical.

-d, --debug

Debug output. Will report status on everything, even if status is ok. Blacklisted or unchecked components are ignored (i.e. no output).

NOTE: This option is intended for diagnostics and debugging purposes only. Do not use this option from within Nagios, i.e. in the Nagios config.

-h, --help

Display help message and exit.

-V, --version

Print version info and exit.

Output Options

-o, --ok-info level

This option lets you define how much output you want the plugin to give when everything is OK, i.e. the verbosity level. The default value is 0 (one line of output). The output levels are cumulative.

0: Only one line

1: BIOS and firmware info on a separate line

2: Storage controller and enclosure info on separate lines

3: OMSA version on separate line

Default: 0

The reason that OMSA version is separated from the rest is that finding it requires running a really slow omreport command, when the plugin is run locally via NRPE.

-B, --show-blacklist

If used together with blacklisting, this option will make the plugin output all blacklistings that are being used. The output will have the correct blacklisting syntax, and will make it easy to maintain control over which blacklistings that are used for each server, as any blacklistings can be viewed from Nagios.

When blacklisting is not used, this option has no effect.

-i, --info

Prefix any alerts with the service tag.

-e, --extinfo

Display a short summary of system information (model and service tag) in case of an alert.

-I, --htmlinfo [code]

Using this option will make the servicetag and model name into clickable HTML links in the output. The model name link will point to the official Dell documentation for that model, while the servicetag link will point to a website containing support info for that particular server.

This option takes an optional argument, which should be a country or area code or. If the country code is omitted the servicetag link will still work, but it will not be speficic for your country or area. Example for Germany:

check_openmanage --htmlinfo de

If this option is used together with either the --extinfo or --info options, it is particularly useful. Only the most common country codes is supported at this time:

Europe, Middle East and Africa (EMEA)
at: Austriabe: Belgiumcz: Czech Republic
de: Germanydk: Denmarkes: Spain
fi: Finlandfr: Francegr: Greece
it: Italyil: Israelme: Middle East
no: Norwaynl: The Netherlandspl: Poland
pt: Portugalru: Russiase: Sweden
uk: United Kingdomza: South Africa
America
br: Brazilca: Canadamx: Mexico
us: USA
Asia / Pacific
au: Australiacn: Chinain: India
jp: Japan

--postmsg string | file

User specified post message. Useful for displaying arbitrary or various system information at the end of alerts. The argument is either a string with the message, or a file containing that string. You can control the format with the following interpreted sequences:

%m: System model

%s: Service tag

%b: BIOS version

%d: BIOS release date

%o: Operating system name

%r: Operating system release

%p: Number of physical drives

%l: Number of logical drives

%n: Line break. Will be a regular line break if run from a TTY, else an HTML line break.

%%: A literal “%”

-s, --state

Prefix each alert with its corresponding service state (i.e. warning, critical etc.). This is useful in case of several alerts from the same monitored system.

-S, --short-state

Same as the --state option above, except that the state is abbreviated to a single letter (W=warning, C=critical etc.).

--hide-servicetag

This option will replace the servicetag (serial number) in the output with “XXXXXXX”. Use this option to suppress or censor the servicetag in the plugin output.

--linebreak string

check_openmanage will sometimes report more than one line, e.g. if there are several alerts. If the script has a TTY, it will use regular linebreaks. If not (which is the case with NRPE) it will use HTML linebreaks. Sometimes it can be useful to control what the plugin uses as a line separator, and this option provides that control.

The argument is the exact string to be used as the line separator. There are two exceptions, i.e. two keywords that translates to the following:

REG: Regular linebreaks, i.e. “\n”.

HTML: HTML linebreaks, i.e. “<br/>”.

This is a rather special option that is normally not needed. The default behaviour should be sufficient for most users.

SNMP Options

-H, --hostname hostname

The transport address of the destination SNMP device. Using this option triggers SNMP mode.

-P, --protocol protocol-number

SNMP protocol version. This option is optional and expects either of the following:

1: SNMP version 1

2, 2c: SNMP version 2c

3: SNMP version 3

Default: 2c

--port port-number

SNMP port of the remote (monitored) system. Defaults to the well-known SNMP port 161.

-6, --ipv6

This option will cause the plugin to use IPv6. The default is IPv4 if the option is not present.

--tcp

This option will cause the plugin to use TCP as transport protocol. The default is UDP if the option is not present.

--snmp-timeout seconds

This option sets the timeout for the SNMP object of the Net::SNMP perl module. Legal values are between 1 and 60 seconds, and the default is 5 seconds if the option is not present. Note that there is one retry (with the same timeout) before the SNMP object times out completely. For an unresponsive SNMP server, you'll see that the plugin times out with an SNMP error after 10 seconds if the 5 second default is used.

This option is usually not needed. The default timeout of 5 seconds is more than sufficient in most cases.

-U, --username securityname

[SNMPv3] The User-based Security Model (USM) used by SNMPv3 requires that a securityName be specified. This option is required when using SNMP version 3, and expects a string 1 to 32 octets in lenght.

--authpassword password, --authkey key

[SNMPv3] By default a securityLevel of noAuthNoPriv is assumed. If the --authpassword option is specified, the securityLevel becomes authNoPriv. The --authpassword option expects a string which is at least 1 octet in length as argument.

Optionally, instead of the --authpassword option, the --authkey option can be used so that a plain text password does not have to be specified in a script. The --authkey option expects a hexadecimal string produced by localizing the password with the authoritativeEngineID for the specific destination device. The snmpkey utility included with the Net::SNMP distribution can be used to create the hexadecimal string. See snmpkey(1) for more information.

--authprotocol algorithm

[SNMPv3] Two different hash algorithms are defined by SNMPv3 which can be used by the Security Model for authentication. These algorithms are HMAC-MD5-96 “MD5” (RFC 1321) and HMAC-SHA-96 “SHA-1” (NIST FIPS PUB 180-1). The default algorithm used by the plugin is HMAC-MD5-96. This behavior can be changed by using this option. The option expects either the string md5 or sha to be passed as argument to modify the hash algorithm.

--privpassword password, --privkey key

[SNMPv3] By specifying the options --privkey or --privpassword, the securityLevel associated with the object becomes authPriv. According to SNMPv3, privacy requires the use of authentication. Therefore, if either of these two options are present and the --authkey or --authpassword arguments are missing, the creation of the object fails. The --privkey and --privpassword options expect the same input as the --authkey and --authpassword options respectively.

--privprotocol algorithm

[SNMPv3] The User-based Security Model described in RFC 3414 defines a single encryption protocol to be used for privacy. This protocol, CBC-DES “DES” (NIST FIPS PUB 46-1), is used by default or if the string des is passed to the --privprotocol option. The Net::SNMP module also supports RFC 3826 which describes the use of CFB128-AES-128 “AES” (NIST FIPS PUB 197) in the USM. The AES encryption protocol can be selected by passing aes or aes128 to the --privprotocol option.

One of the following arguments are required: des, aes, aes128, 3des, 3desde

--use-get_table

This option exists as a workaround when using check_openmanage with SNMPv3 on Windows with net-snmp. Using this option will make check_openmanage use the Net::SNMP function get_table() instead of get_entries() while fetching values via SNMP. The latter is faster and is the default.

Blacklisting

-b, --blacklist string | file

Blacklist missing and/or failed components, if you do not plan to fix them. The parameter is either the blacklist string, or a file (that may or may not exist) containing the string. The blacklist string contains component names with component IDs separated by slash “/”. Blacklisted components are left unchecked.

TIP: Use the option -d or --debug to get the blacklist ID for devices. The ID is listed in a separate column in the debug output.

NOTE: If blacklisting is in effect, the global health of the system is not checked.

Syntax:

component1=id1[,id2,...]/component2=id1[,id2,...]/...

The ID part can also be “all”, in which all components of that type is blacklisted.

Example:

check_openmanage -b ps=0/fan=3,5/pdisk=1:0:0:1/ctrl_driver=all

In the example we blacklist powersupply 0, fans 3 and 5, physical disk 1:0:0:1, and warnings about out-of-date drivers for all controllers. Legal component names include:

ctrl
Storage controller. Note that if a controller is blacklisted, all components on that controller (such as physical and logical drives) are blacklisted as well.

ctrl_fw
Suppress the special warning message about old controller firmware. Use this if you can not or will not upgrade the firmware.

ctrl_driver
Suppress the special warning message about old controller driver. Particularly useful on systems where you can not upgrade the driver.

ctrl_stdr
Suppress the special warning message about old Storport driver on Windows.

ctrl_pdisk
This blacklisting keyword exists as a possible workaround for physical drives with bad firmware which makes Openmanage choke. It takes the controller number as argument. Use this option to blacklist all physical drives on a specific controller. This blacklisting keyword is only available in local mode, i.e. not with SNMP.

pdisk
Physical disk.

pdisk_cert
Suppress warning message about non-certified physical disk.

pdisk_foreign
Suppress warning message about foreign physical disk.

vdisk
Logical drive (virtual disk).

bat
Controller cache battery.

bat_charge
Ignore warnings related to the controller cache battery charging cycle, which happens approximately every 40-90 days on Dell servers. Note that using this blacklist keyword makes check_openmanage ignore non-critical cache battery errors.

conn
Connector (channel).

encl
Storage enclosure.

encl_fan
Enclosure fan.

encl_ps
Enclosure power supply.

encl_temp
Enclosure temperature probe.

encl_emm
Enclosure management module (EMM).

dimm
Memory module.

fan
Chassis fan.

ps
Power supply.

temp
Temperature sensor.

cpu
Processor (CPU).

volt
Voltage probe.

bp
System battery.

amp
Amperage probe (power consumption monitoring).

intr
Intrusion detection sensor.

sd
SD card

Check Control

--no-storage

Turn off storage checking. This is an alias for “--check storage=0”.

--only keyword

Makes check_openmanage check and/or report on a single class of components or warning level. This option can be specifed once and expects an argument. The different arguments and the corresponding behaviour are described below.

critical
Print only critical alerts. With this option any warning alerts are suppressed.

warning
Print only warning alerts. With this option any critical alerts are suppressed.

chassis
Check all chassis components and nothing else.

storage
Only check storage

memory
Only check memory modules

fans
Only check fans

power
Only check power supplies

temp
Only check temperatures

cpu
Only check processors

voltage
Only check voltage probes

batteries
Only check batteries

amperage
Only check power usage

intrusion
Only check chassis intrusion

sdcard
Only check SD cards

esmhealth
Only check ESM log overall health, i.e. fill grade

servicetag
Only check for sane service tag

esmlog
Only check the event log (ESM) content

alertlog
Only check the alert log content

--check string | file

This parameter allows you to adjust which components that should be checked at all. This is a rougher approach than blacklisting, which require that you specify component id or index. The parameter should be either a string containing the adjustments, or a file containing the string. No errors are raised if the file does not exist.

Example:

check_openmanage --check storage=0,intrusion=1

Legal values are described below, along with the default value.

storage
Check storage subsystem (controllers, disks etc.). Default: ON

memory
Check memory (dimms). Default: ON

fans
Check chassis fans. Default: ON

power
Check power supplies. Default: ON

temp
Check temperature sensors. Default: ON

cpu
Check CPUs. Default: ON

voltage
Check voltage sensors. Default: ON

batteries
Check system batteries. Default: ON

amperage
Check amperage probes. Default: ON

intrusion
Check chassis intrusion. Default: ON

sdcard
Check SD cards. Default: ON

esmhealth
Check the ESM log health, i.e. fill grade. Default: ON

servicetag
Check that the service tag (serial number) is sane and not empty. Default: ON

esmlog
Check the ESM log content. Default: OFF

alertlog
Check the alert log content. Default: OFF

Diagnostics

The option -d or --debug can be specified to display all monitored components.

Exit Status

If no errors are discovered, a value of 0 (OK) is returned. An exit value of 1 (WARNING) signifies one or more non-critical errors, while 2 (CRITICAL) signifies one or more critical errors.

The exit value 3 (UNKNOWN) is reserved for errors within the script, or errors getting values from Dell OMSA.

Bugs and Limitations

Storage info is not collected or checked on very old PowerEdge models and/or old OMSA versions, due to limitations in OMSA. The overall support on those models/versions by this plugin is not well tested.

See Also

check_openmanage.conf(5), Net::SNMP(3), http://folk.uio.no/trondham/software/ch…

Authors

Trond Hasle Amundsen <t.h.amundsen@usit.uio.no>

Referenced By

check_openmanage.conf(5).

02/04/2016 check_openmanage Nagios plugin