New plugin Azure Vmware Solution #6107
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,163 @@ | ||
| # | ||
| # Copyright 2024 Centreon (http://www.centreon.com/) | ||
| # | ||
| # Centreon is a full-fledged industry-strength solution that meets | ||
| # the needs in IT infrastructure and application monitoring for | ||
| # service performance. | ||
| # | ||
| # Licensed under the Apache License, Version 2.0 (the "License"); | ||
| # you may not use this file except in compliance with the License. | ||
| # You may obtain a copy of the License at | ||
| # | ||
| # http://www.apache.org/licenses/LICENSE-2.0 | ||
| # | ||
| # Unless required by applicable law or agreed to in writing, software | ||
| # distributed under the License is distributed on an "AS IS" BASIS, | ||
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| # See the License for the specific language governing permissions and | ||
| # limitations under the License. | ||
| # | ||
|
|
||
| package cloud::azure::compute::avs::mode::cpu; | ||
|
|
||
| use base qw(cloud::azure::custom::mode); | ||
|
|
||
| use strict; | ||
| use warnings; | ||
|
|
||
| sub get_metrics_mapping { | ||
| my ($self, %options) = @_; | ||
|
|
||
| my $metrics_mapping = { | ||
| 'CpuUsageAverage' => { | ||
| 'output' => 'CPU usage', | ||
| 'label' => 'cpu-usage', | ||
| 'nlabel' => 'avs.cluster.cpu.usage.percentage', | ||
| 'unit' => '%', | ||
| 'min' => '0', | ||
| 'max' => '100' | ||
| }, | ||
| 'EffectiveCpuAverage' => { | ||
| 'output' => 'Effective CPU', | ||
| 'label' => 'cpu-effective', | ||
| 'nlabel' => 'avs.cluster.cpu.effective.percentage', | ||
| 'unit' => '%', | ||
| 'min' => '0', | ||
| 'max' => '100' | ||
| } | ||
| }; | ||
|
|
||
| return $metrics_mapping; | ||
| } | ||
|
|
||
| sub new { | ||
| my ($class, %options) = @_; | ||
| my $self = $class->SUPER::new(package => __PACKAGE__, %options, force_new_perfdata => 1); | ||
| bless $self, $class; | ||
|
|
||
| $options{options}->add_options(arguments => { | ||
| 'api-version:s' => { name => 'api_version', default => '2018-01-01' }, | ||
| 'filter-metric:s' => { name => 'filter_metric' }, | ||
| 'resource:s' => { name => 'resource' }, | ||
| 'resource-group:s' => { name => 'resource_group' } | ||
| }); | ||
|
|
||
| return $self; | ||
| } | ||
|
|
||
| sub check_options { | ||
| my ($self, %options) = @_; | ||
| $self->SUPER::check_options(%options); | ||
|
|
||
| if (!defined($self->{option_results}->{resource}) || $self->{option_results}->{resource} eq '') { | ||
| $self->{output}->add_option_msg(short_msg => 'Need to specify either --resource <name> with --resource-group option or --resource <id>.'); | ||
| $self->{output}->option_exit(); | ||
| } | ||
|
|
||
| $self->{api_version} = (defined($self->{option_results}->{api_version}) && $self->{option_results}->{api_version} ne '') ? $self->{option_results}->{api_version} : '2018-01-01'; | ||
|
|
||
| my $resource = $self->{option_results}->{resource}; | ||
| my $resource_group = defined($self->{option_results}->{resource_group}) ? $self->{option_results}->{resource_group} : ''; | ||
|
|
||
| if ($resource =~ /^\/subscriptions\/.*\/resourceGroups\/(.*)\/providers\/Microsoft\.AVS\/privateClouds\/(.*)$/) { | ||
| $resource_group = $1; | ||
| $resource = $2; | ||
| } | ||
|
|
||
| $self->{az_resource} = $resource; | ||
| $self->{az_resource_group} = $resource_group; | ||
| $self->{az_resource_type} = 'privateClouds'; | ||
| $self->{az_resource_namespace} = 'Microsoft.AVS'; | ||
| $self->{az_timeframe} = defined($self->{option_results}->{timeframe}) ? $self->{option_results}->{timeframe} : 900; | ||
| $self->{az_interval} = defined($self->{option_results}->{interval}) ? $self->{option_results}->{interval} : 'PT5M'; | ||
| $self->{az_aggregations} = ['Average']; | ||
|
|
||
| if (defined($self->{option_results}->{aggregation})) { | ||
| $self->{az_aggregations} = []; | ||
| foreach my $stat (@{$self->{option_results}->{aggregation}}) { | ||
| push @{$self->{az_aggregations}}, ucfirst(lc($stat)) if $stat ne ''; | ||
| } | ||
| } | ||
|
|
||
| foreach my $metric (keys %{$self->{metrics_mapping}}) { | ||
| next if (defined($self->{option_results}->{filter_metric}) && $self->{option_results}->{filter_metric} ne '' | ||
| && $metric !~ /$self->{option_results}->{filter_metric}/); | ||
| push @{$self->{az_metrics}}, $metric; | ||
| } | ||
| } | ||
|
|
||
| 1; | ||
|
|
||
| __END__ | ||
|
|
||
| =head1 MODE | ||
|
|
||
| Check Azure VMware Solution (AVS) private cloud cluster CPU metrics. | ||
|
|
||
| Metric names in the Azure Monitor API: | ||
| - C<CpuUsageAverage>: percentage of used CPU resources in the cluster (new) | ||
| - C<EffectiveCpuAverage>: percentage of effective CPU resources in the cluster (legacy) | ||
|
|
||
| Dimension: C<clustername> | ||
|
|
||
| Example: | ||
|
|
||
| perl centreon_plugins.pl --plugin=cloud::azure::compute::avs::plugin \ | ||
| --custommode=api --mode=cpu \ | ||
| --subscription=XXXX --tenant=XXXX --client-id=XXXX --client-secret=XXXX \ | ||
| --resource=my-private-cloud --resource-group=my-rg \ | ||
| --warning-cpu-usage=80 --critical-cpu-usage=90 --verbose | ||
|
|
||
| =over 8 | ||
|
|
||
| =item B<--resource> | ||
|
|
||
| Set resource name or ID (required). | ||
|
|
||
| =item B<--resource-group> | ||
|
|
||
| Set resource group (required if resource name is used). | ||
|
|
||
| =item B<--filter-metric> | ||
|
|
||
| Filter metrics (can be: C<CpuUsageAverage>, C<EffectiveCpuAverage>) (can be a regexp). | ||
|
|
||
| =item B<--warning-cpu-usage> | ||
|
|
||
| Warning threshold for cluster CPU usage percentage. | ||
|
|
||
| =item B<--critical-cpu-usage> | ||
|
|
||
| Critical threshold for cluster CPU usage percentage. | ||
|
|
||
| =item B<--warning-cpu-effective> | ||
|
|
||
| Warning threshold for effective CPU percentage. | ||
|
|
||
| =item B<--critical-cpu-effective> | ||
|
|
||
| Critical threshold for effective CPU percentage. | ||
|
|
||
| =back | ||
|
|
||
| =cut | ||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,185 @@ | ||
| # | ||
| # Copyright 2024 Centreon (http://www.centreon.com/) | ||
| # | ||
| # Centreon is a full-fledged industry-strength solution that meets | ||
| # the needs in IT infrastructure and application monitoring for | ||
| # service performance. | ||
| # | ||
| # Licensed under the Apache License, Version 2.0 (the "License"); | ||
| # you may not use this file except in compliance with the License. | ||
| # You may obtain a copy of the License at | ||
| # | ||
| # http://www.apache.org/licenses/LICENSE-2.0 | ||
| # | ||
| # Unless required by applicable law or agreed to in writing, software | ||
| # distributed under the License is distributed on an "AS IS" BASIS, | ||
| # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| # See the License for the specific language governing permissions and | ||
| # limitations under the License. | ||
| # | ||
|
|
||
| package cloud::azure::compute::avs::mode::datastore; | ||
|
|
||
| use base qw(cloud::azure::custom::mode); | ||
|
|
||
| use strict; | ||
| use warnings; | ||
|
|
||
| sub get_metrics_mapping { | ||
| my ($self, %options) = @_; | ||
|
|
||
| my $metrics_mapping = { | ||
| 'DiskUsedPercentage' => { | ||
| 'output' => 'Disk used', | ||
| 'label' => 'datastore-disk-used-percentage', | ||
| 'nlabel' => 'avs.datastore.disk.used.percentage', | ||
| 'unit' => '%', | ||
| 'min' => '0', | ||
| 'max' => '100' | ||
| }, | ||
| 'DiskUsedLatest' => { | ||
| 'output' => 'Disk used', | ||
| 'label' => 'datastore-disk-used', | ||
| 'nlabel' => 'avs.datastore.disk.used.bytes', | ||
| 'unit' => 'B', | ||
| 'min' => '0', | ||
| 'max' => '' | ||
| }, | ||
| 'DiskCapacityLatest' => { | ||
| 'output' => 'Disk total capacity', | ||
| 'label' => 'datastore-disk-capacity', | ||
| 'nlabel' => 'avs.datastore.disk.capacity.bytes', | ||
| 'unit' => 'B', | ||
| 'min' => '0', | ||
| 'max' => '' | ||
| } | ||
| }; | ||
|
|
||
| return $metrics_mapping; | ||
| } | ||
|
|
||
| sub new { | ||
| my ($class, %options) = @_; | ||
| my $self = $class->SUPER::new(package => __PACKAGE__, %options, force_new_perfdata => 1); | ||
| bless $self, $class; | ||
|
|
||
| $options{options}->add_options(arguments => { | ||
| 'api-version:s' => { name => 'api_version', default => '2018-01-01' }, | ||
| 'filter-metric:s' => { name => 'filter_metric' }, | ||
| 'resource:s' => { name => 'resource' }, | ||
| 'resource-group:s' => { name => 'resource_group' } | ||
| }); | ||
|
|
||
| return $self; | ||
| } | ||
|
|
||
| sub check_options { | ||
| my ($self, %options) = @_; | ||
| $self->SUPER::check_options(%options); | ||
|
|
||
| if (!defined($self->{option_results}->{resource}) || $self->{option_results}->{resource} eq '') { | ||
| $self->{output}->add_option_msg(short_msg => 'Need to specify either --resource <name> with --resource-group option or --resource <id>.'); | ||
| $self->{output}->option_exit(); | ||
| } | ||
|
|
||
| $self->{api_version} = (defined($self->{option_results}->{api_version}) && $self->{option_results}->{api_version} ne '') ? $self->{option_results}->{api_version} : '2018-01-01'; | ||
|
|
||
| my $resource = $self->{option_results}->{resource}; | ||
| my $resource_group = defined($self->{option_results}->{resource_group}) ? $self->{option_results}->{resource_group} : ''; | ||
|
|
||
| if ($resource =~ /^\/subscriptions\/.*\/resourceGroups\/(.*)\/providers\/Microsoft\.AVS\/privateClouds\/(.*)$/) { | ||
| $resource_group = $1; | ||
| $resource = $2; | ||
| } | ||
|
|
||
| $self->{az_resource} = $resource; | ||
| $self->{az_resource_group} = $resource_group; | ||
| $self->{az_resource_type} = 'privateClouds'; | ||
| $self->{az_resource_namespace} = 'Microsoft.AVS'; | ||
| $self->{az_timeframe} = defined($self->{option_results}->{timeframe}) ? $self->{option_results}->{timeframe} : 1800; | ||
| $self->{az_interval} = defined($self->{option_results}->{interval}) ? $self->{option_results}->{interval} : 'PT30M'; | ||
| $self->{az_aggregations} = ['Average']; | ||
|
|
||
| if (defined($self->{option_results}->{aggregation})) { | ||
| $self->{az_aggregations} = []; | ||
| foreach my $stat (@{$self->{option_results}->{aggregation}}) { | ||
| push @{$self->{az_aggregations}}, ucfirst(lc($stat)) if $stat ne ''; | ||
| } | ||
| } | ||
|
|
||
| foreach my $metric (keys %{$self->{metrics_mapping}}) { | ||
| next if (defined($self->{option_results}->{filter_metric}) && $self->{option_results}->{filter_metric} ne '' | ||
|
There was a problem hiding this comment. Using --filter-metric directly in /$self->{option_results}->{filter_metric}/ allows untrusted input to alter regex behavior. Escape the pattern (e.g., quotemeta) before interpolation or use safer matching. Details✨ AI Reasoning 🔧 How do I fix it? Reply |
||
| && $metric !~ /$self->{option_results}->{filter_metric}/); | ||
| push @{$self->{az_metrics}}, $metric; | ||
| } | ||
| } | ||
|
|
||
| 1; | ||
|
|
||
| __END__ | ||
|
|
||
| =head1 MODE | ||
|
|
||
| Check Azure VMware Solution (AVS) private cloud datastore disk metrics. | ||
|
|
||
| Metric names in the Azure Monitor API: | ||
| - C<DiskUsedPercentage>: percent of available disk used in the datastore (new) | ||
| - C<DiskUsedLatest>: total disk used in the datastore (new) | ||
| - C<DiskCapacityLatest>: total disk capacity in the datastore (new) | ||
|
|
||
| Dimension: C<dsname> | ||
|
|
||
| Note: datastore metrics have a minimum granularity of PT30M. Default timeframe | ||
| is set to 1800 seconds (30 minutes) and interval to PT30M accordingly. | ||
|
|
||
| Example: | ||
|
|
||
| perl centreon_plugins.pl --plugin=cloud::azure::compute::avs::plugin \ | ||
| --custommode=api --mode=datastore \ | ||
| --subscription=XXXX --tenant=XXXX --client-id=XXXX --client-secret=XXXX \ | ||
| --resource=my-private-cloud --resource-group=my-rg \ | ||
| --warning-datastore-disk-used-percentage=70 \ | ||
| --critical-datastore-disk-used-percentage=85 --verbose | ||
|
|
||
| =over 8 | ||
|
|
||
| =item B<--resource> | ||
|
|
||
| Set resource name or ID (required). | ||
|
|
||
| =item B<--resource-group> | ||
|
|
||
| Set resource group (required if resource name is used). | ||
|
|
||
| =item B<--filter-metric> | ||
|
|
||
| Filter metrics (can be: C<DiskUsedPercentage>, C<DiskUsedLatest>, | ||
| C<DiskCapacityLatest>) (can be a regexp). | ||
|
|
||
| =item B<--warning-datastore-disk-used-percentage> | ||
|
|
||
| Warning threshold for datastore disk usage percentage. | ||
|
|
||
| =item B<--critical-datastore-disk-used-percentage> | ||
|
|
||
| Critical threshold for datastore disk usage percentage. | ||
|
|
||
| =item B<--warning-datastore-disk-used> | ||
|
|
||
| Warning threshold for disk used (bytes). | ||
|
|
||
| =item B<--critical-datastore-disk-used> | ||
|
|
||
| Critical threshold for disk used (bytes). | ||
|
|
||
| =item B<--warning-datastore-disk-capacity> | ||
|
|
||
| Warning threshold for total disk capacity (bytes). | ||
|
|
||
| =item B<--critical-datastore-disk-capacity> | ||
|
|
||
| Critical threshold for total disk capacity (bytes). | ||
|
|
||
| =back | ||
|
|
||
| =cut | ||
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Using --filter-metric directly in /$self->{option_results}->{filter_metric}/ allows untrusted input to alter regex behavior. Escape the pattern (e.g., quotemeta) before interpolation or use safer matching.
Details
✨ AI Reasoning
The code constructs a regular expression dynamically from user-provided input (the --filter-metric option) and applies it directly in a regex match. This allows untrusted input to control regex semantics and could enable catastrophic backtracking or other unwanted regex behavior. The issue was introduced by the new AVS mode modules where filter_metric is used to filter metrics.
🔧 How do I fix it?
Use parameterized queries with placeholders, array-based command execution (no shell interpretation), or properly escaped arguments using vetted libraries. Avoid dynamic queries/commands built with user input concatenation.
Reply
@AikidoSec feedback: [FEEDBACK]to get better review comments in the future.Reply
@AikidoSec ignore: [REASON]to ignore this issue.More info