def _valuespec_special_agents_mobileiron(): return Dictionary( elements=[ ("username", TextInput(title=_("Username"), allow_empty=False)), ("password", IndividualOrStoredPassword(title=_("Password"), allow_empty=False)), ( "port", NetworkPort( title=_("Port"), default_value=443, help=_("The port that is used for the API call."), ), ), ( "no-cert-check", FixedValue( True, title=_("Disable SSL certificate validation"), totext=_("SSL certificate validation is disabled"), ), ), ( "partition", ListOfStrings( allow_empty=False, title=_( "Retrieve information about the following partitions"), ), ), ( "proxy_details", Dictionary( title=_("Use proxy for MobileIron API connection"), elements=[ ("proxy_host", TextInput(title=_("Proxy host"), allow_empty=True)), ("proxy_port", Integer(title=_("Port"))), ( "proxy_user", TextInput( title=_("Username"), size=32, ), ), ("proxy_password", IndividualOrStoredPassword(title=_("Password"))), ], optional_keys=[ "proxy_port", "proxy_user", "proxy_password" ], ), ), ], optional_keys=["no-cert-check"], title=_("MobileIron API"), )
def api_request_authentication(): return ( "auth_basic", Transform( valuespec=CascadingDropdown( title=_("Authentication"), choices=[ ( "auth_login", _("Basic authentication"), Dictionary( elements=[ ( "username", TextInput( title=_("Login username"), allow_empty=False, ), ), ( "password", IndividualOrStoredPassword( title=_("Password"), allow_empty=False, ), ), ], optional_keys=[], ), ), ( "auth_token", _("Token authentication"), Dictionary( elements=[ ( "token", IndividualOrStoredPassword( title=_("Login token"), allow_empty=False, ), ), ], optional_keys=[], ), ), ], ), forth=lambda v: ("auth_login", v) if "username" in v else v, ), )
def _valuespec_special_agents_smb_share(): return Dictionary( elements=[ ( "hostname", TextInput( title="Hostname", allow_empty=False, help= _("<p>Usually Checkmk will use the hostname of the host it is attached to. " "With this option you can override this parameter.</p>"), ), ), ( "ip_address", HostAddress( title=_("IP address"), allow_empty=False, allow_ipv6_address=False, help= _("<p>Usually Checkmk will use the primary IP address of the host it is " "attached to. With this option you can override this parameter.</p>" ), ), ), ( "authentication", Tuple( title=_("Authentication"), elements=[ TextInput(title=_("Username"), allow_empty=False), IndividualOrStoredPassword(title=_("Password"), allow_empty=False), ], ), ), ( "patterns", ListOfStrings( title=_("File patterns"), size=80, help= _("<p>Here you can specify a list of filename patterns to be sent by the " "agent in the section <tt>fileinfo</tt>. UNC paths with globbing patterns " "are used here, e.g. <tt>\\\\hostname\\share name\\*\\foo\\*.log</tt>. " "Wildcards are not allowed in host or share names. " "Per default each found file will be monitored for size and age. " "By building groups you can alternatively monitor a collection " "of files as an entity and monitor the count, total size, the largest, " "smallest oldest or newest file. Note: if you specify more than one matching rule, then " "<b>all</b> matching rules will be used for defining pattern - not just the " " first one.</p>"), valuespec=TextInput(size=80), ), ), ], optional_keys=["hostname", "ip_address", "authentication"], title=_("SMB Share fileinfo"), )
def _valuespec_special_agents_3par(): return Transform( valuespec=Dictionary( title=_("3PAR Configuration"), elements=[ ( "user", TextInput( title=_("Username"), allow_empty=False, ), ), ( "password", IndividualOrStoredPassword( title=_("Password"), allow_empty=False, ), ), ( "port", Integer( title=_("TCP port number"), help=_("Port number that 3par is listening on. The default is 8080."), default_value=8080, minvalue=1, maxvalue=65535, ), ), ( "verify_cert", DropdownChoice( title=_("SSL certificate verification"), choices=[ (True, _("Activate")), (False, _("Deactivate")), ], ), ), ( "values", ListOfStrings( title=_("Values to fetch"), orientation="horizontal", help=_( "Possible values are the following: cpgs, volumes, hosts, capacity, " "system, ports, remotecopy, hostsets, volumesets, vluns, flashcache, " "users, roles, qos.\n" "If you do not specify any value the first seven are used as default." ), ), ), ], optional_keys=["values"], ), forth=_special_agents_3par_transform, )
def _get_dynamic_valuespec_elements(self): return [ ( "site", CascadingDropdown( choices=[ ("local", _("Connect to the local site")), ( "url", _("Connect to site url"), HTTPUrl( help=_( "URL of the remote site, for example https://10.3.1.2/testsite" ) ), ), ], sorted=False, orientation="horizontal", title=_("Site connection"), ), ), ( "credentials", CascadingDropdown( choices=[ ("automation", _("Use the credentials of the 'automation' user")), ( "configured", _("Use the following credentials"), Tuple( elements=[ TextInput( title=_("Automation Username"), allow_empty=True, ), IndividualOrStoredPassword( title=_("Automation Secret"), allow_empty=True, ), ], ), ), ], help=_( "Here you can configured the credentials to be used. Keep in mind that the <tt>automation</tt> user need " "to exist if you choose this option" ), title=_("Login credentials"), default_value="automation", ), ), ("filter", self._vs_filters()), ("assignments", self._vs_aggregation_assignments()), ("options", self._vs_options()), ]
def _auth_option(option: str) -> List[Any]: auth: List[Any] = [] if option == "basic": auth.append( ( "auth_basic", Dictionary( elements=[ ( "username", TextInput( title=_("Login username"), allow_empty=False, ), ), ( "password", IndividualOrStoredPassword( title=_("Password"), allow_empty=False, ), ), ], optional_keys=[], title=_("Basic authentication"), ), ) ) elif option == "token": auth.append( ( "token", TextInput( title=_("API key/token"), allow_empty=False, size=70, ), ) ) return auth
def _active_checks_http_proxyspec(): return Dictionary( title=_("Use proxy"), elements=[ ("address", TextInput(title=_("Proxy server address"), size=45)), ("port", _active_checks_http_portspec(80)), ( "auth", Tuple( title=_("Proxy basic authorization"), elements=[ TextInput(title=_("Username"), size=12, allow_empty=False), IndividualOrStoredPassword(title=_("Password"), ), ], ), ), ], required_keys=["address"], )
def _valuespec_special_agents_gcp(): return Dictionary( title=_("Google Cloud Platform"), elements=[ ("project", TextInput(title=_("Project ID"), allow_empty=False, size=50)), ( "credentials", IndividualOrStoredPassword( title=_("JSON credentials for service account"), allow_empty=False), ), ( "services", ListChoice( title=_("GCP services to monitor"), choices=[ ("gcs", _("Google Cloud Storage (GCS)")), ("gce", _("Google Compute Engine (GCE)")), ("cloud_run", _("Cloud Run")), ("cloud_functions", _("Cloud Functions")), ("cloud_sql", _("Cloud SQL")), ("filestore", _("Filestore")), ("redis", _("Memorystore Redis")), ], default_value=[ "gcs", "gce", "cloud_run", "cloud_functions", "cloud_sql", "filestore", "redis", ], allow_empty=False, ), ), ], optional_keys=[], )
def _valuespec_special_agents_proxmox_ve(): return Dictionary( elements=[ ("username", TextInput(title=_("Username"), allow_empty=False)), ("password", IndividualOrStoredPassword(title=_("Password"), allow_empty=False)), ("port", Integer(title=_("Port"), default_value=8006)), ( "no-cert-check", FixedValue( value=True, title=_("Disable SSL certificate validation"), totext=_("SSL certificate validation is disabled"), ), ), ( "timeout", Integer( title=_("Connect Timeout"), help=_("The network timeout in seconds"), default_value=60, minvalue=1, unit=_("seconds"), ), ), ( "log-cutoff-weeks", Integer( title=_("Maximum log age"), help=_("Age in weeks of log data to fetch"), default_value=2, unit=_("weeks"), ), ), ], title=_("Proxmox VE"), )
)), ('ssl', Checkbox( title = _('SSL'), label = _('Use SSL and SNI'), default_value = True, )), _ip_address_family_element(), ('uri', TextAscii( title = _("URI to fetch (default is <tt>/</tt>)"), allow_empty = False, default_value = "/" )), ('auth', Alternative( title = _("Authentication"), elements = [ IndividualOrStoredPassword(title = _("API Token")), Tuple(title = _("Credentials"), elements = [ TextAscii(title=_("Username")), IndividualOrStoredPassword(title=_("Password")), ], ), ])), ('header', ListOf( Tuple( title = _("Header"), elements = [ TextAscii(title = _("Name")), TextAscii(title = _("Value")) ], orientation = 'horizontal',
def _valuespec_special_agents_vsphere(): return Transform( valuespec=Dictionary( title=_("VMWare ESX via vSphere"), help=_( "This rule allows monitoring of VMWare ESX via the vSphere API. " "You can configure your connection settings here.", ), elements=[ ( "user", TextInput( title=_("vSphere User name"), allow_empty=False, ), ), ( "secret", IndividualOrStoredPassword( title=_("vSphere secret"), allow_empty=False, ), ), ( "direct", DropdownChoice( title=_("Type of query"), choices=[ (True, _("Queried host is a host system")), (False, _("Queried host is the vCenter")), ], ), ), ( "tcp_port", Integer( title=_("TCP Port number"), help=_("Port number for HTTPS connection to vSphere"), default_value=443, minvalue=1, maxvalue=65535, ), ), ( "ssl", Alternative( title=_("SSL certificate checking"), elements=[ FixedValue(value=False, title=_("Deactivated"), totext=""), FixedValue(value=True, title=_("Use hostname"), totext=""), TextInput( title=_("Use other hostname"), help= _("The IP of the other hostname needs to be the same IP as the host address" ), ), ], default_value=True, ), ), ( "timeout", Integer( title=_("Connect Timeout"), help= _("The network timeout in seconds when communicating with vSphere or " "to the Check_MK Agent. The default is 60 seconds. Please note that this " "is not a total timeout but is applied to each individual network transation." ), default_value=60, minvalue=1, unit=_("seconds"), ), ), ( "infos", Transform( valuespec=ListChoice( choices=[ ("hostsystem", _("Host Systems")), ("virtualmachine", _("Virtual Machines")), ("datastore", _("Datastores")), ("counters", _("Performance Counters")), ("licenses", _("License Usage")), ], default_value=[ "hostsystem", "virtualmachine", "datastore", "counters" ], allow_empty=False, ), forth=lambda v: [x.replace("storage", "datastore") for x in v], title=_("Retrieve information about..."), ), ), ( "skip_placeholder_vms", Checkbox( title=_("Placeholder VMs"), label=_("Do not monitor placeholder VMs"), default_value=True, true_label=_("ignore"), false_label=_("monitor"), help= _("Placeholder VMs are created by the Site Recovery Manager(SRM) and act as backup " "virtual machines in case the default vm is unable to start. This option tells the " "vsphere agent to exclude placeholder vms in its output." ), ), ), ( "host_pwr_display", DropdownChoice( title=_("Display ESX Host power state on"), choices=[ (None, _("The queried ESX system (vCenter / Host)")), ("esxhost", _("The ESX Host")), ("vm", _("The Virtual Machine")), ], default_value=None, ), ), ( "vm_pwr_display", DropdownChoice( title=_( "Display VM power state <i>additionally</i> on"), help= _("The power state can be displayed additionally either " "on the ESX host or the VM. This will result in services " "for <i>both</i> the queried system and the ESX host / VM. " "By disabling the unwanted services it is then possible " "to configure where the services are displayed."), choices=[ (None, _("The queried ESX system (vCenter / Host)")), ("esxhost", _("The ESX Host")), ("vm", _("The Virtual Machine")), ], default_value=None, ), ), ( "snapshots_on_host", Checkbox( title=_("VM snapshot summary"), label=_("Display snapshot summary on ESX hosts"), default_value=False, help= _("By default the snapshot summary service is displayed on the vCenter. " "Users who run an ESX host on its own or do not include their vCenter in the " "monitoring can choose to display the snapshot summary on the ESX host itself." ), ), ), ( "vm_piggyname", DropdownChoice( title=_("Piggyback name of virtual machines"), choices=[ ("alias", _("Use the name specified in the ESX system")), ( "hostname", _("Use the VMs hostname if set, otherwise fall back to ESX name" ), ), ], default_value="alias", ), ), ( "spaces", DropdownChoice( title=_("Spaces in hostnames"), choices=[ ("cut", _("Cut everything after first space")), ("underscore", _("Replace with underscores")), ], default_value="underscore", ), ), ], optional_keys=[ "tcp_port", "timeout", "vm_pwr_display", "host_pwr_display", "vm_piggyname", ], ignored_keys=["use_pysphere"], ), forth=_transform_agent_vsphere, )
def _valuespec_active_checks_bi_aggr(): return Transform( valuespec=Dictionary( title=_("Check State of BI Aggregation"), help=_( "Connect to the local or a remote monitoring host, which uses Check_MK BI to aggregate " "several states to a single BI aggregation, which you want to show up as a single " "service." ), elements=[ ( "base_url", TextInput( title=_("Base URL (OMD Site)"), help=_( "The base URL to the monitoring instance. For example <tt>http://mycheckmk01/mysite</tt>. " "You can use macros like <tt>$HOSTADDRESS$</tt> and <tt>$HOSTNAME$</tt> within this URL to " "make them be replaced by the hosts values." ), size=60, allow_empty=False, ), ), ( "aggregation_name", TextInput( title=_("Aggregation Name"), help=_( "The name of the aggregation to fetch. It will be added to the service description. You can " "use macros like <tt>$HOSTADDRESS$</tt> and <tt>$HOSTNAME$</tt> within this parameter to " "make them be replaced by the hosts values. The aggregation name is the title in the " "top-level-rule of your BI pack." ), allow_empty=False, ), ), ( "credentials", CascadingDropdown( choices=[ ("automation", _("Use the credentials of the 'automation' user")), ( "configured", _("Use the following credentials"), Tuple( elements=[ TextInput( title=_("Automation Username"), allow_empty=True, help=_( "The name of the automation account to use for fetching the BI aggregation via HTTP. Note: You may " "also set credentials of a standard user account, though it is disadvised. " "Using the credentials of a standard user also requires a valid authentication method set in the " "optional parameters." ), ), IndividualOrStoredPassword( title=_("Automation Secret"), help=_( "Valid automation secret for the automation user" ), allow_empty=False, ), ] ), ), ], help=_( "Here you can configured the credentials to be used. Keep in mind that the <tt>automation</tt> user need " "to exist if you choose this option" ), title=_("Login credentials"), default_value="automation", ), ), ( "optional", Dictionary( title=_("Optional parameters"), elements=[ ( "auth_mode", DropdownChoice( title=_("Authentication Mode"), default_value="header", choices=[ ("header", _("Authorization Header")), ("basic", _("HTTP Basic")), ("digest", _("HTTP Digest")), ("kerberos", _("Kerberos")), ], deprecated_choices=("cookie",), invalid_choice_error=_( "The specified choice is no longer available. " "Please use another, like 'header' instead." ), ), ), ( "timeout", Integer( title=_("Seconds before connection times out"), unit=_("sec"), default_value=60, ), ), ( "in_downtime", DropdownChoice( title=_("State, if BI aggregate is in scheduled downtime"), choices=[ (None, _("Use normal state, ignore downtime")), ("ok", _("Force to be OK")), ("warn", _("Force to be WARN, if aggregate is not OK")), ], ), ), ( "acknowledged", DropdownChoice( title=_("State, if BI aggregate is acknowledged"), choices=[ (None, _("Use normal state, ignore acknowledgement")), ("ok", _("Force to be OK")), ("warn", _("Force to be WARN, if aggregate is not OK")), ], ), ), ( "track_downtimes", Checkbox( title=_("Track downtimes"), label=_("Automatically track downtimes of aggregation"), help=_( "If this is active, the check will automatically go into downtime " "whenever the aggregation does. This downtime is also cleaned up " "automatically when the aggregation leaves downtime. " "Downtimes you set manually for this check are unaffected." ), ), ), ], ), ), ], optional_keys=False, ), forth=_active_checks_bi_aggr_transform_from_disk, )
def _valuespec_special_agents_kube(): return Dictionary( elements=[ ( "cluster-name", Hostname( title=_("Cluster name"), allow_empty=False, help= _("You must specify a name for your Kubernetes cluster. The provided name" " will be used to make the objects from your cluster unique in a " "multi-cluster setup."), ), ), ( "token", IndividualOrStoredPassword( title=_("Token"), allow_empty=False, ), ), ( "kubernetes-api-server", Dictionary( elements=[ ( "endpoint", HTTPUrl( title=_("Endpoint"), allow_empty=False, default_value="https://<control plane ip>:443", help=_( "The full URL to the Kubernetes API server including the " "protocol (http or https) and the port."), size=80, ), ), ssl_verification(), ( "proxy", HTTPProxyReference( {"http", "https"}), # Kubernetes client does not # support socks proxies. ), _tcp_timeouts(), ], required_keys=["endpoint", "verify-cert"], title=_("API server connection"), ), ), ( "cluster-collector", # TODO: adjust help texts depending on ingress inclusion Dictionary( elements=[ ( "endpoint", HTTPUrl( title=_( "Collector NodePort / Ingress endpoint"), allow_empty=False, default_value="https://<service url>:30035", help= _("The full URL to the Cluster Collector service including " "the protocol (http or https) and the port. Depending on " "the deployed configuration of the service this can " "either be the NodePort or the Ingress endpoint." ), size=80, ), ), ssl_verification(), ( "proxy", HTTPProxyReference(), ), _tcp_timeouts(), ], required_keys=["endpoint", "verify-cert"], title=_( "Enrich with usage data from Checkmk Cluster Collector" ), ), ), ( "monitored-objects", ListChoice( choices=[ ("deployments", _("Deployments")), ("daemonsets", _("DaemonSets")), ("statefulsets", _("StatefulSets")), ("namespaces", _("Namespaces")), ("nodes", _("Nodes")), ("pods", _("Pods")), ("cronjobs_pods", _("Pods of CronJobs")), ], default_value=[ "deployments", "daemonsets", "statefulsets", "namespaces", "nodes", "pods", ], allow_empty=False, title=_("Collect information about..."), help= _("Select the Kubernetes objects you would like to monitor. Pods " "controlled by CronJobs are treated separately as they are usually " "quite short lived. Those pods will be monitored in the same " "manner as regular pods. Your Dynamic host management rule should " "be configured accordingly to avoid that the piggyback hosts for " "terminated CronJob pods are kept for too long. This 'Pods of CronJobs' " "option has no effect if Pods are not monitored"), ), ), ( "namespaces", CascadingDropdown( choices=[ ( "namespace-include-patterns", _("Monitor namespaces matching"), ListOf( valuespec=RegExp( mode=RegExp.infix, title=_("Pattern"), allow_empty=False, ), add_label=_("Add new pattern"), allow_empty=False, help= _("You can specify a list of regex patterns to monitor specific " "namespaces. Only those that do match the predefined patterns " "will be monitored."), ), ), ( "namespace-exclude-patterns", _("Exclude namespaces matching"), ListOf( valuespec=RegExp( mode=RegExp.infix, title=_("Pattern"), allow_empty=False, ), add_label=_("Add new pattern"), allow_empty=False, help= _("You can specify a list of regex patterns to exclude " "namespaces. Only those that do not match the predefined " "patterns are monitored."), ), ), ], orientation="horizontal", title=_("Monitor namespaces"), help= _("If your cluster has multiple namespaces, you can filter specific ones " "to be monitored. Note that this concerns everything which is part of the " "selected namespaces such as pods for example."), ), ), ( "cluster-resource-aggregation", CascadingDropdown( title=("Cluster resource aggregation"), choices=[ ( "cluster-aggregation-exclude-node-roles", _("Exclude Nodes based on their role"), ListOf( valuespec=RegExp( mode=RegExp.infix, allow_empty=False, size=50, ), add_label=_("Add new role"), allow_empty=True, movable=False, default_value=["control-plane", "infra"], ), ), ("cluster-aggregation-include-all-nodes", _("Include all Nodes")), ], orientation="horizontal", help=_( "You may find that some Nodes don't add resources to the overall " "workload your Cluster can handle. This option allows you to remove " "Nodes from aggregations on the Cluster host based on their role. A " "node will be omitted, if any of the listed {role}s matches a label " "with name 'node-role.kubernetes.io/{role}'. This affects the " "following services: Memory resources, CPU resources, Pod resources. " "Only Services on the Cluster host are affected. By default, Nodes " "with role control-plane and infra are omitted.", ), ), ), ( "import-annotations", CascadingDropdown( title=("Import annotations as host labels"), choices=[ ( "include-matching-annotations-as-host-labels", _("Filter valid annotations by key pattern"), RegExp( mode=RegExp.infix, allow_empty=False, default_value="checkmk-monitoring$", size=50, ), ), ( "include-annotations-as-host-labels", _("Import all valid annotations"), None, ), ], orientation="horizontal", help= _("By default, Checkmk does not import annotations. If " "this option is enabled, Checkmk will import any " "annotation that is a valid Kubernetes label. These " "imported annotations are added as host labels to their " "respective piggyback host using the syntax " "'cmk/kubernetes/annotation/{key}:{value}'. You can " "further restrict the imported annotations by specifying " "a pattern which Checkmk searches for in the key of the " "annotation."), ), ), ], optional_keys=[ "namespaces", "cluster-collector", "cluster-resource-aggregation", "import-annotations", ], default_keys=["cluster-collector"], title=_("Kubernetes"), )
def _valuespec_active_checks_mail_loop(): return Transform( Dictionary( title=_("Check Email Delivery"), help= _("This active check sends out special E-Mails to a defined mail address using " "the SMTP protocol and then tries to receive these mails back by querying the " "inbox of a IMAP or POP3 mailbox. With this check you can verify that your whole " "mail delivery progress is working."), optional_keys=[ "subject", "smtp_server", "smtp_tls", "smtp_port", "smtp_auth", "connect_timeout", "delete_messages", "duration", ], elements=[ ( "item", TextInput( title=_("Name"), help= _("The service description will be <b>Mail Loop</b> plus this name" ), allow_empty=False, ), ), ( "subject", TextInput( title=_("Subject"), allow_empty=False, help=_( "Here you can specify the subject text " "instead of default text 'Check_MK-Mail-Loop'."), ), ), ( "smtp_server", TextInput( title=_("SMTP Server"), allow_empty=False, help=_( "You can specify a hostname or IP address different from the IP address " "of the host this check will be assigned to."), ), ), ( "smtp_tls", FixedValue( value=True, title=_("Use TLS over SMTP"), totext=_("Encrypt SMTP communication using TLS"), ), ), ( "smtp_port", Integer( title=_("SMTP TCP Port to connect to"), help= _("The TCP Port the SMTP server is listening on. Defaulting to <tt>25</tt>." ), default_value=25, ), ), ( "smtp_auth", Tuple( title=_("SMTP Authentication"), elements=[ TextInput(title=_("Username"), allow_empty=False, size=24), IndividualOrStoredPassword(title=_("Password"), allow_empty=False, size=12), ], ), ), _mail_receiving_params({"IMAP", "POP3"}), ( "mail_from", EmailAddress(title=_("From: email address"), ), ), ( "mail_to", EmailAddress(title=_("Destination email address"), ), ), ( "connect_timeout", Integer( title=_("Connect Timeout"), minvalue=1, default_value=10, unit=_("sec"), ), ), ( "duration", Tuple( title=_("Loop duration"), elements=[ Age(title=_("Warning at")), Age(title=_("Critical at")), ], ), ), ( "delete_messages", FixedValue( value=True, title=_("Delete processed messages"), totext= _("Delete all processed message belonging to this check" ), help= _("Delete all messages identified as being related to this " "check. This is disabled by default, which will make " "your mailbox grow when you do not clean it up on your own." ), ), ), ], ), forth=transform_check_mail_loop_params, )
def _valuespec_active_checks_sql() -> Dictionary: return Dictionary( title=_("Check SQL Database"), help= _("This check connects to the specified database, sends a custom SQL-statement " "or starts a procedure, and checks that the result has a defined format " "containing three columns, a number, a text, and performance data. Upper or " "lower levels may be defined here. If they are not defined the number is taken " "as the state of the check. If a procedure is used, input parameters of the " "procedures may by given as comma separated list. " "This check uses the active check <tt>check_sql</tt>."), optional_keys=[ "levels", "levels_low", "perfdata", "port", "procedure", "text", "host" ], elements=[ ( "description", TextInput( title=_("Service Description"), help=_("The name of this active service to be displayed."), allow_empty=False, ), ), ( "dbms", DropdownChoice( title=_("Type of Database"), choices=[ ("mysql", _("MySQL")), ("postgres", _("PostgreSQL")), ("mssql", _("MSSQL")), ("oracle", _("Oracle")), ("db2", _("DB2")), ], default_value="postgres", ), ), ( "port", Integer( title=_("Database Port"), help=_("The port the DBMS listens to"), ), ), ( "name", TextInput( title=_("Database Name"), help=_("The name of the database on the DBMS"), allow_empty=False, ), ), ( "user", TextInput( title=_("Database User"), help=_("The username used to connect to the database"), allow_empty=False, ), ), ( "password", IndividualOrStoredPassword( title=_("Database Password"), help=_("The password used to connect to the database"), allow_empty=False, ), ), ( "sql", Transform( valuespec=TextAreaUnicode( title=_("Query or SQL statement"), help= _("The SQL-statement or procedure name which is executed on the DBMS. It must return " "a result table with one row and at least two columns. The first column must be " "an integer and is interpreted as the state (0 is OK, 1 is WARN, 2 is CRIT). " "Alternatively the first column can be interpreted as number value and you can " "define levels for this number. The " "second column is used as check output. The third column is optional and can " "contain performance data."), allow_empty=False, monospaced=True, ), # Former Alternative(Text, Alternative(FileUpload, Text)) based implementation # would save a string or a tuple with a string or a binary array as third element # which would then be turned into a string. # Just make all this a string forth=lambda old_val: [ elem.decode() if isinstance(elem, bytes) else str(elem) for elem in ((old_val[-1] if isinstance(old_val, tuple) else old_val), ) ][0], ), ), ( "procedure", Dictionary( optional_keys=["input"], title=_("Use procedure call instead of SQL statement"), help=_( "If you activate this option, a name of a stored " "procedure is used instead of an SQL statement. " "The procedure should return one output variable, " "which is evaluated in the check. If input parameters " "are required, they may be specified below."), elements=[ ( "useprocs", FixedValue( value=True, totext=_("procedure call is used"), ), ), ( "input", TextInput( title=_("Input Parameters"), allow_empty=True, help= _("Input parameters, if required by the database procedure. " "If several parameters are required, use commas to separate them." ), ), ), ], ), ), ( "levels", Tuple( title=_("Upper levels for first output item"), elements=[ Float(title=_("Warning at")), Float(title=_("Critical at")) ], ), ), ( "levels_low", Tuple( title=_("Lower levels for first output item"), elements=[ Float(title=_("Warning below")), Float(title=_("Critical below")) ], ), ), ( "perfdata", Transform( TextInput( title=_("Performance Data"), help= _("Store output value into RRD database in a metric with this name." ), default_value="performance_data", allow_empty=False, ), forth=transform_check_sql_perfdata, ), ), ( "text", TextInput( title=_("Prefix text"), help=_("Additional text prefixed to the output"), allow_empty=False, ), ), ( "host", TextInput( title=_("DNS hostname or IP address"), help= _("This defaults to the host for which the active check is configured." ), ), ), ], )
def _valuespec_special_agents_datadog() -> Dictionary: return Dictionary( title=_("Datadog"), help=_("Configuration of the Datadog special agent."), elements=[ ( "instance", Dictionary( title=_("Datadog instance"), help=_("Provide API host and credentials for your Datadog instance here."), elements=[ ( "api_key", IndividualOrStoredPassword( title=_("API Key"), allow_empty=False, ), ), ( "app_key", IndividualOrStoredPassword( title=_("Application Key"), allow_empty=False, ), ), ( "api_host", HTTPUrl( title=_("API host"), default_value="api.datadoghq.eu", ), ), ], optional_keys=False, ), ), ( "proxy", HTTPProxyReference(), ), ( "monitors", Dictionary( title=_("Fetch monitors"), help=_( "Fetch monitors from your datadog instance. Fetched monitors will be " "discovered as services on the host where the special agent is executed." ), elements=[ ( "tags", ListOfStrings( title=_("Restrict by tags"), help=_( "Restrict fetched monitors by tags (API field <tt>tags</tt>). " "Monitors must have all of the configured tags in order to be " "fetched." ), size=30, allow_empty=False, ), ), ( "monitor_tags", ListOfStrings( title=_("Restrict by monitor tags"), help=_( "Restrict fetched monitors by service and/or custom tags (API " "field <tt>monitor_tags</tt>). Monitors must have all of the " "configured tags in order to be fetched." ), size=30, allow_empty=False, ), ), ], ), ), ( "events", Dictionary( title=_("Fetch events"), help=_( "Fetch events from the event stream of your datadog instance. Fetched " "events will be forwared to the event console of the site where the " "special agent is executed." ), elements=[ ( "max_age", Age( title=_("Maximum age of fetched events (10 hours max.)"), help=_( "During each run, the agent will fetch events which are at " "maximum this old. The agent memorizes events already fetched " "during the last run, s.t. no event will be sent to the event " "console multiple times. Setting this value lower than the " "check interval of the host will result in missing events. " "Also note that the Datadog API allows for creating new events " "which lie in the past. Such events will be missed by the " "agent if their age exceeds the value specified here." ), minvalue=10, maxvalue=10 * 3600, default_value=600, display=["hours", "minutes", "seconds"], ), ), ( "tags", ListOfStrings( title=_("Restrict by tags"), help=_( "Restrict fetched events by tags (API field <tt>tags</tt>). " "Events must have all of the configured tags in order to be " "fetched." ), size=30, allow_empty=False, ), ), ( "tags_to_show", ListOfStrings( valuespec=RegExp( mode=RegExp.prefix, size=30, ), title=_("Tags shown in Event Console"), help=_( "This option allows you to configure which Datadog tags will be " "shown in the events forwarded to the Event Console. This is " "done by entering regular expressions matching one or more " "Datadog tags. Any matching tag will be added to the text of the " "corresponding event." ), allow_empty=False, ), ), ( "syslog_facility", DropdownChoice( choices=syslog_facilities, title=_("Syslog facility"), help=_( "Syslog facility of forwarded events shown in Event Console." ), default_value=1, ), ), ( "syslog_priority", DropdownChoice( choices=syslog_priorities, title=_("Syslog priority"), help=_( "Syslog priority of forwarded events shown in Event Console." ), default_value=1, ), ), ( "service_level", DropdownChoice( choices=service_levels(), title=_("Service level"), help=_("Service level of forwarded events shown in Event Console."), prefix_values=True, ), ), ( "add_text", DropdownChoice( choices=[ ( False, "Do not add text", ), ( True, "Add text", ), ], title=_("Add text of events"), default_value=False, help=_( "Add text of events to data forwarded to the Event Console. " "Newline characters are replaced by '~'." ), ), ), ], optional_keys=["tags", "tags_to_show"], ), ), ], optional_keys=["proxy", "monitors", "events"], )
def _valuespec_active_checks_http(): return Transform( valuespec=Dictionary( title=_("Check HTTP service"), help=_( "Check HTTP/HTTPS service using the plugin <tt>check_http</tt> " "from the standard Monitoring Plugins. " "This plugin tests the HTTP service on the specified host. " "It can test normal (HTTP) and secure (HTTPS) servers, follow " "redirects, search for strings and regular expressions, check " "connection times, and report on certificate expiration times." ), elements=[ ( "name", TextInput( title=_("Service name"), help= _("Will be used in the service description. If the name starts with " "a caret (<tt>^</tt>), the service description will not be prefixed with either " "<tt>HTTP</tt> or <tt>HTTPS</tt>."), allow_empty=False, validate=_validate_active_check_http_name, size=45, ), ), ("host", _active_checks_http_hostspec()), ("proxy", _active_checks_http_proxyspec()), ( "mode", CascadingDropdown( title=_("Mode of the Check"), help= _("Perform a check of the URL or the certificate expiration." ), choices=[ ( "url", _("Check the URL"), Dictionary( title=_("URL Checking"), elements=[ ( "uri", TextInput( title= _("URI to fetch (default is <tt>/</tt>)" ), help= _("The URI of the request. This should start with" " '/' and not include the domain" " (e.g. '/index.html')."), allow_empty=False, default_value="/", size=45, ), ), ( "ssl", Transform( valuespec=DropdownChoice( title= _("Use SSL/HTTPS for the connection" ), choices=[ ( "auto", _("Use SSL with auto negotiation" ), ), ("1.2", _("Use SSL, enforce TLSv1.2" )), ("1.1", _("Use SSL, enforce TLSv1.1" )), ("1", _("Use SSL, enforce TLSv1" )), ("2", _("Use SSL, enforce SSLv2" )), ("3", _("Use SSL, enforce SSLv3" )), ], default_value="auto", ), forth=lambda x: x is True and "auto" or x, ), ), ( "response_time", Tuple( title=_( "Expected response time"), elements=[ Float( title=_( "Warning if above" ), unit="ms", default_value=100.0, ), Float( title=_( "Critical if above" ), unit="ms", default_value=200.0, ), ], ), ), ( "timeout", Integer( title= _("Seconds before connection times out" ), unit=_("sec"), default_value=10, ), ), ( "user_agent", TextInput( title=_("User Agent"), help= _('String to be sent in http header as "User Agent"' ), allow_empty=False, ), ), ( "add_headers", ListOfStrings( title=_( "Additional header lines"), orientation="vertical", valuespec=TextInput(size=40), ), ), ( "auth", Tuple( title=_("Authorization"), help= _("Credentials for HTTP Basic Authentication" ), elements=[ TextInput( title=_("Username"), size=12, allow_empty=False, ), IndividualOrStoredPassword( title=_("Password"), ), ], ), ), ( "onredirect", DropdownChoice( title=_( "How to handle redirect"), choices=[ ("ok", _("Make check OK")), ("warning", _("Make check WARNING")), ("critical", _("Make check CRITICAL")), ("follow", _("Follow the redirection" )), ( "sticky", _("Follow, but stay to same IP address" ), ), ( "stickyport", _("Follow, but stay to same IP-address and port" ), ), ], default_value="follow", ), ), ( "expect_response_header", TextInput(title=_( "String to expect in response headers" ), ), ), ( "expect_response", ListOfStrings( title= _("Strings to expect in server response" ), help= _("At least one of these strings is expected in " "the first (status) line of the server response " "(default: <tt>HTTP/1.</tt>). If specified skips " "all other status line logic (ex: 3xx, 4xx, 5xx " "processing)"), ), ), ( "expect_string", TextInput( title= _("Fixed string to expect in the content" ), allow_empty=False, ), ), ( "expect_regex", Transform( valuespec=Tuple( orientation="vertical", show_titles=False, elements=[ RegExp( label= _("Regular expression: " ), mode=RegExp.infix, maxlen=1023, ), Checkbox(label=_( "Case insensitive") ), Checkbox(label=_( "return CRITICAL if found, OK if not" )), Checkbox(label=_( "Multiline string matching" )), ], ), forth=lambda x: len(x) == 3 and tuple(list(x) + [False]) or x, title= _("Regular expression to expect in content" ), ), ), ( "post_data", Tuple( title=_("Send HTTP POST data"), elements=[ TextInput( title=_( "HTTP POST data"), help= _("Data to send via HTTP POST method. " "Please make sure, that the data is URL-encoded." ), size=40, ), TextInput( title=_( "Content-Type"), default_value= "text/html", ), ], ), ), ( "method", DropdownChoice( title=_("HTTP Method"), default_value="GET", choices=[ ("GET", "GET"), ("POST", "POST"), ("OPTIONS", "OPTIONS"), ("TRACE", "TRACE"), ("PUT", "PUT"), ("DELETE", "DELETE"), ("HEAD", "HEAD"), ("CONNECT", "CONNECT"), ("PROPFIND", "PROPFIND"), ], ), ), ( "no_body", FixedValue( value=True, title= _("Don't wait for document body" ), help= _("Note: this still does an HTTP GET or POST, not a HEAD." ), totext=_( "don't wait for body"), ), ), ( "page_size", Tuple( title=_("Page size to expect"), elements=[ Integer(title=_("Minimum"), unit=_("Bytes")), Integer(title=_("Maximum"), unit=_("Bytes")), ], ), ), ( "max_age", Age( title=_("Maximum age"), help= _("Warn, if the age of the page is older than this" ), default_value=3600 * 24, ), ), ( "urlize", FixedValue( value=True, title=_("Clickable URLs"), totext= _("Format check output as hyperlink" ), help= _("With this option the check produces an output that is a valid hyperlink " "to the checked URL and this clickable." ), ), ), ( "extended_perfdata", FixedValue( value=True, totext=_("Extended perfdata"), title= _("Record additional performance data" ), help= _("This option makes the HTTP check produce more detailed performance data values " "like the connect time, header time, time till first byte received and the " "transfer time."), ), ), ], ), ), ( "cert", _("Check SSL Certificate Age"), Dictionary( title=_("Certificate Checking"), help=_( "Port defaults to 443. In this mode the URL" " is not checked."), elements=[ ( "cert_days", Transform( valuespec=Tuple( title=_("Age"), help=_( "Minimum number of days a certificate" " has to be valid."), elements=[ Integer( title= _("Warning at or below" ), minvalue=0, unit=_("days"), ), Integer( title= _("Critical at or below" ), minvalue=0, unit=_("days"), ), ], ), forth=transform_cert_days, ), ), ], required_keys=["cert_days"], ), ), ], ), ), ( "disable_sni", FixedValue( value=True, totext="", title= _("Advanced: Disable SSL/TLS hostname extension support (SNI)" ), help= _("In earlier versions of Check_MK users had to enable SNI explicitly." " We now assume users allways want SNI support. If you don't, you" " can disable it with this option."), ), ), ], required_keys=["name", "host", "mode"], validate=_active_checks_http_validate_all, ), forth=_active_checks_http_transform_check_http, )
def _common_email_parameters(protocol, port_defaults): return Dictionary( title=protocol, optional_keys=["server", "email_address"], elements=[ ( "server", HostAddress( title=f"{protocol} Server", allow_empty=False, help=_( "You can specify a hostname or IP address different from the IP address " "of the host this check will be assigned to."), ), ), ( "connection", Dictionary( required_keys=[], title=_("Connection settings"), elements=[ ( "disable_tls", Checkbox( title=_("Disable TLS/SSL"), label=_("Force unencrypted communication"), ), ), ( "disable_cert_validation", Checkbox( title=_("Disable certificate validation"), label= _("Ignore unsuccessful validation (in case of TLS/SSL)" ), ), ), ( "tcp_port", Integer( title=_("TCP Port"), label=_("(default is %r for %s/TLS)") % (port_defaults, protocol), ), ), ], ), ), ( "auth", Tuple( title=_("Authentication"), elements=[ TextInput(title=_("Username"), allow_empty=False), IndividualOrStoredPassword( title=_("Password"), allow_empty=False, size=12), ], ), ), ] + ([( "email_address", EmailAddress( title=_("Email address used for account identification"), label=_("(overrides <b>username</b>)"), help= _("Used to specify the account to be contacted" " (aka. 'PrimarySmtpAddress') in case it's different from the" " username. If not specified the credentials username is used." ), allow_empty=False, ), )] if protocol == "EWS" else []), # type: ignore[arg-type] )
def _connection_elements(self): connection_elements = [ ( "directory_type", CascadingDropdown( title=_("Directory type"), help=_( "Select the software the LDAP directory is based on. Depending on " "the selection e.g. the attribute names used in LDAP queries will " "be altered." ), choices=[ ("ad", _("Active Directory"), self._vs_directory_options("ad")), ("openldap", _("OpenLDAP"), self._vs_directory_options("openldap")), ( "389directoryserver", _("389 Directory Server"), self._vs_directory_options("389directoryserver"), ), ], ), ), ( "bind", Tuple( title=_("Bind credentials"), help=_( "Set the credentials to be used to connect to the LDAP server. The " "used account must not be allowed to do any changes in the directory " "the whole connection is read only. " "In some environment an anonymous connect/bind is allowed, in this " "case you don't have to configure anything here." "It must be possible to list all needed user and group objects from the " "directory." ), elements=[ LDAPDistinguishedName( title=_("Bind DN"), help=_( "Specify the distinguished name to be used to bind to " "the LDAP directory, e. g. <tt>CN=ldap,OU=users,DC=example,DC=com</tt>" ), size=63, ), IndividualOrStoredPassword( title=_("Bind password"), help=_( "Specify the password to be used to bind to " "the LDAP directory." ), ), ], ), ), ( "port", Integer( title=_("TCP port"), help=_( "This variable allows to specify the TCP port to " "be used to connect to the LDAP server. " ), minvalue=1, maxvalue=65535, default_value=389, ), ), ( "use_ssl", FixedValue( title=_("Use SSL"), help=_( "Connect to the LDAP server with a SSL encrypted connection. The " '<a href="wato.py?mode=edit_configvar&site=&varname=trusted_certificate_authorities">trusted ' "certificates authorities</a> configured in Check_MK will be used to validate the " "certificate provided by the LDAP server." ), value=True, totext=_("Encrypt the network connection using SSL."), ), ), ( "connect_timeout", Float( title=_("Connect timeout"), help=_("Timeout for the initial connection to the LDAP server in seconds."), unit=_("Seconds"), minvalue=1.0, default_value=2.0, ), ), ( "version", DropdownChoice( title=_("LDAP version"), help=_( "Select the LDAP version the LDAP server is serving. Most modern " "servers use LDAP version 3." ), choices=[(2, "2"), (3, "3")], default_value=3, ), ), ( "page_size", Integer( title=_("Page size"), help=_( "LDAP searches can be performed in paginated mode, for example to improve " "the performance. This enables pagination and configures the size of the pages." ), minvalue=1, default_value=1000, ), ), ( "response_timeout", Integer( title=_("Response timeout"), unit=_("Seconds"), help=_("Timeout for LDAP query responses."), minvalue=0, default_value=5, ), ), ( "suffix", TextInput( allow_empty=False, title=_("LDAP connection suffix"), help=_( "The LDAP connection suffix can be used to distinguish equal named objects " "(name conflicts), for example user accounts, from different LDAP connections.<br>" "It is used in the following situations:<br><br>" "During LDAP synchronization, the LDAP sync might discover that a user to be " "synchronized from from the current LDAP is already being synchronized from " "another LDAP connection. Without the suffix configured this results in a name " "conflict and the later user not being synchronized. If the connection has a " "suffix configured, this suffix is added to the later username in case of the name " "conflict to resolve it. The user will then be named <tt>[username]@[suffix]</tt> " "instead of just <tt>[username]</tt>.<br><br>" "In the case a user which users name is existing in multiple LDAP directories, " "but associated to different persons, your user can insert <tt>[username]@[suffix]</tt>" " during login instead of just the plain <tt>[username]</tt> to tell which LDAP " "directory he is assigned to. Users without name conflict just need to provide their " "regular username as usual." ), regex=re.compile(r"^[A-Z0-9.-]+(?:\.[A-Z]{2,24})?$", re.I), validate=self._validate_ldap_connection_suffix, ), ), ] return connection_elements
def _valuespec_active_checks_smtp(): return Tuple( title=_("Check SMTP service access"), help=_("This check uses <tt>check_smtp</tt> from the standard " "Nagios plugins in order to try the response of an SMTP " "server."), elements=[ TextInput( title=_("Name"), help= _("The service description will be <b>SMTP</b> plus this name. If the name starts with " "a caret (<tt>^</tt>), the service description will not be prefixed with <tt>SMTP</tt>." ), allow_empty=False, ), Transform( valuespec=Dictionary( title=_("Optional parameters"), elements=[ ( "hostname", TextInput( title=_("DNS Hostname or IP address"), allow_empty=False, help= _("You can specify a hostname or IP address different from the IP address " "of the host as configured in your host properties." ), ), ), ( "port", Transform( valuespec=Integer( title=_("TCP Port to connect to"), help=_( "The TCP Port the SMTP server is listening on. " "The default is <tt>25</tt>."), size=5, minvalue=1, maxvalue=65535, default_value=25, ), forth=int, ), ), ip_address_family_element(), ( "expect", TextInput( title=_("Expected String"), help=_( "String to expect in first line of server response. " "The default is <tt>220</tt>."), size=8, allow_empty=False, default_value="220", ), ), ( "commands", ListOfStrings( title=_("SMTP Commands"), help=_("SMTP commands to execute."), ), ), ( "command_responses", ListOfStrings( title=_("SMTP Responses"), help= _("Expected responses to the given SMTP commands." ), ), ), ( "from", TextInput( title=_("FROM-Address"), help= _("FROM-address to include in MAIL command, required by Exchange 2000" ), size=20, allow_empty=True, default_value="", ), ), ( "fqdn", TextInput( title=_("FQDN"), help=_("FQDN used for HELO"), size=20, allow_empty=True, default_value="", ), ), ( "cert_days", Transform( valuespec=Tuple( title=_("Minimum Certificate Age"), help= _("Minimum number of days a certificate has to be valid" ), elements=[ Integer( title=_("Warning at or below"), minvalue=0, unit=_("days"), ), Integer( title=_("Critical at or below"), minvalue=0, unit=_("days"), ), ], ), forth=transform_cert_days, ), ), ( "starttls", FixedValue( value=True, totext=_("STARTTLS enabled."), title=_("Use STARTTLS for the connection."), ), ), ( "auth", Tuple( title=_("Enable SMTP AUTH (LOGIN)"), help= _("SMTP AUTH type to check (default none, only LOGIN supported)" ), elements=[ TextInput( title=_("Username"), size=12, allow_empty=False, ), IndividualOrStoredPassword( title=_("Password"), size=12, allow_empty=False, ), ], ), ), ( "response_time", Tuple( title=_("Expected response time"), elements=[ Float(title=_("Warning if above"), unit=_("sec"), allow_int=True), Float(title=_("Critical if above"), unit=_("sec"), allow_int=True), ], ), ), ( "timeout", Integer( title=_("Seconds before connection times out"), unit=_("sec"), default_value=10, ), ), ], ), forth=_active_checks_smtp_transform_smtp_address_family, ), ], )
def _valuespec_special_agents_azure(): return Dictionary( title=_("Microsoft Azure"), help= _("To monitor Azure resources add this datasource to <b>one</b> host. " "The data will be transported using the piggyback mechanism, so make " "sure to create one host for every monitored resource group. You can " "learn about the discovered groups in the <i>Azure Agent Info</i> " "service of the host owning the datasource program."), # element names starting with "--" will be passed do cmd line w/o parsing! elements=[ ( "subscription", TextInput( title=_("Subscription ID"), allow_empty=False, size=45, ), ), ( "tenant", TextInput( title=_("Tenant ID / Directory ID"), allow_empty=False, size=45, ), ), ( "client", TextInput( title=_("Client ID / Application ID"), allow_empty=False, size=45, ), ), ( "secret", IndividualOrStoredPassword( title=_("Client Secret"), allow_empty=False, size=45, ), ), ( "config", Dictionary( title=_("Retrieve information about..."), # Since we introduced this, Microsoft has already reduced the number # of allowed API requests. At the time of this writing (11/2018) # you can find the number here: # https://docs.microsoft.com/de-de/azure/azure-resource-manager/resource-manager-request-limits help= _("By default, all resources associated to the configured tenant ID" " will be monitored.") + " " + _("However, since Microsoft limits API calls to %s per hour" " (%s per minute), you can restrict the monitoring to individual" " resource groups and resources.") % ("12000", "200"), elements=[ ("explicit", _special_agents_azure_azure_explicit_config()), ("tag_based", _special_agents_azure_azure_tag_based_config()), ], ), ), ( "piggyback_vms", DropdownChoice( title=_("Map data relating to VMs"), help= _("By default, data relating to a VM is sent to the group host" " corresponding to the resource group of the VM, the same way" " as for any other resource. If the VM is present in your " " monitoring as a separate host, you can choose to send the data" " to the VM itself."), choices=[ ("grouphost", _("Map data to group host")), ("self", _("Map data to the VM itself")), ], ), ), ( "sequential", DropdownChoice( title=_("Force agent to run in single thread"), help=_("Check this to turn off multiprocessing." " Recommended for debugging purposes only."), choices=[ (False, _("Run agent multithreaded")), (True, _("Run agent in single thread")), ], ), ), ], optional_keys=["subscription", "piggyback_vms", "sequential"], )
def _valuespec_special_agents_kubernetes(): return Transform( valuespec=Dictionary( elements=[ ( "api-server-endpoint", CascadingDropdown( choices=[ ( "hostname", _("Hostname"), Dictionary( elements=_kubernetes_connection_elements( )), ), ( "ipaddress", _("IP address"), Dictionary( elements=_kubernetes_connection_elements( )), ), ( "url_custom", _("Custom URL"), TextInput( allow_empty=False, size=80, ), ), ], orientation="horizontal", title=_("API server endpoint"), help= _('The URL that will be contacted for Kubernetes API calls. If the "Hostname" ' 'or the "IP Address" options are selected, the DNS hostname or IP address and ' "a secure protocol (HTTPS) are used."), ), ), ( "token", IndividualOrStoredPassword( title=_("Token"), allow_empty=False, ), ), ( "no-cert-check", Alternative( title=_("SSL certificate verification"), elements=[ FixedValue(value=False, title=_("Verify the certificate"), totext=""), FixedValue( value=True, title=_( "Ignore certificate errors (unsecure)"), totext="", ), ], default_value=False, ), ), ( "namespaces", Alternative( title=_("Namespace prefix for hosts"), elements=[ FixedValue(value=False, title=_("Don't use a namespace prefix"), totext=""), FixedValue(value=True, title=_("Use a namespace prefix"), totext=""), ], help= _("If a cluster uses multiple namespaces you need to activate this option. " "Hosts for namespaced Kubernetes objects will then be prefixed with the " "name of their namespace. This makes Kubernetes resources in different " "namespaces that have the same name distinguishable, but results in " "longer hostnames."), default_value=False, ), ), ( "infos", ListChoice( choices=[ ("nodes", _("Nodes")), ("services", _("Services")), ("ingresses", _("Ingresses")), ("deployments", _("Deployments")), ("pods", _("Pods")), ("endpoints", _("Endpoints")), ("daemon_sets", _("Daemon sets")), ("stateful_sets", _("Stateful sets")), ("jobs", _("Job")), ], default_value=[ "nodes", "endpoints", "ingresses", ], allow_empty=False, title=_("Retrieve information about..."), ), ), filter_kubernetes_namespace_element(), ], optional_keys=[ "port", "url-prefix", "path-prefix", "namespace_include_patterns" ], title=_("Kubernetes (deprecated)"), help=_( "This special agent is deprecated and will be removed in " 'Checkmk version 2.2.0. Please use the "Kubernetes" ruleset to ' "configure the new special agent for Kubernetes."), ), forth=special_agents_kubernetes_transform, )
def _valuespec_special_agents_aws(): return Transform( valuespec=Dictionary( title=_("Amazon Web Services (AWS)"), elements=[ ( "access_key_id", TextInput( title=_("The access key ID for your AWS account"), allow_empty=False, size=50, ), ), ( "secret_access_key", IndividualOrStoredPassword( title=_("The secret access key for your AWS account"), allow_empty=False, ), ), ( "proxy_details", Dictionary( title=_("Proxy server details"), elements=[ ("proxy_host", TextInput(title=_("Proxy host"), allow_empty=False)), ("proxy_port", Integer(title=_("Port"))), ( "proxy_user", TextInput( title=_("Username"), size=32, ), ), ("proxy_password", IndividualOrStoredPassword(title=_("Password"))), ], optional_keys=[ "proxy_port", "proxy_user", "proxy_password" ], ), ), ( "assume_role", Dictionary( title=_("Assume a different IAM role"), elements=[( "role_arn_id", Tuple( title= _("Use STS AssumeRole to assume a different IAM role" ), elements=[ TextInput( title=_( "The ARN of the IAM role to assume" ), size=50, help= _("The Amazon Resource Name (ARN) of the role to assume." ), ), TextInput( title=_("External ID (optional)"), size=50, help= _("A unique identifier that might be required when you assume a role in another " "account. If the administrator of the account to which the role belongs provided " "you with an external ID, then provide that value in the External ID parameter. " ), ), ], ), )], ), ), ( "global_services", Dictionary( title=_("Global services to monitor"), elements=[ ( "ce", FixedValue( value=None, totext=_("Monitor costs and usage"), title=_("Costs and usage (CE)"), ), ), ( "route53", FixedValue(value=None, totext=_("Monitor Route53"), title=_("Route53")), ), ], ), ), ( "regions", ListChoice( title=_("Regions to use"), choices=sorted(aws_constants.AWSRegions, key=lambda x: x[1]), ), ), ( "services", Dictionary( title=_("Services per region to monitor"), elements=[ ( "ec2", Dictionary( title=_("Elastic Compute Cloud (EC2)"), elements=[ _vs_element_aws_service_selection(), _vs_element_aws_limits(), ], optional_keys=["limits"], default_keys=["limits"], ), ), ( "ebs", Dictionary( title=_("Elastic Block Storage (EBS)"), elements=[ _vs_element_aws_service_selection(), _vs_element_aws_limits(), ], optional_keys=["limits"], default_keys=["limits"], ), ), ( "s3", Dictionary( title=_("Simple Storage Service (S3)"), elements=[ _vs_element_aws_service_selection(), _vs_element_aws_limits(), ( "requests", FixedValue( value=None, totext=_( "Monitor request metrics"), title=_("Request metrics"), help= _("In order to monitor S3 request metrics you have to " "enable request metric monitoring in the AWS/S3 console. " "This is a paid feature"), ), ), ], optional_keys=["limits", "requests"], default_keys=["limits"], ), ), ( "glacier", Dictionary( title=_("Amazon S3 Glacier (Glacier)"), elements=[ _vs_element_aws_service_selection(), _vs_element_aws_limits(), ], optional_keys=["limits"], default_keys=["limits"], ), ), ( "elb", Dictionary( title=_("Classic Load Balancing (ELB)"), elements=[ _vs_element_aws_service_selection(), _vs_element_aws_limits(), ], optional_keys=["limits"], default_keys=["limits"], ), ), ( "elbv2", Dictionary( title= _("Application and Network Load Balancing (ELBv2)" ), elements=[ _vs_element_aws_service_selection(), _vs_element_aws_limits(), ], optional_keys=["limits"], default_keys=["limits"], ), ), ( "rds", Dictionary( title=_( "Relational Database Service (RDS)"), elements=[ _vs_element_aws_service_selection(), _vs_element_aws_limits(), ], optional_keys=["limits"], default_keys=["limits"], ), ), ( "cloudwatch_alarms", Dictionary( title=_("CloudWatch Alarms"), elements=[ ( "alarms", CascadingDropdown( title=_("Selection of alarms"), choices=[ ("all", _("Gather all")), ( "names", _("Use explicit names" ), ListOfStrings(), ), ], ), ), _vs_element_aws_limits(), ], optional_keys=["alarms", "limits"], default_keys=["alarms", "limits"], ), ), ( "dynamodb", Dictionary( title=_("DynamoDB"), elements=[ _vs_element_aws_service_selection(), _vs_element_aws_limits(), ], optional_keys=["limits"], default_keys=["limits"], ), ), ( "wafv2", Dictionary( title=_( "Web Application Firewall (WAFV2)"), elements=[ _vs_element_aws_service_selection(), _vs_element_aws_limits(), ( "cloudfront", FixedValue( value=None, totext=_( "Monitor CloudFront WAFs"), title=_("CloudFront WAFs"), help=_( "Include WAFs in front of CloudFront resources in the " "monitoring"), ), ), ], optional_keys=["limits", "cloudfront"], default_keys=["limits", "cloudfront"], ), ), ( "lambda", Dictionary( title=_("Lambda"), elements=[ _vs_element_aws_service_selection(), _vs_element_aws_limits(), ], optional_keys=["limits"], default_keys=["limits"], ), ), ], default_keys=[ "ec2", "ebs", "s3", "glacier", "elb", "elbv2", "rds", "cloudwatch_alarms", "dynamodb", "wafv2", "lambda", ], ), ), ( "overall_tags", _vs_aws_tags( _("Restrict monitoring services by one of these AWS tags" )), ), ], optional_keys=["overall_tags", "proxy_details"], ), forth=_transform_aws, )
def _common_email_parameters(protocol, port_defaults): return Dictionary( title=protocol, optional_keys=["server"], elements=[ ( "server", HostAddress( title=f"{protocol} Server", allow_empty=False, help=_( "You can specify a hostname or IP address different from the IP address " "of the host this check will be assigned to."), ), ), ( "connection", Dictionary( required_keys=[], title=_("Connection settings"), elements=[ ( "disable_tls", Checkbox( title=_("Disable TLS/SSL"), label=_("Force unencrypted communication"), ), ), ( "disable_cert_validation", Checkbox( title=_("Disable certificate validation"), label= _("Ignore unsuccessful validation (in case of TLS/SSL)" ), ), ), ( "tcp_port", Integer( title=_("TCP Port"), label=_("(default is %r for %s/TLS)") % (port_defaults, protocol), ), ), ], ), ), ( "auth", Tuple( title=_("Authentication"), elements=[ TextInput(title=_("Username"), allow_empty=False, size=24), IndividualOrStoredPassword(title=_("Password"), allow_empty=False, size=12), ], ), ), ], )
def _valuespec_active_checks_sftp(): return Tuple( title=_("Check SFTP Service"), help=_( "Check functionality of a SFTP server. You can use the default values for putting or getting " "a file. This file will then be created for the test and deleted afterwards. It will of course not " "deleted if it was not created by this active check." ), elements=[ TextInput(title=_("Hostname"), allow_empty=False), TextInput(title=_("Username"), allow_empty=False), IndividualOrStoredPassword(title=_("Password"), allow_empty=False), Dictionary( elements=[ ( "description", TextInput(title=_("Service Description"), default_value="SFTP", size=30), ), ("port", Integer(title=_("Port"), default_value=22)), ("timeout", Integer(title=_("Timeout"), default_value=10)), ( "timestamp", TextInput( title=_("Timestamp of a remote file"), size=30, help=_( "Show timestamp of a given file. You only need to specify the " "relative path of the remote file. Examples: 'myDirectory/testfile' " " or 'testfile'" ), ), ), ( "put", Tuple( title=_("Put file to SFTP server"), elements=[ TextInput( title=_("Local file"), size=30, default_value="tmp/check_mk_testfile", help=_( "Local path including filename. Base directory for this relative path " "will be the home directory of your site. The testfile will be created " "if it does not exist. Examples: 'tmp/testfile' (file will be located in " "$OMD_ROOT/tmp/testfile )" ), ), TextInput( title=_("Remote destination"), size=30, default_value="", help=_( "Remote path where to put the file. If you leave this empty, the file will be placed " "in the home directory of the user. Example: 'myDirectory' " ), ), ], ), ), ( "get", Tuple( title=_("Get file from SFTP server"), elements=[ TextInput( title=_("Remote file"), size=30, default_value="check_mk_testfile", help=_( "Remote path including filename " "(e.g. 'testfile'). If you also enabled " "'Put file to SFTP server', you can use the same file for both tests." ), ), TextInput( title=_("Local destination"), size=30, default_value="tmp", help=_( "Local path where to put the downloaded file " "(e.g. 'tmp' )." ), ), ], ), ), ] ), ], )