README.md

#  Cisco TrustSec

Collection of plugins to monitor the Cisco TrustSec status
*  _cisco_trustsec_pac_: monitors the TustSec PAC status
*  _cisco_trustsec_environment_: monitors the TrustSec environment status
*  _cisco_trustsec_sxp_peer_: monitors the status of TrustSec SXP peers
*  _cisco_trustsec_server_: monitors the status of TrustSec download servers

---
### Download
* [cisco_trustsec.mkp](https://thl-cmk.hopto.org/gitlab/checkmk/cisco/cisco_trustsec/-/raw/master/cisco_trustsec.mkp "Download the MKP file")
                        
---
### Installation

You can install the package by uploading it to your CheckMK site and as site user run `mkp install cisco_trustsec.mkp`.


In the Enterprise/Free edition of CheckMK you can use the GUI to install the package (_Setup_ -> _Extension Packages_ -> _Upload package_)

---
### Want to Contribute?
Nice ;-) Have a look at the [contribution guidelines](CONTRIBUTING.md "Contributing")

---
### Check Info *cisco_trustsec_pac*:

* _service_: this check creates the service **_TrustSec PAC**_ for each PAC entry with the PAC index as item
* _state_: 
    * **critical**: if the PAC is expired
    * **critical**/**warning** if outside the configured levels for PAC expiration
* _wato_: 
    * Monitoring state for expired PAC
    * Levels for to PAC expiration
* _perfdata_: time to expire in seconds

Sample output

![sample output](/doc/sample_trustsec_pac.png?raw=true "sample trustsec pac")

---
### Check Info *cisco_trustsec_environment*:

* _service_: this check creates the service **_TrustSec environment_**
* _state_: 
    * **critical** if environment download status is failed, incomplete or timed out
    * **warning** if environment download status is other, inprogress or cleared
    * **critical**/**warning** if refresh overdue outside the configured levels
* _wato_: 
    * Levels for refresh overdue in hours
    * Monitoring states for environment download status
* _perfdata_: time to refresh in seconds

Sample output

![sample output](/doc/sample_trustsec_env.png?raw=true "sample output trustsec environment")

---
### Check Info *cisco_trustsec_sxp_peer*:

* _service_: this check creates the service **_TrustSec SXP peer_** for each SXP peer with the peer IP-address as item
* _state_: 
    *  **critical** if peer status is off
    *  **warning** if peer status is other, pending on* or delete hold down
    *  **critical**/**warning** if uptime less than the configured levels
* _wato_: 
    * Monitoring state for SXP peer status and SXP peer not found in SNMP data
    * Levels for minimal uptime in minutes
    * Alias for each SXP peer
* _perfdata_: uptime

Sample output

![sample output](/doc/sample_trustsec_sxp_peer.png?raw=true "sample trustsec scp peer")

---
### Check Info *cisco_trustsec_server*:

+ _service_: this check creates the service **_TrustSec server_** for each download server with the server IP-address as item
* _state_:
    * **critical** if the server status is not alive
    * **warning**  if server is not provisioned or server tests are not enabled
* _wato_:
    * Monitoring state for Server status, Server provision, Server test enabled, Server not found in SNMP data
    * Alias for each server
* _perfdata_: none

Sample output

![sample output](/doc/sample_trustsec_server.png?raw=true "sample trustsec server")