How to create a Nagios probe

[Paulin Halenria]

Hello

I’m monitoring a lot of stuffs about my WP using Nagios (Updates availables, DNS Changes, Server status, etc…)

I’d like to be able to monitor BPS Pro health on my WP.

The part that interest me the most is the status

BULLETPROOF PRO 6.5 SECURE .HTACCESS || AutoRestore/Quarantine Status: Off || Firewall Status: Off || UAEG Status: On || Login Security Status: On

I’d like to know it the colored information (the Off and the On) are reachable easily by doing MySQL requests ? Is it a kind of Boolean in the Mysql DB ? (a kind of as there is no boolean in MySQL) ?

I’m also planning to check the content of the different log files. I’m planning to use a shell wc command to check if the numbers of lines increases. Maybe do you have a better idea ?

Thanks
PH

[AITpro Admin]

To retrieve BPS Pro plugin option values from the database you would use the WordPress get_option() function.  To find all BPS Pro option names you will find them in the admin.php file in this folder:  /bulletproof-security/admin/includes/admin.php.

$options = get_option('the_option_group_name');

echo $options['the_individual_option_name'];

A shell command sounds ok.

[Paulin Halenria]

Hmmmm… Isn’t there a way to check directly in the Database ?

Nagios is outside of WordPress.

[AITpro Admin]

The get_option() WordPress function does check the Database, but yes it is dependent on other Core WordPress files being loaded.  You could do a standard MySQL Query instead.

IMPORTANT NOTE:  This code does not contain any security coding and assumes that this code is being used from a secure location and does not allow end user input.  If you are allowing user input you need to add addtional security/sanitizing code, such as:  mysql_real_escape_string() / mysqli_real_escape_string().

http://php.net/manual/en/function.mysql-real-escape-string.php

// if you use a Form then use this - if not then remove this
if ( isset($_POST['Form-Submit-Name']) ) {

// if you use a Form then use the $_POST values - if not then add these directly
$DBHost = $_POST['dbhost'];
$DBUser = $_POST['dbuser'];
$DBPass = $_POST['dbpassword'];
$DBName = $_POST['dbname'];
$wp_options = $_POST['tableprefix'] . "options";

$link = mysql_connect($DBHost, $DBUser, $DBPass);
if (!$link) {
die('<strong><font color="red">Could Not Connect to Database: </font></strong>' . mysql_error());
}
echo '<strong><font color="green">Connected To Database: </font>' . $DBHost . ' <font color="green">Successfully.</font></strong><br>';
if ( !mysql_select_db($DBName, $link) ) {
echo '<strong><font color="red">Unable to select: </font>' . $DBName .' </strong>' . mysql_error();
exit;
}

$sql = "SELECT * FROM $wp_options WHERE option_name = 'Add_the_BPS_option_name'";

$BPSDBOption = mysql_query($sql);

if ( !$BPSDBOption ) {
echo '<strong><font color="red">Could Not Run Query: </font></strong>'. "($sql)". '<strong><font color="red"> from DB: </font></strong>' . mysql_error();
exit;
}

if ( mysql_num_rows($BPSDBOption) == 0) {
echo '<strong><font color="red">The X Option Does Not Exist.</font></strong>';
}

// While a row of data exists, put that row in $row as an associative array
// Note: If you're expecting just one row, no need to use a loop

while ( $row = mysql_fetch_assoc($BPSDBOption) ) {
echo '<strong><font color="green">Database option_name: </font></strong>' . $row["option_name"] . '<strong><font color="green"> Some other message.</font></strong><br>';
echo '<strong><font color="green">Database option_value: </font></strong>' . $row["option_value"] . '<strong><font color="green"> Some other message.</font></strong><br>';
}

mysql_free_result($BPSDBOption);
}

[Author]

Posts