-
Notifications
You must be signed in to change notification settings - Fork 2
/
Copy pathcheck_nextcloud.php
126 lines (101 loc) · 3.71 KB
/
check_nextcloud.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
#!/usr/bin/php
<?php
/***
*
* Monitoring plugin to check the status of nextcloud security scan for a given hostname + URI
*
* Copyright (c) 2017 Jan Vonde <mail@jan-von.de>
*
*
* Usage: /usr/bin/php ./check_nextcloud.php -H cloud.example.com -u /nextcloud -z "Europe/Berlin"
*
*
* Don't run this check too often. You could run into an API limit on the
* nextcloud scan server. Once a day is good.
*
*
* For more information visit https://github.com/janvonde/check_nextcloud
*
* Changelog
* 2019-01-26 Christian Wirtz <doc@snowheaven.de>, Added timezone handling
*
***/
// get commands passed as arguments
$options = getopt("H:u:z:");
if (!is_array($options) ) {
print "There was a problem reading the passed option.\n\n";
exit(1);
}
if (count($options) != "3") {
print "check_nextcloud.php - Monitoring plugin to check the status of nextcloud security scan for a given hostname + URI.\n
You need to specify the following parameters:
-H: hostname of the nextcloud instance, for example cloud.example.com
-u: uri of the nextcloud instance, for example / or /nextcloud
-z: timezone of the nextcloud instance, for example Europe/Berlin \n\n";
exit(2);
}
$nchost = trim($options['H']);
$ncuri = trim($options['u']);
$ncurl = $nchost . $ncuri;
$nctz = trim($options['z']);
date_default_timezone_set("$nctz");
// get UUID from scan.nextcloud.com service
$url = 'https://scan.nextcloud.com/api/queue';
$data = array("url" => "$ncurl");
$options = array(
'http' => array(
'header' => "Content-type: application/x-www-form-urlencoded\r\nX-CSRF: true\r\n",
'method' => 'POST',
'content' => http_build_query($data),
)
);
$postcontext = stream_context_create($options);
$answer = @file_get_contents($url, false, $postcontext);
if ($answer === FALSE) {
echo "WARNING: Could not get get UUID for given host $ncurl. Aborting. \n";
exit (1);
}
$result = json_decode($answer, true);
$uuid = $result['uuid'];
// get information for the uuid
$getcontext = stream_context_create(array(
'http' => array(
'timeout' => 3
)
)
);
$uuidresult_fetch = @file_get_contents("https://scan.nextcloud.com/api/result/$uuid", false, $getcontext);
if ($uuidresult_fetch === FALSE) {
echo "WARNING: Could not get information for given host $ncurl. Aborting. \n";
exit (1);
}
$uuidresult = json_decode($uuidresult_fetch, true);
// if ithe result is older than 24h requeue the host for rescanning
if (strtotime($uuidresult['scannedAt']['date']) <= strtotime('-24 hours')) {
// use the same parameters from queue call, just change url
$url = 'https://scan.nextcloud.com/api/requeue';
$result = json_decode(file_get_contents($url, false, $postcontext), true);
}
// print output for icinga
$rating = $uuidresult['rating'];
$vulns = count($uuidresult['vulnerabilities']);
$lastscan = date("d.m.Y - H:i:s\h", strtotime($uuidresult['scannedAt']['date']));
if ($rating == 5) { $tr = "A+"; }
if ($rating == 4) { $tr = "A"; }
if ($rating == 3) { $tr = "C"; }
if ($rating == 2) { $tr = "D"; }
if ($rating == 1) { $tr = "E"; }
if ($rating == 0) { $tr = "F"; }
if ($rating == 5 || $rating == 4) {
echo "OK: $tr rating for $ncurl, $vulns vulnerabilities identified, last scan: $lastscan | badrating=0, vulnerabilities=$vulns\n";
exit(0);
}
if ($rating == 3 || $rating == 2) {
echo "WARNING: $tr rating for $ncurl, $vulns vulnerabilities identified, last scan: $lastscan. Please see https://scan.nextcloud.com/results/$uuid | badrating=1, vulnerabilities=$vulns\n";
exit(1);
}
if ($rating == 1 || $rating == 0) {
echo "CRITICAL: $tr rating for $ncurl, $vulns vulnerabilities identified, last scan: $lastscan. Immediate action required! See https://scan.nextcloud.com/results/$uuid | badrating=2, vulnerabilities=$vulns\n";
exit(2);
}
?>