Utilities and monitoring probes for Perun ProxyIdP
Project description
Perun proxy utils
Scripts and monitoring probes related to Perun ProxyIdP.
Installation
Install via pip:
pip install perun.proxy.utils
There are several extras which are required only for some scripts:
[ldap]
for check_ldap and check_ldap_syncrepl- this also requires installing build prerequisites of the python-ldap library
[postgresql]
for check_pgsql
Scripts
run_probes
- script designed to execute multiple monitoring probes
- output is compatible with CheckMK
- it is required to put configuration file to
/etc/run_probes_cfg.yaml
For usage instructions, run:
run_probes
separate_ssp_logs
Script removes all logs from test accounts from SimpleSAMLphp logs.
For usage instructions, run:
separate_ssp_logs.py --help
separate_oidc_logs
Script removes all logs from test accounts from mitreID logs.
For usage instructions, run:
separate_oidc_logs.py --help
metadata_expiration
This script checks whether there are some metadata close to expiration date.
For usage instructions, run:
metadata_expiration.py --help
print_docker_versions
This script collects system info, docker engine info and the versions of running containers and then prints it to the stdout in the JSON format.
For usage instructions, run:
print_docker_versions --help
run_version_script
- This scripts runs the print_docker_versions script on the given machines. The collected versions are then printed as a MD table to the stdout
For usage instructions, run:
run_version_script --help
sync_usable_token_types.py
Collects information about the usable token types of each privacyIDEA user and sends it
to Perun. Each user with usable tokens in privacyIDEA is assigned a list of their types, for example: ['backupcode', 'totp']
. A token is considered usable when it is active and it is not locked or
revoked and its rollout state allows logging in.
For more usage instructions, run:
sync_usable_token_types --help
Example:
python3 sync_usable_token_types.py
--mfa-active-tokens-attr-name "attr_name"
--perun-user-id-regex "\d+"
--perun-connector-config-path "/path/to/file"
Nagios probes
All nagios scripts are located under nagios
directory.
check_mongodb
Nagios monitoring probe for mongodb.
Tested options:
- connect
- connections
- replication_lag
- replset_state
(some possible options may not work since there are constructs which are not supported by the latest mongodb versions)
For usage instructions, run:
check_mongodb --help
check_saml
SAML authentication check compatible with SimpleSAMLphp and mitreID.
Basic OIDC check can be triggered by adding --basic-oidc-check
switch. This checks
for state
and code
parameters in the result url after a log in attempt.
For more usage instructions, run:
check_saml --help
Example:
python3 check_saml
--username "my_username"
--password "my_password"
--username-field "j_username"
--password-field "j_password"
--postlogout-string "Successful logout"
check_user_logins
Check users which login in repeatedly more often than a specified threshold (logins per seconds).
For usage instructions, run:
check_user_logins --help
Example:
python3 check_user_logins
-p /var/log/proxyaai/simplesamlphp/simplesamlphp/simplesamlphp.log
-l 5
-s 60
-r "^(?P<datetime>.{20}).*audit-login.* (?P<userid>[0-9]+)@muni\.cz$"
-d "%b %d %Y %H:%M:%S"
check_ldap
Check whether an LDAP server is available.
For usage instructions, run:
check_ldap --help
check_ldap_syncrepl
Check whether an LDAP replica is up to date with the provider.
For usage instructions, run:
check_ldap_syncrepl --help
check_privacyidea
Check whether privacyidea is available by performing TOTP authentication via the API. Use caching arguments for avoiding failure when one TOTP code is used two times.
For usage instructions, run:
check_privacyidea --help
check_pgsql
Check connection to PostgreSQL using a configurable query.
For usage instructions, run:
check_pgsql --help
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Hashes for perun.proxy.utils-2.5.1-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | b80611d2acb2fb8bd3ccec83155a6c63f11497236856c9410154adbf3f377e4f |
|
MD5 | 7538112f0034d727f27f0111dff0ac56 |
|
BLAKE2b-256 | 0146ab738d683428e426b0a7646bd3c4911bba7f1002f1fae3df319cc10dae53 |