diff --git a/Docker/checkmk_aps/checkmk_import_switches.py b/Docker/checkmk_aps/checkmk_import_switches.py new file mode 100644 index 0000000..69b9d6e --- /dev/null +++ b/Docker/checkmk_aps/checkmk_import_switches.py @@ -0,0 +1,115 @@ +import requests +import json +import urllib3 + +# Kikapcsoljuk az SSL figyelmeztetéseket +urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) + +# --- KONFIGURÁCIÓ --- +# Módosítva a kért IP-re: +URL = "http://10.102.1.201:8080/monitoring/check_mk/api/1.0" +USERNAME = "cmkadmin" +PASSWORD = "cmkadmin123" +FOLDER = "/" + +# A fő szülő (Parent) adatai +GW_NAME = "SOPHOS-GW" +GW_IP = "10.102.1.1" + +# A switchek adatai +SWITCHES = { + "NET-SW01": "10.220.1.84", + "NET-SW02": "10.220.1.85", + "NET-SW03": "172.16.71.6", + "NET-SW04": "10.220.1.86", + "NET-SW05": "10.220.1.87", + "NET-SW06": "10.220.1.88", + "NET-SW07": "10.220.1.90", + "NET-SW08": "10.220.1.91", + "NET-SW09": "10.220.1.92", + "NET-SW10": "10.220.1.93", + "NET-SW11": "10.220.1.94", + "NET-SW12": "10.220.1.95", + "NET-SW13": "10.220.1.96", + "NET-SW14": "10.220.1.97", +} + +session = requests.Session() +session.auth = (USERNAME, PASSWORD) +session.headers.update({"Accept": "application/json", "Content-Type": "application/json"}) + +def add_host(name, ip, parents=None): + print(f"Adding host: {name} ({ip})...") + + attributes = { + "ipaddress": ip, + "tag_agent": "no-agent", + } + + if parents: + attributes["parents"] = parents + + payload = { + "host_name": name, + "folder": FOLDER, + "attributes": attributes + } + + response = session.post( + f"{URL}/domain-types/host_config/collections/all", + json=payload + ) + + if response.status_code == 200: + print(f" [OK] Host '{name}' successfully added.") + elif response.status_code == 400 and "already exists" in response.text: + print(f" [INFO] Host '{name}' already exists.") + else: + print(f" [ERROR] Failed to add {name}: {response.status_code} - {response.text}") + +def activate_changes(): + print("Fetching pending changes to get ETag...") + + # Külön session az ETag lekéréshez a biztonság kedvéért + etag_session = requests.Session() + etag_session.auth = (USERNAME, PASSWORD) + etag_session.headers.update({"Accept": "application/json"}) + + resp = etag_session.get(f"{URL}/domain-types/activation_run/collections/pending_changes") + if resp.status_code != 200: + print(f" [ERROR] Could not fetch pending changes: {resp.text}") + return + + etag = resp.headers.get("ETag") + + # Ha nincs ETag vagy nincs függőben lévő változás, ne csináljunk semmit + if not etag or resp.json().get('value') == []: + print(" [INFO] No pending changes to activate.") + return + + print(f"Activating changes with ETag: {etag}") + + # Az aktiváláshoz be kell állítani az If-Match fejlécet + # Ezt az eredeti session headerjeihez adjuk hozzá + session.headers.update({"If-Match": etag}) + + response = session.post( + f"{URL}/domain-types/activation_run/actions/activate-changes/invoke", + json={"redirect": False, "sites": ["monitoring"]} + ) + + if response.status_code == 200: + print(" [OK] Changes activated successfully.") + else: + print(f" [ERROR] Failed to activate changes: {response.status_code} - {response.text}") + +if __name__ == "__main__": + # 1. Először a SOPHOS GW-t vesszük fel + add_host(GW_NAME, GW_IP) + + # 2. Utána a switcheket a GW-vel szülőként + for name, ip in SWITCHES.items(): + add_host(name, ip, parents=[GW_NAME]) + + # 3. Aktiváljuk a változtatásokat + activate_changes() diff --git a/Docker/checkmk_aps/docker-compose.yml b/Docker/checkmk_aps/docker-compose.yml index b230d5b..de7ae16 100644 --- a/Docker/checkmk_aps/docker-compose.yml +++ b/Docker/checkmk_aps/docker-compose.yml @@ -10,7 +10,7 @@ services: - CMK_PASSWORD=cmkadmin123 - TZ=Europe/Berlin volumes: - - ./sites:/var/omd/sites + - ./sites:/opt/omd/sites - /etc/localtime:/etc/localtime:ro cap_add: - NET_ADMIN diff --git a/Docker/checkmk_aps/hosts_for_checkmk.csv b/Docker/checkmk_aps/hosts_for_checkmk.csv new file mode 100644 index 0000000..d410b2a --- /dev/null +++ b/Docker/checkmk_aps/hosts_for_checkmk.csv @@ -0,0 +1,68 @@ +Host,Port,Description,Display Name,Folder +APPCS01.aps.local,3389,,APPCS01,APS +APS-ADMIN01.aps.local,3389,,APS-ADMIN01,APS +APS-ADMIN01.aps.local,3389,,APS-ADMIN01 - FullSize,APS +APS-AOTRACE01.aps.local,3389,,APS-AOTRACE01,APS\Apotheke +APS-APO01.aps.local,3389,,APS-APO01,APS\Apotheke +APS-BK01.aps.local,3389,,APS-BK01,APS\Backup +APS-CONN01.aps.local,3389,,APS-CONN01,APS\AD +APS-DC01.aps.local,3389,,APS-DC01,APS\AD +APS-DC02.aps.local,3389,,APS-DC02,APS\AD +APS-EGOSEC01.aps.local,3389,,APS-EGOSEC01,APS\Matrix42 +APS-ELPRO01.aps.local,3389,,APS-ELPRO01,APS\Elpro-Monitoring +APS-EXCH01.aps.local,3389,,APS-EXCH01,APS\Exchange +APS-EXCH02.aps.local,3389,,APS-EXCH02,APS\Exchange +APS-FAX01.aps.local,3389,,APS-FAX01,APS\FAX +APS-FILE01.aps.local,3389,,"APS-FILE01 (Abt.,Apps,Data)",APS\Fileserver +APS-FILE02.aps.local,3389,,APS-FILE02 (UserShare),APS\Fileserver +APS-GENO01.aps.local,3389,,APS-GENO01,APS\FB/CO +APS-Infra01.aps.local,3389,,APS-Infra01,APS\AD +APS-Infra02.aps.local,3389,,APS-Infra02,APS\AD +APS-Lizenz01.aps.local,3389,,APS-Lizenz01,APS\AD +APS-MAVE01.aps.local,3389,,APS-MAVE01 (Jobs),APS\Mave +APS-MAVE02.aps.local,3389,,APS-MAVE02 (Scanner),APS\Mave +APS-MAVE03.aps.local,3389,,APS-MAVE03 (Schnittstellen),APS\Mave +APS-MAVE04.aps.local,3389,,APS-MAVE04 (Datenbank),APS\Mave +APs-MYSQL01.aps.local,3389,,APS-MYSQL01,APS\SQL +APS-NPS01.aps.local,3389,,APS-NPS01,APS\AD +APS-NSM01.aps.local,3389,,APS-NSM01,APS\Matrix42 +APS-PKI01.aps.local,3389,,APS-PKI01 (offline),APS\PKI +APS-PKI02.aps.local,3389,,APS-PKI02,APS\PKI +APS-PRINT01.aps.local,3389,,APS-PRINT01,APS\Drucker +APS-PRINT02.aps.local,3389,,APS-PRINT02,APS\Drucker +APS-PRTG01.aps.local,3389,,APS-PRTG01,APS\Monitoring +APS-RDS01.aps.local,3389,,APS-RDS01,APS\Terminal +APS-RDS02.aps.local,3389,,APS-RDS02,APS\Terminal +APS-RDS03.aps.local,3389,,APS-RDS03,APS\Terminal +APS-RDS04.aps.local,3389,,APS-RDS04,APS\Terminal +APS-RDS05.aps.local,3389,,APS-RDS05,APS\Terminal +APS-RDS06.aps.local,3389,,APS-RDS06,APS\Terminal +APS-RDSCB01.aps.local,3389,,APS-RDSCB01,APS\Terminal +APS-ROXTRA01.aps.local,3389,,APS-ROXTRA01,APS\roXtra +APS-SASM01.aps.local,3389,,APS-SASM01,APS\Matrix42 +APS-SQL01.aps.local,3389,,APS-SQL01,APS\SQL +APS-TC011.aps.local,3389,,APS-TC011,APS\xxx-Desktops +APS-TC022.aps.local,3389,,APS-TC022,APS\xxx-Desktops +APS-TC068.aps.local,3389,,APS-TC068,APS\xxx-Desktops +APS-TC069.aps.local,3389,,APS-TC069,APS\xxx-Desktops +APS-TC073.aps.local,3389,,APS-TC073,APS\xxx-Desktops +APS-TC074.aps.local,3389,,APS-TC074,APS\xxx-Desktops +APS-TC075.aps.local,3389,,APS-TC075,APS\xxx-Desktops +APS-TC076.aps.local,3389,,APS-TC076,APS\xxx-Desktops +APS-TC077.aps.local,3389,,APS-TC077,APS\xxx-Desktops +APS-TC078.aps.local,3389,,APS-TC078,APS\xxx-Desktops +APS-TC079.aps.local,3389,,APS-TC079,APS\xxx-Desktops +APS-TC080.aps.local,3389,,APS-TC080,APS\xxx-Desktops +APS-TC081.aps.local,3389,,APS-TC081,APS\xxx-Desktops +APS-TC082.aps.local,3389,,APS-TC082,APS\xxx-Desktops +APS-TC083.aps.local,3389,,APS-TC083,APS\xxx-Desktops +APS-TC086.aps.local,3389,,APS-TC086,APS\xxx-Desktops +APS-TC087.aps.local,3389,,APS-TC087,APS\xxx-Desktops +APS-TC088.aps.local,3389,,APS-TC088,APS\xxx-Desktops +APS-TC089.aps.local,3389,,APS-TC089,APS\xxx-Desktops +APS-TD001.aps.local,3389,,APS-TD001,APS\xxx-Desktops +APS-UEM01.aps.local,3389,,APS-UEM01,APS\Matrix42 +mave-terminals.aps.local,3389,,MAVE-TERMINALS,APS\Mave +10.101.0.83,3389,,10.101.0.83, +APS-VM01.aps.local,3389,,APS-VM01, +APS-VM02.aps.local,3389,,APS-VM02, diff --git a/Docker/checkmk_aps/import_csv_hosts_to_checkmk.py b/Docker/checkmk_aps/import_csv_hosts_to_checkmk.py new file mode 100644 index 0000000..1870815 --- /dev/null +++ b/Docker/checkmk_aps/import_csv_hosts_to_checkmk.py @@ -0,0 +1,142 @@ +import requests +import json +import urllib3 +import csv +import socket +import sys + +# Kikapcsoljuk az SSL figyelmeztetéseket +urllib3.disable_warnings(urllib3.exceptions.InsecureRequestWarning) + +# --- KONFIGURÁCIÓ --- +URL = "http://10.102.1.201:8080/monitoring/check_mk/api/1.0" +USERNAME = "cmkadmin" +PASSWORD = "cmkadmin123" + +# CSV fájl elérési útja, a szkript új helyéhez viszonyítva (Docker/checkmk_aps/) +CSV_FILE_PATH = "hosts_for_checkmk.csv" + +session = requests.Session() +session.auth = (USERNAME, PASSWORD) +session.headers.update({"Accept": "application/json", "Content-Type": "application/json"}) + +def resolve_hostname_to_ip(hostname): + """Feloldja a hosztnevet IP címre. Ha már IP cím, visszaadja azt.""" + try: + socket.inet_pton(socket.AF_INET, hostname) + return hostname # Már IP cím + except socket.error: + # Ha nem IP cím, próbáljuk meg feloldani + try: + return socket.gethostbyname(hostname) + except socket.gaierror: + print(f" [WARNING] Could not resolve hostname: {hostname}") + return None + +def add_host(name, ip, parents=None): + """ + Hozzáad egy hosztot a Checkmk-hoz. + Minden hoszt a gyökér mappába kerül. + """ + checkmk_folder_path_slug = "/" # Mindig a gyökér mappa + + print(f"Adding host: {name} ({ip}) to root folder '/''...") + + attributes = { + "ipaddress": ip, + "tag_agent": "no-agent", # Csak pingeljen, ne keressen agentet + } + + if parents: + attributes["parents"] = parents + + payload = { + "host_name": name, + "folder": checkmk_folder_path_slug, # Folder must be the slugified full path + "attributes": attributes + } + + response = session.post( + f"{URL}/domain-types/host_config/collections/all", + json=payload + ) + + if response.status_code == 200: + print(f" [OK] Host '{name}' successfully added.") + elif response.status_code == 400 and "already exists" in response.text: + print(f" [INFO] Host '{name}' already exists.") + else: + print(f" [ERROR] Failed to add {name}: {response.status_code} - {response.text}") + print(f" [DEBUG] Payload: {json.dumps(payload)}") + +def activate_changes(): + """ + Aktiválja a Checkmk-ban lévő függőben lévő változásokat. + """ + print("Fetching pending changes to get ETag...") + + etag_session = requests.Session() + etag_session.auth = (USERNAME, PASSWORD) + etag_session.headers.update({"Accept": "application/json"}) + + resp = etag_session.get(f"{URL}/domain-types/activation_run/collections/pending_changes") + if resp.status_code != 200: + print(f" [ERROR] Could not fetch pending changes: {resp.text}") + return + + etag = resp.headers.get("ETag") + + # Ha nincs ETag vagy nincs függőben lévő változás, ne csináljunk semmit + if not etag or not resp.json().get('value'): # ellenőrizzük, hogy 'value' nem üres-e + print(" [INFO] No pending changes to activate.") + return + + print(f"Activating changes with ETag: {etag}") + + # Az aktiváláshoz be kell állítani az If-Match fejlécet + activation_headers = { + "Accept": "application/json", + "Content-Type": "application/json", + "If-Match": etag + } + + response = session.post( + f"{URL}/domain-types/activation_run/actions/activate-changes/invoke", + headers=activation_headers, + json={"redirect": False, "sites": ["monitoring"]} + ) + + if response.status_code == 200: + print(" [OK] Changes activated successfully.") + else: + print(f" [ERROR] Failed to activate changes: {response.status_code} - {response.text}") + +if __name__ == "__main__": + hosts_to_import = [] + + try: + with open(CSV_FILE_PATH, mode='r', newline='', encoding='utf-8') as file: + reader = csv.DictReader(file) + for row in reader: + hostname = row['Host'].strip() + + ip_address = resolve_hostname_to_ip(hostname) + + if ip_address: + hosts_to_import.append({ + "name": hostname, + "ip": ip_address, + }) + else: + print(f"Skipping host '{hostname}' due to unresolved IP address.") + except FileNotFoundError: + print(f"ERROR: CSV file not found at {CSV_FILE_PATH}") + sys.exit(1) + + # Nincs mappalétrehozás, minden a gyökérbe kerül + + # Hosztok hozzáadása a Checkmk-hoz + for host in hosts_to_import: + add_host(host['name'], host['ip']) # Nincs 'folder_display' paraméter + + activate_changes()