[checkmk-commits] Check_MK Git: check_mk: #1669 mrpe program check_16bit_program.cc: Monitors 16 bit programs on windows

Module: check_mk Branch: master Commit: a5fa85d83550dbc1505307bf7991e9344b3bb03e URL: http://git.mathias-kettner.de/git/?p=check_mk.git;a=commit;h=a5fa85d83550db… Author: Andreas Boesl &lt;ab(a)mathias-kettner.de&gt; Date: Wed Jan 14 14:27:30 2015 +0100 #1669 mrpe program check_16bit_program.cc: Monitors 16 bit programs on windows --- .werks/1669 | 24 +++++++++ ChangeLog | 1 + doc/treasures/check_16bit_program.cc | 97 ++++++++++++++++++++++++++++++++++ 3 files changed, 122 insertions(+) diff --git a/.werks/1669 b/.werks/1669 new file mode 100644 index 0000000..0c3af50 --- /dev/null +++ b/.werks/1669 @@ -0,0 +1,24 @@ +Title: mrpe program check_16bit_program.cc: Monitors 16 bit programs on windows +Level: 1 +Component: checks +Compatible: compat +Version: 1.2.7i1 +Date: 1421241371 +Class: feature + +This script is only available as source code in the check_mk git repository under +<tt>doc/treasures/check_16bit_program.cc</tt>. +It should be configured as mrpe script in the check_mk.ini. +For example: + +<tt>check = Pump_Program C:\test\check_16bit_program.exe petro3003.exe</tt> + +On success it returns with exit code 0 and +"{program} is running. Path of executable: {Path of program}" + +On failure it returns with exit code 2 and +"{program} not running" + +Note: 16 Bit programs in windows are actually not real processes. They are executed +as separate threads in processes named ntvdm.exe. + diff --git a/ChangeLog b/ChangeLog index 09d6432..c3cd7aa 100644 --- a/ChangeLog +++ b/ChangeLog @@ -31,6 +31,7 @@ * 1807 check_mail: Added new check to check IMAP/POP3 login (incl. forwarding of mails to event console)... * 1841 fileinfo, fileinfo.groups: new parameter for selecting ranges of the time of the day... * 1668 Interface groups: Can create groups out of interface item names... + * 1669 mrpe script check_16bit_program.exe: Monitors 16 bit programs... * 1457 FIX: logins: new check renamed from "users" check... NOTE: Please refer to the migration notes! * 1762 FIX: lnx_thermal: Now ignoring trip points with level 0... diff --git a/doc/treasures/check_16bit_program.cc b/doc/treasures/check_16bit_program.cc new file mode 100644 index 0000000..8de61cb --- /dev/null +++ b/doc/treasures/check_16bit_program.cc @@ -0,0 +1,97 @@ +// This program enumerates all 16-bit tasks on the system and tries +// to find the program name specified by the first argument + +// Can be included as mrpe script + +// On success it returns with exit code 0 +// {program} is running. Path of executable: {Path of program} + +// On failure it returns with exit code 2 +// {program} not running. + +// Note: It seems that the 16 Bit program threads runnning inside ntvdm.exe +// are always uppercase. Because of this fact the program name is +// internally converted to uppercase. + + +#include <stdafx.h> +#include <windows.h> +#include <stdio.h> +#include <iostream> +#include <string> +#include <vdmdbg.h> + +using namespace std; + +BOOL WINAPI ProcessVDMs( DWORD, DWORD, LPARAM ); +BOOL WINAPI ProcessTasks( DWORD, WORD, WORD, PSZ, PSZ, LPARAM ); + +#pragma comment( lib, "vdmdbg.lib" ) + +void usage() { + printf("Usage: check_16bit_process.exe {program}"); +} + +string program_to_check; + +void main(int argc, char* argv[]) +{ + if (argc != 2) { + usage(); + exit(1); + } + + program_to_check = string(argv[1]); + for (unsigned int k = 0; k < program_to_check.length(); k++) + program_to_check[k] = toupper(program_to_check[k]); + + // Enumerate VDMs + VDMEnumProcessWOW( + (PROCESSENUMPROC)ProcessVDMs, + (LPARAM)NULL + ); + + printf("%s is not running", program_to_check.c_str()); + exit(2); +} + +BOOL WINAPI ProcessVDMs( DWORD dwProcessId, DWORD dwAttrib, + LPARAM t ) +{ + // Might be useful some day + // printf("\nProcess ID: %d\n", dwProcessId); + + // Use process ID of VDM to enumerate through its tasks + VDMEnumTaskWOWEx( + dwProcessId, + (TASKENUMPROCEX)ProcessTasks, + (LPARAM)NULL + ); + + // Keep enumerating + return FALSE; +} + +BOOL WINAPI ProcessTasks( DWORD dwThreadId, WORD hMod16, WORD hTask16, + PSZ pszModName, PSZ pszFileName, LPARAM lParam ) +{ + //Task's information + //Might be useful some day + //printf("Thread ID: %d\n", dwThreadId); + //printf("Module handle: %d\n", hMod16); + //printf("Task handle: %d\n", hTask16); + //printf("Module Name: %s\n", pszModName); + //printf("File Name: %s\n", pszFileName); + + string thread_filename = string(pszFileName); + if (0 == thread_filename.compare(thread_filename.length() - program_to_check.length(), + program_to_check.length(), program_to_check)) { + printf("%s is running. Path of executable: %s", program_to_check.c_str(), thread_filename.c_str()); + exit(0); + } + + + // Keep enumerating + return FALSE; +} +