1 /******************************************************************************
3 * Copyright (C) 2012-2017 Icinga Development Team (https://www.icinga.com/) *
5 * This program is free software; you can redistribute it and/or *
6 * modify it under the terms of the GNU General Public License *
7 * as published by the Free Software Foundation; either version 2 *
8 * of the License, or (at your option) any later version. *
10 * This program is distributed in the hope that it will be useful, *
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
13 * GNU General Public License for more details. *
15 * You should have received a copy of the GNU General Public License *
16 * along with this program; if not, write to the Free Software Foundation *
17 * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA. *
18 ******************************************************************************/
24 #include "check_procs.h"
28 namespace po = boost::program_options;
30 static BOOL debug = FALSE;
32 INT wmain(INT argc, WCHAR **argv)
35 printInfoStruct printInfo = { };
37 INT r = parseArguments(argc, argv, vm, printInfo);
42 if(!printInfo.user.empty())
43 return printOutput(countProcs(printInfo.user), printInfo);
45 return printOutput(countProcs(), printInfo);
48 INT parseArguments(INT ac, WCHAR **av, po::variables_map& vm, printInfoStruct& printInfo)
50 WCHAR namePath[MAX_PATH];
51 GetModuleFileName(NULL, namePath, MAX_PATH);
52 WCHAR *progName = PathFindFileName(namePath);
54 po::options_description desc;
57 ("help,h", "Print help message and exit")
58 ("version,V", "Print version and exit")
59 ("debug,d", "Verbose/Debug output")
60 ("user,u", po::wvalue<std::wstring>(), "Count only processes of user")
61 ("warning,w", po::wvalue<std::wstring>(), "Warning threshold")
62 ("critical,c", po::wvalue<std::wstring>(), "Critical threshold")
65 po::basic_command_line_parser<WCHAR> parser(ac, av);
72 po::command_line_style::unix_style |
73 po::command_line_style::allow_long_disguise)
77 } catch (std::exception& e) {
78 std::cout << e.what() << '\n' << desc << '\n';
82 if (vm.count("help")) {
83 std::wcout << progName << " Help\n\tVersion: " << VERSION << '\n';
85 L"%s is a simple program to check a machines processes.\n"
86 L"You can use the following options to define its behaviour:\n\n", progName);
89 L"\nIt will then output a string looking something like this:\n\n"
90 L"\tPROCS WARNING 67 | load=67;50;90;0\n\n"
91 L"\"PROCS\" being the type of the check, \"WARNING\" the returned status\n"
92 L"and \"67\" is the returned value.\n"
93 L"The performance data is found behind the \"|\", in order:\n"
94 L"returned value, warning threshold, critical threshold, minimal value and,\n"
95 L"if applicable, the maximal value. Performance data will only be displayed when\n"
96 L"you set at least one threshold\n\n"
97 L"For \"-user\" option keep in mind you need root to see other users processes\n\n"
98 L"%s' exit codes denote the following:\n"
99 L" 0\tOK,\n\tNo Thresholds were broken or the programs check part was not executed\n"
100 L" 1\tWARNING,\n\tThe warning, but not the critical threshold was broken\n"
101 L" 2\tCRITICAL,\n\tThe critical threshold was broken\n"
102 L" 3\tUNKNOWN, \n\tThe program experienced an internal or input error\n\n"
103 L"Threshold syntax:\n\n"
105 L"warn if threshold is broken, which means VALUE > THRESHOLD\n"
106 L"(unless stated differently)\n\n"
108 L"inverts threshold check, VALUE < THRESHOLD (analogous to above)\n\n"
110 L"warn is VALUE is inside the range spanned by THR1 and THR2\n\n"
112 L"warn if VALUE is outside the range spanned by THR1 and THR2\n\n"
114 L"if the plugin accepts percentage based thresholds those will be used.\n"
115 L"Does nothing if the plugin does not accept percentages, or only uses\n"
116 L"percentage thresholds. Ranges can be used with \"%%\", but both range values need\n"
117 L"to end with a percentage sign.\n\n"
118 L"All of these options work with the critical threshold \"-c\" too."
124 if (vm.count("version")) {
125 std::wcout << "Version: " << VERSION << '\n';
129 if (vm.count("warning")) {
131 printInfo.warn = threshold(vm["warning"].as<std::wstring>());
132 } catch (std::invalid_argument& e) {
133 std::cout << e.what() << '\n';
137 if (vm.count("critical")) {
139 printInfo.crit = threshold(vm["critical"].as<std::wstring>());
140 } catch (std::invalid_argument& e) {
141 std::cout << e.what() << '\n';
146 if (vm.count("user"))
147 printInfo.user = vm["user"].as<std::wstring>();
149 if (vm.count("debug"))
155 INT printOutput(CONST INT numProcs, printInfoStruct& printInfo)
158 std::wcout << L"Constructing output string" << '\n';
162 if (printInfo.warn.rend(numProcs))
165 if (printInfo.crit.rend(numProcs))
168 std::wstring user = L"";
169 if (!printInfo.user.empty())
170 user.append(L" processes of user ").append(printInfo.user);
174 std::wcout << L"PROCS OK " << numProcs << user << L" | procs=" << numProcs << L";"
175 << printInfo.warn.pString() << L";" << printInfo.crit.pString() << L";0;" << '\n';
178 std::wcout << L"PROCS WARNING " << numProcs << user << L" | procs=" << numProcs << L";"
179 << printInfo.warn.pString() << L";" << printInfo.crit.pString() << L";0;" << '\n';
182 std::wcout << L"PROCS CRITICAL " << numProcs << user << L" | procs=" << numProcs << L";"
183 << printInfo.warn.pString() << L";" << printInfo.crit.pString() << L";0;" << '\n';
193 std::wcout << L"Counting all processes" << '\n';
195 HANDLE hProcessSnap = NULL;
199 std::wcout << L"Creating snapshot" << '\n';
201 hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
202 if (hProcessSnap == INVALID_HANDLE_VALUE)
205 pe32.dwSize = sizeof(PROCESSENTRY32);
208 std::wcout << L"Grabbing first proccess" << '\n';
210 if (!Process32First(hProcessSnap, &pe32)) {
211 CloseHandle(hProcessSnap);
218 std::wcout << L"Counting processes..." << '\n';
222 } while (Process32Next(hProcessSnap, &pe32));
225 std::wcout << L"Found " << numProcs << L" processes. Cleaning up udn returning" << '\n';
228 CloseHandle(hProcessSnap);
232 INT countProcs(CONST std::wstring user)
235 std::wcout << L"Counting all processes of user" << user << '\n';
237 CONST WCHAR *wuser = user.c_str();
240 HANDLE hProcessSnap, hProcess = NULL, hToken = NULL;
242 DWORD dwReturnLength, dwAcctName, dwDomainName;
243 PTOKEN_USER pSIDTokenUser = NULL;
244 SID_NAME_USE sidNameUse;
245 LPWSTR AcctName, DomainName;
248 std::wcout << L"Creating snapshot" << '\n';
250 hProcessSnap = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
251 if (hProcessSnap == INVALID_HANDLE_VALUE)
254 pe32.dwSize = sizeof(PROCESSENTRY32);
257 std::wcout << L"Grabbing first proccess" << '\n';
259 if (!Process32First(hProcessSnap, &pe32))
263 std::wcout << L"Counting processes..." << '\n';
267 std::wcout << L"Getting process token" << '\n';
270 hProcess = OpenProcess(PROCESS_QUERY_INFORMATION, FALSE, pe32.th32ProcessID);
271 if (!OpenProcessToken(hProcess, TOKEN_QUERY, &hToken))
272 //Won't count pid 0 (system idle) and 4/8 (Sytem)
275 //Get dwReturnLength in first call
277 if (!GetTokenInformation(hToken, TokenUser, NULL, 0, &dwReturnLength)
278 && GetLastError() != ERROR_INSUFFICIENT_BUFFER)
281 pSIDTokenUser = reinterpret_cast<PTOKEN_USER>(new BYTE[dwReturnLength]);
282 memset(pSIDTokenUser, 0, dwReturnLength);
285 std::wcout << L"Received token, saving information" << '\n';
287 //write Info in pSIDTokenUser
288 if (!GetTokenInformation(hToken, TokenUser, pSIDTokenUser, dwReturnLength, NULL))
297 std::wcout << L"Looking up SID" << '\n';
299 //get dwAcctName and dwDomainName size
300 if (!LookupAccountSid(NULL, pSIDTokenUser->User.Sid, AcctName,
301 (LPDWORD)&dwAcctName, DomainName, (LPDWORD)&dwDomainName, &sidNameUse)
302 && GetLastError() != ERROR_INSUFFICIENT_BUFFER)
305 AcctName = reinterpret_cast<LPWSTR>(new WCHAR[dwAcctName]);
306 DomainName = reinterpret_cast<LPWSTR>(new WCHAR[dwDomainName]);
308 if (!LookupAccountSid(NULL, pSIDTokenUser->User.Sid, AcctName,
309 (LPDWORD)&dwAcctName, DomainName, (LPDWORD)&dwDomainName, &sidNameUse))
313 std::wcout << L"Comparing " << AcctName << L" to " << wuser << '\n';
314 if (!wcscmp(AcctName, wuser)) {
317 std::wcout << L"Is process of " << wuser << L" (" << numProcs << L")" << '\n';
320 delete[] reinterpret_cast<LPWSTR>(AcctName);
321 delete[] reinterpret_cast<LPWSTR>(DomainName);
323 } while (Process32Next(hProcessSnap, &pe32));
327 CloseHandle(hProcessSnap);
329 CloseHandle(hProcess);
333 delete[] reinterpret_cast<PTOKEN_USER>(pSIDTokenUser);