Check fortios-version

Overview

This plugin lets you track if FortiOS is End-of-Life (EOL). To compare against the current/installed version of FortiOS, the check has to fetch the REST API of the FortiOS appliance.

This check plugin alerts n days before or after the EOL date is reached. Optionally, it can also alert on available major, minor or patch releases (each independently).

Fact Sheet

Check Plugin Download	https://github.com/Linuxfabrik/monitoring-plugins/tree/main/check-plugins/fortios-version
Check Interval Recommendation	Once a day
Can be called without parameters	Yes
Compiled for	Linux, Windows
Uses SQLite DBs	`$TEMP/linuxfabrik-lib-version.db`

Help

usage: fortios-version [-h] [-V] [--always-ok] [--check-major] [--check-minor]
                       [--check-patch] -H HOSTNAME [--insecure] [--no-proxy]
                       [--offset-eol OFFSET_EOL] --password PASSWORD
                       [--timeout TIMEOUT]

Tracks if FortiOS is EOL.

options:
  -h, --help            show this help message and exit
  -V, --version         show program's version number and exit
  --always-ok           Always returns OK.
  --check-major         Alert me when there is a new major release available,
                        even if the current version of my product is not EOL.
                        Example: Notify when I run v26 (not yet EOL) and v27
                        is available. Default: False
  --check-minor         Alert me when there is a new major.minor release
                        available, even if the current version of my product
                        is not EOL. Example: Notify when I run v26.2 (not yet
                        EOL) and v26.3 is available. Default: False
  --check-patch         Alert me when there is a new major.minor.patch release
                        available, even if the current version of my product
                        is not EOL. Example: Notify when I run v26.2.7 (not
                        yet EOL) and v26.2.8 is available. Default: False
  -H HOSTNAME, --hostname HOSTNAME
                        FortiOS-based Appliance address, optional including
                        port ("192.0.2.1:443").
  --insecure            This option explicitly allows to perform "insecure"
                        SSL connections. Default: False
  --no-proxy            Do not use a proxy. Default: False
  --offset-eol OFFSET_EOL
                        Alert me n days before ("-30") or after an EOL date
                        ("30" or "+30"). Default: -30 days
  --password PASSWORD   FortiOS REST API Single Access Token.
  --timeout TIMEOUT     Network timeout in seconds. Default: 3 (seconds)

Usage Examples

./fortios-version --hostname fortigate-cluster.example.com --password mypass

Output:

FortiOS v6.0.1 (EOL 2022-09-29 -30d [WARNING])

States

WARN if software is EOL
Optional: WARN when new major version is available
Optional: WARN when new minor version is available
Optional: WARN when new patch version is available

Perfdata / Metrics

Name	Type	Description
fortios-version	Number	Installed FortiOS version as float. „6.0.1“ becomes „6.01“.

Credits, License

Authors: Linuxfabrik GmbH, Zurich
License: The Unlicense, see LICENSE file.