Hi,
I’m trying to get a graph going with strongswan metrics.
It is exactly issue #3296 on github, but unfortunately the regex in the sed expression in the code supplied isn’t matching the output from the ipsec statusall command for me at all.
I can run everything but it fails at the first hurdle because nothing matches.
My regex foo isn’t great and after a couple of hours fiddling around trying to make things match I’ve thrown in the towel.
Is there either a working version of this somewhere around that I’m missing, or can I get some help on the matching from someone more skilled that I?
The code in question is
sed -n -e "s|\(.*\){\([0-9]\+\)}:[[:space:]]\+[^,]\+, \([0-9]\+\) bytes_i, \([0-9]\+\) bytes_o, rekeying in \([0-9]\+\) \([[:alpha:]]\+\)$|strongswan_connected_tunnels[\"\2\"]=\"\1\"; strongswan_traffic_in[\"\2\"]=\"\3\"; strongswan_traffic_out[\"\2\"]=\"\4\"; strongswan_rekeying[\"\2\"]=\"\5\"; strongswan_rekeying_units[\"\2\"]=\"\6\"|p"
and I’m trying to match the output
Status of IKE charon daemon (strongSwan 5.6.2, Linux 4.15.0-106-generic, x86_64):
uptime: 56 days, since Jun 24 14:00:01 2020
malloc: sbrk 1961984, mmap 0, used 1069856, free 892128
worker threads: 11 of 16 idle, 5/0/0/0 working, job queue: 0/0/0/0, scheduled: 3
loaded plugins: charon aesni aes rc2 sha2 sha1 md4 md5 mgf1 random nonce x509 revocation constraints pubkey pkcs1 pkcs7 pkcs8 pkcs12 pgp dnskey sshkey pem openssl fips-prf gmp agent xcbc hmac gcm attr kernel-netlink resolve socket-default connmark stroke updown eap-mschapv2 xauth-generic counters
Listening IP addresses:
10.1.10.xx
103.127.fff.yyy
172.17.eee.eee
2404:1ec0::526b:...:0
172.29.xxx.xxx
Connections:
103.127.ddd.pp: %any...202.44.78.10 IKEv2, dpddelay=30s
103.127.ddd.aa: local: uses pre-shared key authentication
103.127.ddd.aa: remote: [202.44.000.00] uses pre-shared key authentication
103.127.ddd.aa: child: 172.17.000.00/32 === 146.178.000.0/24 TUNNEL, dpdaction=restart
103.127.ddd.aaQLD: %any...202.44.76.10 IKEv2, dpddelay=30s
103.127.ddd.aaQLD: local: uses pre-shared key authentication
103.127.ddd.aaQLD: remote: [202.44.000.00] uses pre-shared key authentication
103.127.ddd.aaQLD: child: 172.17.000.00/32 === 146.178.000.0/24 TUNNEL, dpdaction=restart
Security Associations (1 up, 0 connecting):
103.127.ddd.aaQLD[243]: ESTABLISHED 7 hours ago, 103.127.000.00[103.127.113.10]...202.000..00.10[202.44.000.00]
103.127.ddd.aaQLD[243]: IKEv2 SPIs: 923c6d67e0058c5b_i* 00f3a8c91ca04c8e_r, rekeying in 5 minutes
103.127.ddd.aaQLD[243]: IKE proposal: AES_CBC_256/HMAC_SHA2_256_128/PRF_HMAC_SHA2_256/MODP_2048
103.127.ddd.aaQLD{176}: INSTALLED, TUNNEL, reqid 1, ESP SPIs: c3914f0f_i 630bbc2d_o
103.127.ddd.aaQLD{176}: AES_CBC_256/HMAC_SHA2_256_128/MODP_2048, 5743112 bytes_i (27657 pkts, 1s ago), 1180378 bytes_o (19321 pkts, 1s ago), rekeying in 7 hours
103.127.ddd.aaQLD{176}: 172.17.000.00/32 === 146.178.000.00/24
With IP address changed etc.
When I run the chart code, outputting the variables, everything seems to be 0, and as I said, my regex skills are not up to working out why.
Would appreciate any help.
Peter.