AFS
/
xdr-terraform-modules


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225
							locals {
  splunk_hot = var.environment == "test" ? "10000" : "50000"
  interconnect-0 = var.environment == "test" ? ["169.254.230.197", "169.254.142.233", "169.254.221.229", "169.254.145.141"] : ["169.254.152.217", "169.254.88.105", "169.254.253.45", "169.254.91.129"]
  interconnect-1 = var.environment == "test" ? ["169.254.186.189", "169.254.119.73", "169.254.20.161", "169.254.128.189"] : ["169.254.247.157", "169.254.246.157", "169.254.22.21", "169.254.38.13"]
  dns_checks_all = var.environment == "test" ? {
    "dnstest.accenturefederalcyber.com": "203.0.113.1",
    "dnstest.xdrtest.accenturefederalcyber.com": "203.0.113.1",
  } : { 
    "dnstest.accenturefederalcyber.com": "203.0.113.1",
    "dnstest.xdr.accenturefederalcyber.com": "203.0.113.1",
  }
  dns_checks_private = var.environment == "test" ? {
    "dnstest.pvt.xdrtest.accenturefederalcyber.com": "10.10.10.10",
    "10.10.10.10": "dnstest.pvt.xdrtest.accenturefederalcyber.com.",
    "dnstest.msoc.defpoint.local": "10.10.10.10",
    "dnstest.mdr-test.defpoint.com": "10.10.10.10",
  } : {
    "dnstest.pvt.xdr.accenturefederalcyber.com": "10.10.10.10",
    "10.10.10.10": "dnstest.pvt.xdr.accenturefederalcyber.com.",
    "dnstest.msoc.defpoint.local": "10.10.10.10",
    "dnstest.mdr.defpoint.com": "10.10.10.10",
  }
}

resource "sensu_check" "check_dns_all" {
  for_each       = local.dns_checks_all
  name           = "check_dns_${ each.key }"
  command        = "check_dns --hostname=${ each.key } --expected-address=${ each.value } --warning=${ var.sensu_checks["dns"]["warning"] }  --critical=${ var.sensu_checks["dns"]["critical"] }"
  namespace      = "default"
  subscriptions  = [ "linux", ]
  handlers       = [ "victorops", "logfile", ]
  cron           = "* * * * *"
  publish        = "true"
  runtime_assets = [ "sensu-plugins-monitoring", ]
}

resource "sensu_check" "check_dns_private" {
  for_each       = local.dns_checks_private
  name           = "check_dns_${ each.key }"
  command        = "check_dns --hostname=${ each.key } --expected-address=${ each.value } --warning=${ var.sensu_checks["dns"]["warning"] }  --critical=${ var.sensu_checks["dns"]["critical"] }"
  namespace      = "default"
  subscriptions  = [ "private_dns_client", ]
  handlers       = [ "victorops", "logfile", ]
  cron           = "* * * * *"
  publish        = "true"
  runtime_assets = [ "sensu-plugins-monitoring", ]
}

resource "sensu_check" "check_disk_base" {
  name           = "check_disk_base"
  command        = "check_disk -c 250 -p /var -C -c 500 -p /var/log -C -c 1000 -p /var/log/audit -C -c 2000 -p /opt -C -c 500 -p /boot -C -c 1000 -p /"
  namespace      = "default"
  subscriptions  = [ "linux", ]
  handlers       = [ "victorops", "logfile", ]
  cron           = "* * * * *"
  publish        = "true"
  runtime_assets = [ "sensu-plugins-monitoring", ]
}

resource "sensu_check" "check_disk_indexer" {
  name           = "check_disk_indexer"
  command        = "check_disk -c ${local.splunk_hot} -p /opt/splunkdata/hot -C -c 5000 -p /opt/splunk"
  namespace      = "default"
  subscriptions  = [ "check_disk_indexer", ]
  handlers       = [ "victorops", "logfile", ]
  cron           = "* * * * *"
  publish        = "true"
  runtime_assets = [ "sensu-plugins-monitoring", ]
}

resource "sensu_check" "check_disk_syslog" {
  name           = "check_disk_syslog"
  command        = "check_disk -c 7000 -p /opt/syslog-ng"
  namespace      = "default"
  subscriptions  = [ "check_disk_syslog", ]
  handlers       = [ "victorops", "logfile", ]
  cron           = "* * * * *"
  publish        = "true"
  runtime_assets = [ "sensu-plugins-monitoring", ]
}

resource "sensu_check" "check_ping_interconnect-0" {
  for_each       = toset(local.interconnect-0)
  name           = "ping_interconnect-0-${index(local.interconnect-0, each.value) +1}"
  command        = "check_ping -H ${each.value} -w 500,80% -c 500,80% -4"
  namespace      = "default"
  subscriptions  = [ "interconnect-0", ]
  handlers       = [ "victorops", "logfile", ]
  cron           = "* * * * *"
  publish        = "true"
  runtime_assets = [ "sensu-plugins-monitoring", ]
}

resource "sensu_check" "check_ping_interconnect-1" {
  for_each       = toset(local.interconnect-1)
  name           = "ping_interconnect-1-${index(local.interconnect-1, each.value) +1}"
  command        = "check_ping -H ${each.value} -w 500,80% -c 500,80% -4"
  namespace      = "default"
  subscriptions  = [ "interconnect-1", ]
  handlers       = [ "victorops", "logfile", ]
  cron           = "* * * * *"
  publish        = "true"
  runtime_assets = [ "sensu-plugins-monitoring", ]
}

resource "sensu_check" "check_phantom_ports" {
  name           = "phantom_ports"
  command        = "check-ports.rb -h 0.0.0.0 -p 443"
  namespace      = "default"
  subscriptions  = [ "phantom_ports", ]
  handlers       = [ "victorops", "logfile", ]
  cron           = "* * * * *"
  publish        = "true"
  runtime_assets = [ "sensu-plugins-network-checks", "sensu-ruby-runtime", ]
}

resource "sensu_check" "check_portal_http" {
  name           = "portal_http"
  command        = "check-http.rb -u https://portal.${var.dns_info["public"]["zone"]}/api/health/ --response-code 200"
  namespace      = "default"
  subscriptions  = [ "portal", ]
  handlers       = [ "victorops", "logfile", ]
  cron           = "* * * * *"
  publish        = "true"
  runtime_assets = [ "sensu-plugins-http", "sensu-ruby-runtime", ]
}

resource "sensu_check" "check_salt_master_ports" {
  name           = "salt_master_ports"
  command        = "check-ports.rb -h 0.0.0.0 -p 4505,4506"
  namespace      = "default"
  subscriptions  = [ "salt_master_ports", ]
  handlers       = [ "victorops", "logfile", ]
  cron           = "* * * * *"
  publish        = "true"
  runtime_assets = [ "sensu-plugins-network-checks", "sensu-ruby-runtime", ]
}

resource "sensu_check" "check_splunk_cm_ports" {
  name           = "splunk_cm_ports"
  command        = "check-ports.rb -h 0.0.0.0 -p 8089"
  namespace      = "default"
  subscriptions  = [ "splunk_cm_ports", ]
  handlers       = [ "victorops", "logfile", ]
  cron           = "* * * * *"
  publish        = "true"
  runtime_assets = [ "sensu-plugins-network-checks", "sensu-ruby-runtime", ]
}

resource "sensu_check" "check_splunk_ds_ports" {
  name           = "splunk_ds_ports"
  command        = "check-ports.rb -h 0.0.0.0 -p 8089"
  namespace      = "default"
  subscriptions  = [ "splunk_ds_ports", ]
  handlers       = [ "victorops", "logfile", ]
  cron           = "* * * * *"
  publish        = "true"
  runtime_assets = [ "sensu-plugins-network-checks", "sensu-ruby-runtime", ]
}

resource "sensu_check" "check_splunk_hf_ports" {
  name           = "splunk_hf_ports"
  command        = "check-ports.rb -h 0.0.0.0 -p 8089,8000"
  namespace      = "default"
  subscriptions  = [ "splunk_hf_ports", ]
  handlers       = [ "victorops", "logfile", ]
  cron           = "* * * * *"
  publish        = "true"
  runtime_assets = [ "sensu-plugins-network-checks", "sensu-ruby-runtime", ]
}

resource "sensu_check" "check_splunk_indexer_ports_moose" {
  name           = "splunk_indexer_ports_moose"
  command        = "check-ports.rb -h 0.0.0.0 -p 8089,9998,9887,8088"
  namespace      = "default"
  subscriptions  = [ "splunk_indexer_ports_moose", ]
  handlers       = [ "victorops", "logfile", ]
  cron           = "* * * * *"
  publish        = "true"
  runtime_assets = [ "sensu-plugins-network-checks", "sensu-ruby-runtime", ]
}

resource "sensu_check" "check_splunk_indexer_ports" {
  name           = "splunk_indexer_ports"
  command        = "check-ports.rb -h 0.0.0.0 -p 8089,9998,9887"
  namespace      = "default"
  subscriptions  = [ "splunk_indexer_ports", ]
  handlers       = [ "victorops", "logfile", ]
  cron           = "* * * * *"
  publish        = "true"
  runtime_assets = [ "sensu-plugins-network-checks", "sensu-ruby-runtime", ]
}

resource "sensu_check" "check_splunk_sh_ports" {
  name           = "splunk_sh_ports"
  command        = "check-ports.rb -h 0.0.0.0 -p 8089,8000"
  namespace      = "default"
  subscriptions  = [ "splunk_sh_ports", ]
  handlers       = [ "victorops", "logfile", ]
  cron           = "* * * * *"
  publish        = "true"
  runtime_assets = [ "sensu-plugins-network-checks", "sensu-ruby-runtime", ]
}

resource "sensu_check" "check_splunk_uf_ports" {
  name           = "splunk_uf_ports"
  command        = "check-ports.rb -h 0.0.0.0 -p 8089"
  namespace      = "default"
  subscriptions  = [ "splunk", ]
  handlers       = [ "victorops", "logfile", ]
  cron           = "* * * * *"
  publish        = "true"
  runtime_assets = [ "sensu-plugins-network-checks", "sensu-ruby-runtime", ]
}

resource "sensu_check" "check_syslog-ng_service" {
  name           = "syslog-ng_service"
  command        = "check-process.rb -p syslog-ng"
  namespace      = "default"
  subscriptions  = [ "syslog-ng_service", ]
  handlers       = [ "victorops", "logfile", ]
  cron           = "* * * * *"
  publish        = "true"
  runtime_assets = [ "sensu-plugins-process-checks", "sensu-ruby-runtime", ]
}