AFS
/
xdr-terraform-modules


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185
							locals {
  splunk_hot = var.environment == "test" ? "10000" : "50000"
  interconnect-0 = var.environment == "test" ? ["169.254.230.197", "169.254.142.233", "169.254.221.229", "169.254.145.141"] : ["169.254.152.217", "169.254.88.105", "169.254.253.45", "169.254.91.129"]
  interconnect-1 = var.environment == "test" ? ["169.254.186.189", "169.254.119.73", "169.254.20.161", "169.254.128.189"] : ["169.254.247.157", "169.254.246.157", "169.254.22.21", "169.254.38.13"]
}

resource "sensu_check" "check_disk_base" {
  name           = "check_disk_base"
  command        = "check_disk -c 250 -p /var -C -c 500 -p /var/log -C -c 1000 -p /var/log/audit -C -c 2000 -p /opt -C -c 500 -p /boot -C -c 1000 -p /"
  namespace      = "default"
  subscriptions  = [ "linux", ]
  handlers       = [ "victorops", ]
  cron           = "* * * * *"
  publish        = "true"
  runtime_assets = [ "sensu-plugins-monitoring", ]
}

resource "sensu_check" "check_disk_indexer" {
  name           = "check_disk_indexer"
  command        = "check_disk -c ${local.splunk_hot} -p /opt/splunkdata/hot -C -c 5000 -p /opt/splunk"
  namespace      = "default"
  subscriptions  = [ "check_disk_indexer", ]
  handlers       = [ "victorops", ]
  cron           = "* * * * *"
  publish        = "true"
  runtime_assets = [ "sensu-plugins-monitoring", ]
}

resource "sensu_check" "check_disk_syslog" {
  name           = "check_disk_syslog"
  command        = "check_disk -c 7000 -p /opt/syslog-ng"
  namespace      = "default"
  subscriptions  = [ "check_disk_syslog", ]
  handlers       = [ "victorops", ]
  cron           = "* * * * *"
  publish        = "true"
  runtime_assets = [ "sensu-plugins-monitoring", ]
}

resource "sensu_check" "check_ping_interconnect-0" {
  for_each       = toset(local.interconnect-0)
  name           = "ping_interconnect-0-${index(local.interconnect-0, each.value) +1}"
  command        = "check_ping -H ${each.value} -w 100,80% -c 100,80% -4"
  namespace      = "default"
  subscriptions  = [ "interconnect-0", ]
  handlers       = [ "victorops", ]
  cron           = "* * * * *"
  publish        = "true"
  runtime_assets = [ "sensu-plugins-monitoring", ]
}

resource "sensu_check" "check_ping_interconnect-1" {
  for_each       = toset(local.interconnect-1)
  name           = "ping_interconnect-1-${index(local.interconnect-1, each.value) +1}"
  command        = "check_ping -H ${each.value} -w 100,80% -c 100,80% -4"
  namespace      = "default"
  subscriptions  = [ "interconnect-1", ]
  handlers       = [ "victorops", ]
  cron           = "* * * * *"
  publish        = "true"
  runtime_assets = [ "sensu-plugins-monitoring", ]
}

resource "sensu_check" "check_phantom_ports" {
  name           = "phantom_ports"
  command        = "check-ports.rb -h 0.0.0.0 -p 443"
  namespace      = "default"
  subscriptions  = [ "phantom_ports", ]
  handlers       = [ "victorops", ]
  cron           = "* * * * *"
  publish        = "true"
  runtime_assets = [ "sensu-plugins-network-checks", "sensu-ruby-runtime", ]
}

#only needed in PROD
resource "sensu_check" "check_portal_http" {
  count          = var.environment == "test" ? 0 : 1
  name           = "portal_http"
  command        = "metrics-curl.rb -u https://portal.xdr.accenturefederalcyber.com"
  namespace      = "default"
  subscriptions  = [ "portal", ]
  handlers       = [ "victorops", ]
  cron           = "* * * * *"
  publish        = "true"
  runtime_assets = [ "sensu-plugins-http", "sensu-ruby-runtime", ]
}

resource "sensu_check" "check_salt_master_ports" {
  name           = "salt_master_ports"
  command        = "check-ports.rb -h 0.0.0.0 -p 4505,4506"
  namespace      = "default"
  subscriptions  = [ "salt_master_ports", ]
  handlers       = [ "victorops", ]
  cron           = "* * * * *"
  publish        = "true"
  runtime_assets = [ "sensu-plugins-network-checks", "sensu-ruby-runtime", ]
}

resource "sensu_check" "check_splunk_cm_ports" {
  name           = "splunk_cm_ports"
  command        = "check-ports.rb -h 0.0.0.0 -p 8089"
  namespace      = "default"
  subscriptions  = [ "splunk_cm_ports", ]
  handlers       = [ "victorops", ]
  cron           = "* * * * *"
  publish        = "true"
  runtime_assets = [ "sensu-plugins-network-checks", "sensu-ruby-runtime", ]
}

resource "sensu_check" "check_splunk_ds_ports" {
  name           = "splunk_ds_ports"
  command        = "check-ports.rb -h 0.0.0.0 -p 8089"
  namespace      = "default"
  subscriptions  = [ "splunk_ds_ports", ]
  handlers       = [ "victorops", ]
  cron           = "* * * * *"
  publish        = "true"
  runtime_assets = [ "sensu-plugins-network-checks", "sensu-ruby-runtime", ]
}

resource "sensu_check" "check_splunk_hf_ports" {
  name           = "splunk_hf_ports"
  command        = "check-ports.rb -h 0.0.0.0 -p 8089,8000"
  namespace      = "default"
  subscriptions  = [ "splunk_hf_ports", ]
  handlers       = [ "victorops", ]
  cron           = "* * * * *"
  publish        = "true"
  runtime_assets = [ "sensu-plugins-network-checks", "sensu-ruby-runtime", ]
}

resource "sensu_check" "check_splunk_indexer_ports_moose" {
  name           = "splunk_indexer_ports_moose"
  command        = "check-ports.rb -h 0.0.0.0 -p 8089,9998,9887,8088"
  namespace      = "default"
  subscriptions  = [ "splunk_indexer_ports_moose", ]
  handlers       = [ "victorops", ]
  cron           = "* * * * *"
  publish        = "true"
  runtime_assets = [ "sensu-plugins-network-checks", "sensu-ruby-runtime", ]
}

resource "sensu_check" "check_splunk_indexer_ports" {
  name           = "splunk_indexer_ports"
  command        = "check-ports.rb -h 0.0.0.0 -p 8089,9998,9887"
  namespace      = "default"
  subscriptions  = [ "splunk_indexer_ports", ]
  handlers       = [ "victorops", ]
  cron           = "* * * * *"
  publish        = "true"
  runtime_assets = [ "sensu-plugins-network-checks", "sensu-ruby-runtime", ]
}

resource "sensu_check" "check_splunk_sh_ports" {
  name           = "splunk_sh_ports"
  command        = "check-ports.rb -h 0.0.0.0 -p 8089,8000"
  namespace      = "default"
  subscriptions  = [ "splunk_sh_ports", ]
  handlers       = [ "victorops", ]
  cron           = "* * * * *"
  publish        = "true"
  runtime_assets = [ "sensu-plugins-network-checks", "sensu-ruby-runtime", ]
}

resource "sensu_check" "check_splunk_uf_ports" {
  name           = "splunk_uf_ports"
  command        = "check-ports.rb -h 0.0.0.0 -p 8089"
  namespace      = "default"
  subscriptions  = [ "splunk", ]
  handlers       = [ "victorops", ]
  cron           = "* * * * *"
  publish        = "true"
  runtime_assets = [ "sensu-plugins-network-checks", "sensu-ruby-runtime", ]
}

resource "sensu_check" "check_syslog-ng_service" {
  name           = "syslog-ng_service"
  command        = "check-process.rb -p syslog-ng"
  namespace      = "default"
  subscriptions  = [ "syslog-ng_service", ]
  handlers       = [ "victorops", ]
  cron           = "* * * * *"
  publish        = "true"
  runtime_assets = [ "sensu-plugins-process-checks", "sensu-ruby-runtime", ]
}