Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>

Now that we have liblattzfs, we can now support ZFS.
Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>

Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>

It's not possible to compile and link against the ZFS headers and
libraries in base when building as a port. For systems where we monitor
ZFS pools, we already need to build hbsdmon locally.

So, to make this build in ports again, only compile the ZFS module when
HAVE_ZFS is specified in the make command-line (`make all HAVE_ZFS=1`).
Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>

In some cases, swapping is incredibly undesired. We need to know when we
hit those cases.
Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>
issue:		#5

For some stupid reason, I forgot that setting -1 as the verbosity tells
the logger to always log the message.
Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>

Also provide a means to set a custom verbosity. By default, we have a
verbosity of 100. Such an arbitrarily high number will help us have many
levels of debugging/error/info messages.
Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>
issue:		#8

This introduces a new dependency (liblattutil, which is not yet in
ports). liblattutil has an API for logging. This commit consumes that
API, sending an error message to syslog whenever sending to Pushover
fails.
Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>
issue:		#8

Doing so will cause the compiler to not perform the desired call to
zmq_send when debugging assertions are deisabled.
Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>
Sponsored-by:	BlackhawkNest, Inc

The heartbeat mechanism was firing too soon (every second instead of
the default of every six hours). When the application starts, we now
cache the start time as if it's the last heartbeat. This ensures that
the calculation of when do perform the next heartbeat succeeds.

Provide the heartbeat timeout to the main thread's zmq_poll. The main
thread doesn't need a "once every second" poll.

The goal of this thread is to fix spamming Pushover with heartbeat
messages.
Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>
Sponsored-by:	BlackhawkNest, Inc

Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>

Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>
Sponsored-by:	BlackhawkNest, Inc

If multiple monitors are deployed in a given infrastructure, it may
become difficult to determine which monitor is alerting. In order to be
able to determine the source of an alert, add a new configuration
parameter (`name`) to name a given monitor instance.

The `name` configuration setting is optional. The default monitor name
is "HardenedBSD Monitor".
Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>
Sponsored-by:	BlackhawkNest, Inc

Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>
Sponsored-by:	BlackhawkNest, Inc

Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>

This commit teaches hbsdmon how to monitor a ZFS pool. An alert is
generated only if the pool is in an error/faulted state. No more detail
or context is provided in the alert, only that the pool needs attention.
An example configuration for the node would include:

```
host: "localhost",
method: "ZFS",
pool: "rpool"
```

Note that the host parameter is ignored.
Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>
Sponsored-by:	BlackhawkNest, Inc
issue:		#7

Of course, UDP isn't actively supported, but the plumbing is there for
forcing address family if/when UDP is supported.
Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>
issue:			#2

Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>

Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>

Move the code around that checks the last time the node failed to the
right spot. After that, if we need to send a new failure message, free
the old fail time.
Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>

Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>

Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>

Now that libpushover is its own project, remove the code from this repo.
Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>

We may want to keep track of the version of libpushover in code (for
ABI/API changes, backwards compatibility, etc.)
Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>

sbuf is much easier to work with.
Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>

Chase the renaming of pushover_message_set_user to
pushover_message_set_dest.
Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>

Properly reflect that we're setting the destination token rather than
some random user token.
Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>

When displaying statistical info, include the last heartbeat time.
Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>

Using sbufs will enabling generating more complex/complete statistical
information.
Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>

When SIGINFO is received, provide very basic statistics via push
message.
Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>

Properly supporting UDP requires setting up a raw socket, which requires
root privileges. Before dealing with raw sockets, we would want to
provide a method for dropping privs.

Once we have proper priviledge dropping support, we'll restart work on
UDP support. Additionally, allowing raw sockets would enable us to
perform ICMP-based pings.
Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>

I need to figure out why FreeBSD's network stack always reports success
on UDP, even though I get ICMP unreach messages on failure. It seems
FreeBSD ignores the ICMP unreach messages.
Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>

sbuf(9) makes working with dynamic strings much easier and more
efficient. Indeed, making this switch simplifies calculating the node
failure message.
Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>

There's no need for sndbuf anymore.
Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>

Add helper functions for locking the main context mutex. Add basic
statistics gathering (no reporting, yet). Add helper function for
stringifying a node. Use those node-to-string functions for sending
monitor init, node failure, and node success messages.
Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>

As a method of documentation, include the hbsdmon.conf used in
monitor-01.md.hardenedbsd.org. Of course, remove the API token and the
destination as those are sensitive.
Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>

Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>

There will likely be times when we want to temporarily stop monitoring a
node. We shouldn't have to delete the node from the config file; rather,
we should just mark it disabled.
Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>

Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>

Periodically notify that the monitoring daemon is alive.
By default, the notification will happen every six hours. The heartbeat
interval is configurable with the `hearbeat` config setting.
Signed-off-by: Shawn Webb <shawn.webb@hardenedbsd.org>