SFTP file existence monitor

Problem this snippet solves:

SFTP file existence monitor

How to use this snippet:

This monitor definition allows for a monitor to connect to a SFTP server and check for the existence of a file using username/password.

Written for a specific implementation where they wouldn't use key pairs, plus it turns out that curl on F5's was compiled with sftp support disabled, so I had to use expect instead.

It's based off of the default sample_monitor.

Create a monitor definition with 3 variables:

$monitor_sftp_USER = Username of SFTP server
$monitor_sftp_PASS = Password for $monitor_sftp_USER
$monitor_sftp_STRING` = String/Filename to search for

I have also written a modified version whereby you can encrypt the password manually using the unit master-key and add that as the password variable, which I can post if wanted.

Code :

#!/bin/sh

#
# (c) Copyright 1996-2006, 2010-2013 F5 Networks, Inc.
#
# This software is confidential and may contain trade secrets that are the
# property of F5 Networks, Inc.  No part of the software may be disclosed
# to other parties without the express written consent of F5 Networks, Inc.
# It is against the law to copy the software.  No part of the software may
# be reproduced, transmitted, or distributed in any form or by any means,
# electronic or mechanical, including photocopying, recording, or information
# storage and retrieval systems, for any purpose without the express written
# permission of F5 Networks, Inc.  Our services are only available for legal
# users of the program, for instance in the event that we extend our services
# by offering the updating of files via the Internet.
#
# @(#) $Id: //depot/maint/bigip12.1.1/tm_daemon/monitors/sample_monitor#1 $
#


#
# these arguments supplied automatically for all external pingers:
# $1 = IP (::ffff:nnn.nnn.nnn.nnn notation or hostname)
# $2 = port (decimal, host byte order)
#
# The following must all be set as variables in the monitor definition
# $monitor_sftp_USER = Username of SFTP server
# $monitor_sftp_PASS = Password for $monitor_sftp_USER
# $monitor_sftp_STRING` = String/Filename to search for
#
# $MONITOR_NAME = name of the monitor
#
# In this sample script, $3 is the regular expression
#

# Name of the pidfile
pidfile="/var/run/$MONITOR_NAME.$1..$2.pid"

# Send signal to the process group to kill our former self and any children
# as external monitors are run with SIGHUP blocked
if [ -f $pidfile ]
then
   kill -9 -`cat $pidfile` > /dev/null 2>&1
fi

echo "$$" > $pidfile

# Remove the IPv6/IPv4 compatibility prefix
node_ip=`echo $1 | sed 's/::ffff://'`

# Using expect and sftp to get directory listing from the server.
# Search the data received for the expected string.
expect -c "
spawn sftp -oStrictHostKeyChecking=no -oPort=$2 $monitor_sftp_USER@$node_ip;
expect \"password:\";
send $monitor_sftp_PASS\r;
expect \"sftp>\";
send \"ls -l\r\";
expect \"sftp>\";
send \"exit\r\" " | grep $monitor_sftp_STRING > /dev/null 

status=$?
if [ $status -eq 0 ]
then
# Remove the pidfile before the script echoes anything to stdout and is killed by bigd
    rm -f $pidfile
    echo "up"
fi

# Remove the pidfile before the script ends
rm -f $pidfile

Tested this on version:

12.1
Updated Jun 06, 2023
Version 2.0
application delivery
external monitor
LTM
sftp
  • Keiron_Shepherd's avatar
    Keiron_Shepherd
    Icon for Employee rankEmployee
    Feb 21, 2024

    Hi 

    Could you share the  version where you can encrypt the password and add that as the password variable? Thanks