#!/usr/bin/env python

import requests
import datetime
import json
import os

"""
Check_mk plugin to check for last log from Elasticsearch compared to current time
"""


class lastlog_check(object):

  def __init__(self):
    os.environ['TZ'] = 'UTC'

    self.host = "localhost"
    self.es_port = "9200"
    self.log_dir = "/usr/lib/check_mk_agent/local/log/"

  def logit(self, filename, content):
    with open(filename, "a") as log:
      log.write(content)

  def run(self):
    self.get_last_arr = self.get_last()
    self.diff = self.get_last_arr[1] - self.get_last_arr[0]
    self.seconds_difference = int(self.diff.seconds)

    if self.seconds_difference > 600:
      return (2, self.seconds_difference, "Critical - %ss since last log" % self.seconds_difference)
    elif self.seconds_difference > 300:
      return (1, self.seconds_difference, "WARN - %ss since last log" % self.seconds_difference)
    else:
      return (0, self.seconds_difference, "OK - %ss since last log" % self.seconds_difference)

    return (3, "No status")

  def get_last(self):

    self.url = "http://{0}:{1}/_search?pretty&fields=source,timestamp".format(self.host, self.es_port)
    self.headers = {"Content-type": "application/json", "Accept": "text/plain"}
    self.data = {
    "query": {
        "match_all": {}
    },
    "size": 1,
    "sort": [
        {
	    "timestamp": {
	        "order": "desc"
	    }
	}
    ]
    }

    self.r = requests.post(self.url, data=json.dumps(self.data), headers=self.headers)
    self.json_output = self.r.json()
    self.json_timestamp = self.json_output["hits"]["hits"][0]['fields']['timestamp'][0]

    self.timestamp_lastlog = datetime.datetime.strptime(self.json_timestamp, "%Y-%m-%d %H:%M:%S.%f")
    self.timestamp_now = datetime.datetime.now()

    self.result = [self.timestamp_lastlog, self.timestamp_now]

    # Logging delayed logs
    diff = self.result[1] - self.result[0]
    minutes_difference = int(diff.seconds)

    if minutes_difference > 600:
      self.logit("%sdelayed_logs.log" % self.log_dir, "%s\n" % str(self.json_output))
      self.logit("%sdelayed_logs.log" % self.log_dir, "%s\n" % self.timestamp_lastlog)
      self.logit("%sdelayed_logs.log" % self.log_dir, "%s\n\n\n" % self.timestamp_now)

    return self.result


llc = lastlog_check()
llc_arr = llc.run()

print("%s Elasticsearch_lastlog seconds_since_last_log=%s %s" % (llc_arr[0], llc_arr[1], llc_arr[2]))