Search Exchange
Search All Sites
Nagios Live Webinars
Let our experts show you how Nagios can help your organization.Login
Directory Tree
Mail2Nagios, a Nagios status generator from mails
Meet The New Nagios Core Services Platform
Built on over 25 years of monitoring experience, the Nagios Core Services Platform provides insightful monitoring dashboards, time-saving monitoring wizards, and unmatched ease of use. Use it for free indefinitely.
Monitoring Made Magically Better
- Nagios Core on Overdrive
- Powerful Monitoring Dashboards
- Time-Saving Configuration Wizards
- Open Source Powered Monitoring On Steroids
- And So Much More!
It happens sometimes that the only way to monitor a system is to configure mail notification on it.
The idea is to transport this mails to a SMTP server that will compare them to rules based on regular expression (in the same way than Snort) and generate monitoring messages.
That is why you need to know Perl regular expressions.
The .forward file technique is used to forward the mail to Mail2Nagios script.
You may generate a mail to a administator email
# It requires on server on which Mail2Nagios is installed :
1- a properly MTA (postfix, exim, ..), able to accept mail to mail2nagios@yourdomain.com for example
2- the mailx MUA
3- a GED client if you want to use it
4- a send_nsca client.
5- Mail::Audit::Attach MIME::Base64 perl libraries
6- a local account mail2nagios with a .forward file in its home directory containing :
echo "|//Mail2Nagios/bin/mail2nagios.pl"
7- an adaptation of /etc/Mail2Nagios.cfg to your installation
8- your rules properly configured in /etc/Mail2Nagios.rules.
You will find the description of all fields ansd some examples in this file. You can use perl backreferences to configure the monitoring message. See examples.
Be careful : the first matching rule is used, no other rule is inspected.
# It requires too :
1- everything necessary to transport mails to the server above (especially, if mails are send from external, you may configure MX records, public SMTP servers, firewalls)
2- for NSCA messages, corresponding Nagios passive services on destination Nagios server
# A default monitoring message can be send if no matching rule was found, and eventually a mail notification, see /Mail2Nagios/etc/Mail2Nagios.cfg
# the logs are :
1- /home/mail2nagios/Mail2Nagios/log/mail2nagios.log : all what happened
2- /home/mail2nagios//Mail2Nagios/log/mail.number : the receiced mail.
You can replay them in debug or preview mode :
cat /Mail2Nagios/log/mail.number |/Mail2Nagios/bin/mail2nagios.pl -d
cat /Mail2Nagios/log/mail.number |/Mail2Nagios/bin/mail2nagios.pl -p
Or
cat /Mail2Nagios/log/mail.number |perl -d /Mail2Nagios/bin/mail2nagios.pl
3- /mail-audit.log : the logs generated by Mail::Audit perl module.
!! Don't forget to cleanup this logs. We use the following logrotate file :
/log/mail2nagios.log {
monthly
rotate 12
prerotate
find /log/ -name mail.* -ctime +30 |xargs rm -f
cat /dev/null > /mail-audit.log
endscript
}
# The rule syntax is the following :
#;;;;;;;;;;:
# Where :
# 1 - is the pattern to look for in the mail from address
# 2 - is the pattern to look for in the mail subject
# 3 - is the pattern to look for in the mail header
# 4 - is the pattern to look for in the mail body.
#
# 5- [([,])][|()]: methods and destinations.
# Method may be ged, nagios, redirect, ignore or external which may change alert parameters.
# Examples : - ged(veon2,p-veon2), redirect(toto@spie.com,titi@free.fr),external(/home/toto/myscript)
#
# The followings fields can be a character string or composed of extracted matches and mail parameters. Example :
# $From_$2 : means that this alert parameter is composed of the mail "From" and the the extracted match $2
# 6- that will appear as "EQUIPMENT" in GED and "Host" in Nagios
# 7- that will appear as "Service" in GED or Nagios
# 8- code (0 is OK, 1 is WARNING, 2 is CRITICAL) that will appear as "STATE" in GED and "Status" in Nagios
# 9- that will appear as "DESCRIPTION" in GED and "Status Information" in Nagios
# 10- that will appear as "COMMENTS " in GED when opening a alert detail
#
# NB : to a better lisibility of complex rules, you may split rules in several lines with '', insert comments or blank between these lines. In that case, the last field (details) should countain at least an alphabetic character (a bug not tyes fixed)
# The futur plan is to implement a better format for rules (XML on JSON)
Reviews (1)
bydrvkumar81, September 30, 2016
We were able to configure the regex rules and setup alerts using this.
(had to use a online regex tester, as am not familiar with regexes)
Multiline output also works! just make sure you put
in description and use "echo -e" in .pm
We did the setup in same host where Nagios is installed and used the nsca binary in /usr/local/nagios.
Merci Fabrice!! :)
(had to use a online regex tester, as am not familiar with regexes)
Multiline output also works! just make sure you put
in description and use "echo -e" in .pm
We did the setup in same host where Nagios is installed and used the nsca binary in /usr/local/nagios.
Merci Fabrice!! :)