Alert email message corrupted

[Fred Kroeger]

I'm using the system default email template to send emails for alerts. All work as expected - but a couple of extra = characters appear in the message body.

Windows User Login Check came back with a WARNING state at Fri= 01 Apr 2016 10:55:01 +0800
The alert was processed with the following thresholds:
• Lookback period: 30m
• Warning: 1
• Critical: 3
Here is the full alert output:
WARNING: 2 matchin= entries found |logs=2;1;3

Where the extra = characters are embedded are macro strings

Code: Select all

<p>%alertname% came back with a <b>%state%</b> state at <b>%time%</b></p>

and

Code: Select all

Here is the full alert output:
<div style="padding: 10px; background-color: #F9F9F9;">%output%</div>

Any ideas on what's happening ? Am running NLS 1.4.0

regards... Fred

[tmcdonald]

We saw a similar report not too long ago:

https://support.nagios.com/forum/viewto ... 38&t=37543

And we're thinking it might be related to an Exchange server - you wouldn't happen to be running Exchange, would you?

[Fred Kroeger]

Yes - using Office 365 and Outlook client.
It is similar to the post you refer to , however mine are just changes to the normal text in email body - not specifically an URL.
Considering I don't have any problems with this exchange server with emails from NagiosXI or NNA , and that these character changes are only from Macro strings, I would suspect that there is a problem with NLS.

regards.... Fred

[hsmith]

Would it be possible for you to a TCPDump of when an alert goes out? @jolson did that awhile back, and found that NLS was sending the email with all of the correct characters and information. This would be something useful for us to see so we know what we're dealing with.

[Fred Kroeger]

I captured both an email that was generated by the Test Email & one for an alert
You can see from the Alert email that we are actually sending the "=" from NLS
Interestingly also are the checksum errors

[hsmith]

All right, I can see where it is in the TCPDump.

Is this running on a clean / minimal CentOS 6/7 system? I want to try to replicate it.

What locale is the system?

My main NLS is on CentOS 7, but if you're running 6 I can spin one up to try to test that.

[Fred Kroeger]

It's the standard ESX NLS VM from the download site. So yes it is CentOS 6. It was an older version that has been upgraded to the latest.

Code: Select all

LANG=en_US.UTF-8
LC_CTYPE="en_US.UTF-8"
LC_NUMERIC="en_US.UTF-8"
LC_TIME="en_US.UTF-8"
LC_COLLATE="en_US.UTF-8"
LC_MONETARY="en_US.UTF-8"
LC_MESSAGES="en_US.UTF-8"
LC_PAPER="en_US.UTF-8"
LC_NAME="en_US.UTF-8"
LC_ADDRESS="en_US.UTF-8"
LC_TELEPHONE="en_US.UTF-8"
LC_MEASUREMENT="en_US.UTF-8"
LC_IDENTIFICATION="en_US.UTF-8"
LC_ALL=

[hsmith]

I've sent this threads to the developers for them to weigh in.

[Fred Kroeger]

Any updates on this ?

[hsmith]

They made a change in the latest revision that may have fixed the issue. We don't have an exchange environment, and I haven't seen it replicated in a test one, so I can't tell you for sure the fix fixed it for you. I'll see if I can get some information tomorrow when we are back in the office about when to expect another release. Right now I don't have that information.