Possible Nagios alert forwarding formats/techniques

[gormank]

Hi,
Our current susyems forward all alerts via the SNMP trap forwarder component.

We plan a few new Nagios systems and will need to forward alerts to HP OpenView (I think). I’d like info on what the options are for doing this (from the Nagios end). The folks at the other end seem to not be happy with the SNMP trap solution I offered...

[tmcdonald]

Well, the most customizable method would be to write a custom script that works to their specifications, and then set that up as a notification in XI. Then assign that as a notification command for a contact, and put that contact on whatever needs the notifications. That is kinda/sorta how the SNMP trap sending works, at least the end result.

[gormank]

I think you're overthinking this. I send notifications from Nagios as needed to my people. I'm not discussing notifications. As the subject says, I'm talking about alerts.
I'm asking what Nagios offers right this minute to forward alerts to a 3rd party system. I'm aware of SNMP, so no need to mention it.

[tmcdonald]

So instead of waiting until you hit max_check_attempts and trigger a notification, you want to have every state change/check (alert)? In that case you would basically want to use event handlers or the OCSP commands. Still needs some custom scripts being run though.

Built-in right this minute however, you're looking at either SNMP traps or the Outbound Transfers which would use NRDP (HTTP over port 80 or 443 to a custom PHP endpoint). I don't think the NRDP endpoint thing would work for you if you need something that integrates with OpenView directly. NRDP has a specific message format, but you would need to parse that out to fit your needs on the HP side.

[gormank]

The SNMP trap sender sends everything so I imagined this would do the same.
I've actually written a replacement for part of the trap sender that creates a delay in sending traps. It uses a table in the DB to store traps and if an ok arrives within n minutes, the alert and ok are discarded...
Some web searching suggests the HPOV has been replaced in many cases with HP Operations Manager these days, but its still referred to as OV by some. Thus I'm not sure what they have.
I've asked what formats they want or what OV supports, but they of course haven't replied.

So the answer is SNMP or a custom solution of one sort or another?

[tmcdonald]

So the answer is SNMP or a custom solution of one sort or another?

Basically yea, that is what it will boil down to. Especially when unknown/proprietary message formats are involved, which basically means any API. If the receiving end can't do message parsing of its own, then all of that formatting needs to be done on the Nagios side, and with custom scripts. There are many ways to get it done depending on how much/how often you want to send, but in the end they all need custom dev of some sort.

[SteveBeauchemin]

I have been sending data to OV for years. What I do is define a "Contact" that has it's own notification command. Basically a script that runs when a notification is sent. Nagios does all the logic, tests multiple times, and only notifies when all options are exhausted. Then, it sends a notification to a contact named OVO. Contacts do not only have to be people.

I will dig up more information and post it if this sounds like a path you want to take. I can send the perl file for you to play with. It uses opcmsg to send to the OVO system and we use the Java GUI to see the line items.

Steve B

[gormank]

That sounds interesting.

[tmcdonald]

What I do is define a "Contact" that has it's own notification command. Basically a script that runs when a notification is sent. Nagios does all the logic, tests multiple times, and only notifies when all options are exhausted. Then, it sends a notification to a contact named OVO. Contacts do not only have to be people.

So this?

Well, the most customizable method would be to write a custom script that works to their specifications, and then set that up as a notification in XI. Then assign that as a notification command for a contact, and put that contact on whatever needs the notifications.

:)

Definitely feel free to share any code you have available, or put it up on Exchange!