Email Ack Recommendation?

Post by **BanditBBS** » Wed Sep 25, 2013 6:45 pm

I know there are a few out there, does anyone from Nagios want to recommend one over the others? Has anyone setup email acknowledging and want to say "this one is easy"?

I have one I think I am going to try, but won't say which yet....don't want to influence the jury. This is in regards to adding those 1000's of Windows hosts via WMI. Had a meeting with a couple of the admins today and they really want to be able to acknowledge via email. (brats, already have SMS ack, mobile ack and web ack...want want want, LOL) Would just be a nice "win" for me if I could get this going and quickly.

slansing · Post by **slansing** » Thu Sep 26, 2013 12:35 pm

Ahhh so email acknowledgement beyond clicking the link that goes to your XI server and acknowledges the issue? Did you have a few examples of programs that could be integrated?

Post by **BanditBBS** » Thu Sep 26, 2013 12:36 pm

http://exchange.nagios.org/directory/Ut ... CK/details

That is the one I was going to look at testing. I'll modify it accordingly to use our internal server and not gmail though.

Post by **BanditBBS** » Thu Sep 26, 2013 3:47 pm

Well, since nobody has opinions, guess I'll be trying this one. I did notice some issues with it and have fixed the code in the ruby script. Once I test it (hopefully Friday)I will post and update here for any future people and will also reply on the exchange.

Edit: The issue I found was it doesn't handle it properly if there are spaces in service descriptions.

slansing · Post by **slansing** » Thu Sep 26, 2013 4:17 pm

I must profess I have not personally tried this. We're all interested though, toss us an update or two and let us know how things go. I'll stand ready to try and configure this myself if you spin your tires.

Post by **BanditBBS** » Thu Sep 26, 2013 7:02 pm

Ok, I have tested and am now in love with the script I linked earlier. I did make a few changes and also need to mention a few caveats.

First the updated script:

Code: Select all

#!/usr/bin/env ruby
#####################################################################
#AiM: ACK Nagios Notification by Forwarding Notification Mail to
#       Nagios' PrivateGMail A/C with Custom Tweaked Subject
#
#this script access GMail over IMAP and fetches InBox Mails
#then it checks for Sender of Mail
#if Sender=NagiosContact then send Mail Subject to Perl script to ACK
#moves fetched Mail to Archive with a Label, deletes from InBox
#####################################################################
##############################START-SCRIPT##############################
require 'net/imap'

nagID = '1'

CONFIG = {
  :host     => 'imap.gmail.com',
  :username => '[email protected]', #its fake, change it
  :password => 'password', #its fake, change it
  :port     => 993,
  :ssl      => true
}

#####################################################################
###############################ACK-METHOD##############################

############Change by BanditBBS ###############
#def nagiosACK(eMailSubject,machineString)
def nagiosACK(eMailSubject,machineString,eMailFrom,eMailHost)
###############################################
    machineID = machineString
    subject = eMailSubject
############Add by BanditBBS ###############
    fromWho = eMailFrom+"@"+eMailHost
############################################
    printMsg="echo 'Subject: " + subject + "' >> /var/log/nagAck.log"
    system(printMsg)
    @commandFile = '/usr/local/nagios/var/rw/nagios.cmd'
    @subjectTokens =subject.split(/\s/)

    if @subjectTokens[0]!=machineID
      system('echo "@Error: eMail Subject has Wrong Machine ID" >> /var/log/nagAck.log')
      return false
    end

    #composing acknowledgement string for nagios.cmd
    if subject.index("Host") != nil
      #in above kind of SUBJECT Line, default HOST info is 8th Word, so
############Change by BanditBBS ###############      
	  hostNfo, svcNfo, statNfo = subject.match(/.+ - ([\w\.-]+)\/(\/?.+) is (\w+)/i).captures
      #hostNfo = @subjectTokens[7]
###############################################
      #preparing host acknowledgement string
      @ackCmd="ACKNOWLEDGE_HOST_PROBLEM;"+hostNfo
############Change by BanditBBS ###############
	  #@ackCmd=@ackCmd+";1;1;1;[email protected];acknowledged through nagiosMailACK"
      @ackCmd=@ackCmd+";1;1;1;"+fromWho+";acknowledged through nagiosMailACK"
###############################################
	  #confirmation output
      printMsg = "-acknowledged the Notification of " + @subjectTokens[4] + " about "
      printMsg = printMsg + hostNfo  + "\n"
      printMsg = 'echo "' + printMsg + '" >> /var/log/nagAck.log'
      system(printMsg)
    elsif  subject.index("Service") != nil
      #in above kind of SUBJECT Line, default HOST/SERVICE info is 8th Word, so
############Change by BanditBBS ###############      
	  hostNfo, svcNfo, statNfo = subject.match(/.+ - ([\w\.-]+)\/(\/?.+) is (\w+)/i).captures
      #hostNfo=@subjectTokens[7].split(/\//)[0]
      #svcNfo=@subjectTokens[7].split(/\//)[1]
###############################################
      #preparing service acknowledgement string
      @ackCmd = "ACKNOWLEDGE_SVC_PROBLEM;"+hostNfo+";"+svcNfo
      ############Change by BanditBBS ###############
      #@ackCmd=@ackCmd+ ";1;1;1;[email protected];acknowledged through nagiosMailACK"
      @ackCmd=@ackCmd+";1;1;1;"+fromWho+";acknowledged through nagiosMailACK"
	  ###############################################
      #confirmation output
      printMsg = "-acknowledged the Notification of " + @subjectTokens[4] + " in " + svcNfo
      printMsg = printMsg +  " @host: " + hostNfo + "\n"
      printMsg = 'echo "' + printMsg + '" >> /var/log/nagAck.log'
      system(printMsg)
    end

        now= Time.now.strftime("%s")
        runCmd="echo '[%lu] " + @ackCmd + "' " + now + " > " + @commandFile
#puts runCmd
        result = %x[#{runCmd}]
        system('echo ' + result + '>> /var/log/nagAck.log')
#puts "over"
    system('echo>> /var/log/nagAck.log')
    system('echo>> /var/log/nagAck.log')
    return true
end
###############################################
=begin
Example MAIL-SUBJECT for Host Level ACK
  NAG-SERVER-ID ack Fwd: ** PROBLEM Host Alert: HOST-NAME is DOWN **
Example MAIL-SUBJECT for Service Level ACK
  NAG-SERVER-ID ack Fwd: ** PROBLEM Service Alert: HOST-NAME/SERVICE-NAME is CRITICAL **
=end

#####################################################################
################################MAIN-PART##############################

#puts "Prefix all acknowledgement mails with '" + nagID + " ack ' with both spaces"
#puts "Eg: '"+nagID+" ack Fwd: ** PROBLEM Host Alert testBox is DOWN **'"

## starting infinite loop
loop do

$imap = Net::IMAP.new( CONFIG[:host], CONFIG[:port], CONFIG[:ssl] )
$imap.login( CONFIG[:username], CONFIG[:password] )
printMsg = 'echo "***************logged in " + CONFIG[:username] + "******************" >> /var/log/nagAck.log'
system(printMsg)

# select the INBOX as the mailbox to work on
$imap.select('INBOX')

messages_to_archive = []
@mailbox = "-1"

# retrieve all messages in the INBOX that
# are not marked as DELETED (archived in Gmail-speak)
$imap.search(["NOT", "DELETED"]).each do |message_id|
  # the mailbox the message was sent to
  # addresses take the form of {mailbox}@{host}
  @mailbox = $imap.fetch(message_id, 'ENVELOPE')[0].attr['ENVELOPE'].to[0].mailbox

  # give us a prettier mailbox name -
  # this is the label we'll apply to the message
  @mailbox = @mailbox.gsub(/([_\-\.])+/, ' ').downcase
  @mailbox.gsub!(/\b([a-z])/) { $1.capitalize }

  envelope = $imap.fetch(message_id, "ENVELOPE")[0].attr["ENVELOPE"]
  #if envelope.from[0].mailbox==="abhishek"
    system("echo 'ackFrom: #{envelope.from[0].mailbox}' >> /var/log/nagAck.log")
    system("echo 'Subject: #{envelope.subject}' >> /var/log/nagAck.log")
############Change by BanditBBS ###############
	#if nagiosACK(envelope.subject,nagID)
	if nagiosACK(envelope.subject,nagID,envelope.from[0].mailbox,envelope.from[0].host)
###############################################
      messages_to_archive << message_id
      begin
         #create the mailbox, unless it already exists
         $imap.create(@mailbox) unless $imap.list('', @mailbox)
         rescue Net::IMAP::NoResponseError => error
      end
      #copy the message to the proper mailbox/label
      $imap.copy(message_id, @mailbox)
    end
    system('echo "nagiosACK executed\n=----------=\n" >> /var/log/nagAck.log')
  #end
  #messages_to_archive << message_id
end

# archive the original messages
$imap.store(messages_to_archive, "+FLAGS", [:Deleted]) unless messages_to_archive.empty?

$imap.logout
system('echo "**************************logged out*****************************" >> /var/log/nagAck.log')
#exit(0)
sleep(900) #15min [time_in_sec]
##ending external loop
end
#######################################################################
##############################END-SCRIPT###############################

Notes about the script:

nagID needs changed to whatever you want your users to add to the subject besides "ack"
host, username and password need changed accordingly
I documented all my changes/additions
Lines 50 and 67 regex needs adjusted to work with your organizations subject lines
Use this site to play with the regex: http://rubular.com/ Make sure and remember to put "youNagID ack RE: " in front of your subject when putting it in the test string field

Now for the caveats:

All of your subjects need to be the same, so best to lock it down
I didn't test the install, I was just running the ruby script manually for testing
I know there was something else, can't recall at the moment, will edit if I remember

slansing · Post by **slansing** » Fri Sep 27, 2013 10:00 am

Wow now this is cool. Great work, I'd recommend either trying to get the original creator of the plugin to update it on exchange, or to use your notes to better help others that take this path. How fast does this work for acknowledging?

Post by **BanditBBS** » Fri Sep 27, 2013 10:06 am

slansing wrote:Wow now this is cool. Great work, I'd recommend either trying to get the original creator of the plugin to update it on exchange, or to use your notes to better help others that take this path. How fast does this work for acknowledging?

Yeah, I'll try and contact the original author.

To answer your question, works fast. Towards the bottom of the script is a sleep command. it runs by default every 15 minutes, but when it runs it reads the emails and marks the host or service as acknowledged very quickly. I actually adjusted the 900 seconds to 540 here. Some of our alerts are on a 10 minute interval, so have to make it lower than that for usability.

The only downside to this, users can't leave a useful comment, but hey, at least the users are happy

EDIT: Emailed the original author the updated script and my notes. Hopefully he updates the exchange.

Post by **lmiltchev** » Fri Sep 27, 2013 12:07 pm

Hopefully he updates the exchange.

This would be really nice.

Post by **BanditBBS** » Wed Nov 06, 2013 3:34 pm

Well, just to update everyone....

I liked his script, but due to security requirements here, I needed one that uses NTLM authentication. I created a forked version of the script and added it to the exchange:http://exchange.nagios.org/directory/Ut ... rk/details

Nagios Support Forum

Email Ack Recommendation?

Email Ack Recommendation?

Re: Email Ack Recommendation?

Re: Email Ack Recommendation?

Re: Email Ack Recommendation?

Re: Email Ack Recommendation?

Re: Email Ack Recommendation?

Re: Email Ack Recommendation?

Re: Email Ack Recommendation?

Re: Email Ack Recommendation?

Re: Email Ack Recommendation?