Page 3 of 4
Re: User permissions
Posted: Tue Feb 12, 2013 3:21 pm
by abrist
Great. Keep us up to date, even if the code is still steaming. Cheers.
Re: User permissions
Posted: Wed Feb 13, 2013 11:13 am
by BanditBBS
abrist wrote:Great. Keep us up to date, even if the code is still steaming. Cheers.
Testing it today to make sure the theory works. My head is about to explode. The supplying me the data part isn't finished yet, but I just created some dummy files to test my side of things. The original theory was way off and not working, but I may have found another solution that seems to be working, I will know for sure in about 30 minutes. I will then document my steps for anyone else that wants the feature
Re: User permissions
Posted: Wed Feb 13, 2013 11:24 am
by BanditBBS
Ok, it WORKS!!!!!!!!!!! This is awesome! I'll document what I did and update post in a few minutes.
My one last questions for you:
Host1 is setup with about 5 services on it. The host is configured to alert contactgroup1. The services have nothing configured for alerting, so if a service has an issue, it alerts who the host is configured to alert.(right?)
Now, I setup a host escalation for Host1 to alert contactgroup2 on the 2nd notification for the host. My questions is, are escalations inherited by the services like alerts are, or will I need to setup service groups and service escalations like I did for the host?
Thanks!
Re: User permissions
Posted: Wed Feb 13, 2013 11:46 am
by abrist
Host and service escalations are independent and must be configured separately. Sounds like you are getting close, are you still altering a static config with a script per your original idea?
Re: User permissions
Posted: Wed Feb 13, 2013 12:04 pm
by BanditBBS
Here is how I built in on-call rotation with NagiosXI.
We have a Sharepoint app that tracks on call information. I am having our Sharepoint developers export the data I need once per day. The data they are supplying me is the contact group name, contact group description and primary on call person(matches NagiosXI ID). They are supplying a second file with the same data, except it contains the secondary on call person.
My script is not final (doesn't save to proper folder and other stuff, but here is my script)
Code: Select all
#!/usr/bin/perl
open (INFILE, 'data.txt');
while (<INFILE>) {
chomp;
($group, $alias, $id) = split(",");
open (OUTFILE, '>' . $group . '_oncall1.cfg');
print OUTFILE "define contactgroup{\n";
print OUTFILE "contactgroup_name $group" . "_oncall1\n";
print OUTFILE "alias $alias\n";
print OUTFILE "members $id\n";
print OUTFILE "}";
close (OUTFILE);
}
close (INFILE);
exit;
The above script reads in the data file for primary on call people and will create files in the static configuration folder with the contact group configuration and the member will be the primary on call person. I will have a second script that does the same for secondary on call person.
For the rest of this post, lets use hostname clark_test which belongs to hostgroup test_group. This is all configured within XI.
I create a static configuration file manually, that will be updated manually anytime a new hostgroup or service group is configured within XI. here is the static configuration file:
Code: Select all
define hostescalation{
hostgroup_name test_group
contact_groups test_oncall1
first_notification 1
last_notification 0
notification_interval 15
}
define hostescalation{
hostgroup_name test_group
contact_groups test_oncall2
first_notification 2
last_notification 0
notification_interval 15
}
define hostescalation{
hostgroup_name test_group
contact_groups test_boss
first_notification 3
last_notification 0
notification_interval 15
}
define hostescalation{
hostgroup_name test_group
contact_groups test_all
first_notification 50
last_notification 0
notification_interval 15
}
No contacts are actually configured on the host. The users get their permission to see the host and services by being configured to receive escalations. The first escalation will alert the primary on call person. The second notification will alert both primary and secondary. The third notification will alert both on call people plus their boss/ The 4th escalation configured will hopefully never be used, it is just there to give the entire department permission to view the object within XI.
I will then duplicate this configuration for services as well.
Re: User permissions
Posted: Wed Feb 13, 2013 12:25 pm
by slansing
That is an excellent writeup Bandit, thank you for contributing your time to show us this. Please let us know how it works once smoke-tested
.
Re: User permissions
Posted: Wed Feb 13, 2013 12:26 pm
by abrist
This looks solid, and quite clever. How is that working out, being clever? But seriously, sometimes cooking takes longer than eating, keep us informed.
Re: User permissions
Posted: Fri Feb 22, 2013 10:58 am
by BanditBBS
Getting closer to actually start using this. I finished my script. This script will be run once the data is written to the folder on the nagios server.
Code: Select all
#!/usr/bin/perl
open (INFILE, 'data_pri.txt');
while (<INFILE>) {
chomp;
($group, $alias, $id) = split(",");
open (OUTFILE, '>/usr/local/nagios/etc/static/' . $group . '_oncall_pri.cfg');
print OUTFILE "define contactgroup{\n";
print OUTFILE "contactgroup_name $group" . "_oncall_pri\n";
print OUTFILE "alias $alias\n";
print OUTFILE "members $id\n";
print OUTFILE "}";
close (OUTFILE);
}
close (INFILE);
system ("sudo /bin/chown apache:nagios /usr/local/nagios/etc/static/*.cfg");
system ("sudo /bin/chmod 775 /usr/local/nagios/etc/static/*.cfg");
exit;
That will write my static config files for primary on call person. My secondary on call person script will be the same with just the _pri replaced with _sec. I did create a special user for this and gave that user permissions to sudo the chown and chmod commands in the sudoer file. That user was also added to the nagios group so it would have permissions to write to the static config folder.
Re: User permissions
Posted: Fri Feb 22, 2013 2:42 pm
by slansing
Cool, thanks for keeping us up to date, looking forward to the next update!
Re: User permissions
Posted: Wed Mar 13, 2013 11:30 am
by BanditBBS
Is the script restart_nagios_with_export.sh the one that gets run when hitting the "Apply Configuration" button? If not, which is it?