Page 4 of 6
Re: URGENT! Nagios flooding mail server but mailq is empty!
Posted: Tue Apr 04, 2017 4:23 pm
by avandemore
I don't see anything abnormal in there. Can you attach /usr/local/nagiosxi/tmp/phpmailer.log I don't seem to be able to find that. From the Nagios log, I don't really see much that matches up to a new email every minute.
Can you provide an actual message?
Re: URGENT! Nagios flooding mail server but mailq is empty!
Posted: Tue Apr 04, 2017 4:51 pm
by dfmco
log attached
Re: URGENT! Nagios flooding mail server but mailq is empty!
Posted: Tue Apr 04, 2017 5:02 pm
by avandemore
Can you attach one of the messages?
Re: URGENT! Nagios flooding mail server but mailq is empty!
Posted: Tue Apr 04, 2017 5:08 pm
by dfmco
Here is one that came in an hour after it happened.
***** DFMCO Alert *****
Nagios has detected a problem with this host.
Notification Type: PROBLEM
Host: Bexar Nagios Capitol
State: DOWN
Address: 10.4.199.12
Info: CRITICAL - 10.4.199.12: rta nan, lost 100%
Date/Time: 2017-03-31 13:31:24
Respond:
http://172.30.30.140/nagiosxi/rr.php?ui ... 27f892160e
Nagios URL:
http://172.30.30.140/nagiosxi/
Re: URGENT! Nagios flooding mail server but mailq is empty!
Posted: Tue Apr 04, 2017 5:12 pm
by dfmco
oops, wrong alert. I deleted all the others already.
Re: URGENT! Nagios flooding mail server but mailq is empty!
Posted: Wed Apr 05, 2017 10:07 am
by avandemore
So far there has not really been an evidence of Nagios queuing up much of anything, so I can't specifically give you a reason about your situation. My best guess is your pagerduty notification handlers did something. If that is the case then you would need to resolve that with the author/admin of the pagerduty notification handlers and/or pagerduty. Otherwise at this point I'd like to see an example of one these wayward notifications including the full email headers. Something like that would be suitable for a PM if you had privacy concerns.
Re: URGENT! Nagios flooding mail server but mailq is empty!
Posted: Wed Apr 05, 2017 10:24 am
by dfmco
PagerDuty is not in use. The account was closed 2 years ago.
I deleted all of the mail from my account but here is one from Monica
[email protected] Monica Oneto-Flick;
***** DFMCO Alert *****
Nagios has detected a problem with this host.
Notification Type: PROBLEM
Host: REOC-sapdms-Avaya-B2
State: DOWN
Address: 10.109.214.207
Info: CRITICAL - 10.109.214.207: rta nan, lost 100%
Date/Time: 2017-03-31 18:23:58
Respond:
http://10.4.199.12/nagiosxi/rr.php?uid= ... 3ba48516f2
Nagios URL:
http://10.4.199.12/nagiosxi/
Re: URGENT! Nagios flooding mail server but mailq is empty!
Posted: Wed Apr 05, 2017 2:59 pm
by avandemore
That does not include the mail headers as I requested.
Your pagerduty notifications are still in use as evidenced by your logs. What happens from there, I don't know.
Re: URGENT! Nagios flooding mail server but mailq is empty!
Posted: Wed Apr 05, 2017 3:14 pm
by dflick
How can I get the headers from Outlook?
How can I disable PagerDuty?
Re: URGENT! Nagios flooding mail server but mailq is empty!
Posted: Wed Apr 05, 2017 4:59 pm
by avandemore
How can I get the headers from Outlook?
I don't use Outlook but I Google'd this for you:
https://support.office.com/en-us/articl ... 48563d212c
How can I disable PagerDuty?
You can go into the contact's and remove the pagerduty notification handlers:
XI > Configure > CCM > Contacts > [Contact] > Alert Settings > ([Manage Host Notification Commands| [Manage Service Notification Commands])