Email logging?

[akepley]

I have a new Nagios BPI I setup with a new service to monitor it and when it goes Critical, the alert should be sent to our help desk email address. I'm seeing the service notification get created in under the service and I see the record in the nagios_notifications table in MySQL that has contacts_notified='1'. But the email is still not getting to the help desk. Is there a log on the server that keeps up with the Nagios alert emails going out that I can review?

[tmcdonald]

They should show up in /var/log/maillog

[akepley]

Doesn't look like it. We have had multiple notifications by email throughout the day today that have sent successfully, but the maillog has not changed since 8:00am this morning.

Is there a setting in Nagios that states where to log notifications sent out? Maybe it was changed on our server in the past?

[slansing]

Not specifically, all outgoing mail from the server should be logged in maillog by default, unless the MTA was altered or logging was redirected intentionally. If you were to look in maillog you should also see your standard notifications, you will see a socket connection, the message being sent/scheduled for delivery, and any bouncebacks that may be occurring from a SMTP/Exchange server, etc. Are you not seeing anything in the maillog?

It will be constantly updated, every notification will generally fill at least 10 lines in there, so it may be further up. You can do a running tail and force a BPI notification from XI:

Code: Select all

tail -f /var/log/maillog

[akepley]

I don't believe anything is writing to the maillog throughout the day. Take a look at this listing:

Code: Select all

-rw-------  1 root  root     10654 Jun 18 08:00 maillog

Tells me that maillog hasn't been updated since Jun 18 at 8:00am. Current server time is Jun 18 15:21:51 CDT. I've received multiple notification emails from NAGIOS since that time this morning. maillog contents appear to agree with that, with the last few lines being the following:

Code: Select all

Jun 17 08:00:03 nagiosxi sendmail[28790]: s5HD03tU028780: to=<root@nagiosxi>, ctladdr=<root@nagiosxi> (0/0), delay=00:00:00, xdelay=00:00:00, mailer=local, pri=32833, dsn=2.0.0, stat=Sent
Jun 18 07:00:27 nagiosxi sendmail[11632]: s5IC0Rv6011632: from=root, size=3403, class=0, nrcpts=1, msgid=<201406181200.s5IC0Rv6011632@nagiosxi>, relay=root@localhost
Jun 18 07:00:27 nagiosxi sendmail[11636]: s5IC0REg011636: from=<root@nagiosxi>, size=3670, class=0, nrcpts=1, msgid=<201406181200.s5IC0Rv6011632@nagiosxi>, proto=ESMTP, daemon=MTA, relay=localhost [127.0.0.1]
Jun 18 07:00:27 nagiosxi sendmail[11632]: s5IC0Rv6011632: to=root, ctladdr=root (0/0), delay=00:00:00, xdelay=00:00:00, mailer=relay, pri=33403, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (s5IC0REg011636 Message accepted for delivery)
Jun 18 07:00:28 nagiosxi sendmail[11637]: s5IC0REg011636: to=<root@nagiosxi>, ctladdr=<root@nagiosxi> (0/0), delay=00:00:01, xdelay=00:00:00, mailer=local, pri=33878, dsn=2.0.0, stat=Sent
Jun 18 08:00:03 nagiosxi sendmail[26837]: s5ID02pQ026837: from=root, size=2383, class=0, nrcpts=1, msgid=<201406181300.s5ID02pQ026837@nagiosxi>, relay=root@localhost
Jun 18 08:00:03 nagiosxi sendmail[26848]: s5ID031b026848: from=<root@nagiosxi>, size=2639, class=0, nrcpts=1, msgid=<201406181300.s5ID02pQ026837@nagiosxi>, proto=ESMTP, daemon=MTA, relay=localhost [127.0.0.1]
Jun 18 08:00:03 nagiosxi sendmail[26837]: s5ID02pQ026837: to=root@localhost, ctladdr=root (0/0), delay=00:00:01, xdelay=00:00:00, mailer=relay, pri=32383, relay=[127.0.0.1] [127.0.0.1], dsn=2.0.0, stat=Sent (s5ID031b026848 Message accepted for delivery)
Jun 18 08:00:03 nagiosxi sendmail[26858]: s5ID031b026848: to=<root@nagiosxi>, ctladdr=<root@nagiosxi> (0/0), delay=00:00:00, xdelay=00:00:00, mailer=local, pri=32851, dsn=2.0.0, stat=Sent

Also, how would I 'force' a notification from BPI?

[scottwilkerson]

If you are using a 2014 version of XI and using the XI Notification handler (the default) mailer debug logs can be found at

Code: Select all

/usr/local/nagiosxi/tmp/phpmailer.log

[akepley]

Yep, using 2014XI but the phpmailer log just has errors for root@localhost because it's not a fully qualified address. Nothing else in that log.

[akepley]

Does a contact have to be a user in Nagiosxi to be able to send emails to them? I added my user as well to the service and moved the service to Critical. I received the email that I was expecting to nagios to send, but the help desk still did not receive it. I've checked the contact in Core config manager and it is listed as enabled to receive notifications of Critical services. I'm not sure what the problem is now and I can't find a log in nagios that shows what the issue might be.

[akepley]

I went ahead and added the help desk as an actual user in Nagiosxi (I don't like doing this since I don't want the help desk to be a logged in user ever in the system) to test. I then tried to masquerade as the help desk and tried to send a custom notification from the service. It had an error:

Code: Select all

 "Error: Could not stat() command file '/usr/local/nagios/var/rw/nagios.cmd'! 
The external command file may be missing, Nagios may not be running, and/or Nagios may not be checking external commands."  

Looking at /usr/local/nagios/var/rw directory, there is no nagios.cmd. So I can't test with the custom notification either to see if that will work for the help desk as a troubleshooting step.

[abrist]

Restart the nagios process as the command file is created on nagios start:

Code: Select all

service nagios stop
killall nagios
ps -aef | grep nagios.cfg
service nagiso start
ls -la /usr/local/nagios/var/rw/nagios.cmd