Page 1 of 1
Custom Macro's Creation
Posted: Thu Dec 12, 2019 10:59 am
by vignesha
Hello Team,
We are sending nagios alerts to ServiceNow through SNMP Trap Sender. We need server type information in the alert i.e (Windows, Linux or Network Device) ServiceNow can filter the server type and send the alert to respective teams.
To do this we require Macro to configure in Nagios and snmptrapsender. But as per Nagios Standard Macro's list there are no Macro for server type information.
i have tried adding the below comments in xi_service_event_handler
/usr/bin/php /usr/local/nagiosxi/scripts/handle_nagioscore_event.php --handler-type=service --host="$HOSTNAME$" --service="$SERVICEDESC$" --hostaddress="$HOSTADDRESS$" --hoststate=$HOSTSTATE$ --hoststateid=$HOSTSTATEID$ --hosteventid=$HOSTEVENTID$ --hostproblemid=$HOSTPROBLEMID$ --servicestate=$SERVICESTATE$ --servicestateid=$SERVICESTATEID$ --lastservicestate=$LASTSERVICESTATE$ --lastservicestateid=$LASTSERVICESTATEID$ --servicestatetype=$SERVICESTATETYPE$ --currentattempt=$SERVICEATTEMPT$ --maxattempts=$MAXSERVICEATTEMPTS$ --serviceeventid=$SERVICEEVENTID$ --serviceproblemid=$SERVICEPROBLEMID$ --serviceoutput="$SERVICEOUTPUT$" --longserviceoutput="$LONGSERVICEOUTPUT$" --servicedowntime="$SERVICEDOWNTIME$" --flavour="$windowsserver$"
Also, i have edited /usr/local/nagiosxi/html/includes/components/snmptrapsender/snmptrapsender.inc.php to send snmp trap to servicenow.
line 533:
$trap_command = "/usr/bin/snmptrap -v 2c -c $community $tcp$address$port '' NAGIOS-NOTIFY-MIB::nHostEvent nHostname s \"%host%\" nHostStateID i %hoststateid% nHostOutput s \"%hostoutput%\" nHostAlias s \"%hostalias%\" s '%flavour%' windowsserver";
line 602:
$trap_command = "/usr/bin/snmptrap -v 2c -c $community $tcp$address$port '' NAGIOS-NOTIFY-MIB::nSvcEvent nSvcHostname s \"%host%\" nSvcDesc s \"%service%\" nSvcStateID i %servicestateid% nSvcOutput s \"%serviceoutput%\" nHostAlias s \"%hostalias%\" s '%flavour%' windowsserver";
output:
......PROCESS EVENT: ID=18107799, SOURCE=2, TYPE=1, TIME=2019-12-12 14:50:34
*** GLOBAL HANDLER...
Array
(
[event_id] => 18107799
[event_source] => 2
[event_type] => 1
[event_time] => 2019-12-12 14:50:34
[event_meta] => Array
(
[handler-type] => service
[host] => test_server
[service] => Inter-connect to WAN - ETHC00120295 - xxxx - xxxxxxxxxx Po Bandwidth
[hostaddress] => xx.xxx.xx.xxxx
[hoststate] => UP
[hoststateid] => 0
[hosteventid] => 6111744
[hostproblemid] => 0
[servicestate] => WARNING
[servicestateid] => 1
[lastservicestate] => OK
[lastservicestateid] => 0
[servicestatetype] => HARD
[currentattempt] => 5
[maxattempts] => 5
[serviceeventid] => 6230091
[serviceproblemid] => 2806840
[serviceoutput] => WARNING - Current BW in: 16.77Mbps Out: 1.26Mbps
[longserviceoutput] =>
[servicedowntime] => 0
[flavour] => $%windowsserver%$
)
[logging_enabled] => 1
)
as per above am getting windows server for all type of server, so I need your help to make correction to define the variable or macro to get all server type like (Windows, Linux, switch, etc..,)
Re: Custom Macro's Creation
Posted: Thu Dec 12, 2019 3:19 pm
by cdienger
https://assets.nagios.com/downloads/nag ... iables.pdf has good information on how to set a free(custom) variable and how you can include it in notifications(or in this case the xi_service_event_handler command). Please review and let us know if you have any further questions.
Re: Custom Macro's Creation
Posted: Fri Dec 13, 2019 5:51 am
by vignesha
Hi,
Thanks for your response,
i have tried but it is not working as expected.
I like to call already available variable as xiwizard and its providing the information as (windows, linux, etc..,), could you help me out to define the same variable in "xi_service_notification_handler" command and SNMPTRAP command as well. PFB SS am looking to defin a variable.
Re: Custom Macro's Creation
Posted: Fri Dec 13, 2019 5:52 am
by vignesha
PFB attachement.
Re: Custom Macro's Creation
Posted: Fri Dec 13, 2019 2:28 pm
by cdienger
The command should look like:
Code: Select all
/usr/bin/php /usr/local/nagiosxi/scripts/handle_nagioscore_event.php --handler-type=service --host="$HOSTNAME$" --service="$SERVICEDESC$" --hostaddress="$HOSTADDRESS$" --hoststate=$HOSTSTATE$ --hoststateid=$HOSTSTATEID$ --hosteventid=$HOSTEVENTID$ --hostproblemid=$HOSTPROBLEMID$ --servicestate=$SERVICESTATE$ --servicestateid=$SERVICESTATEID$ --lastservicestate=$LASTSERVICESTATE$ --lastservicestateid=$LASTSERVICESTATEID$ --servicestatetype=$SERVICESTATETYPE$ --currentattempt=$SERVICEATTEMPT$ --maxattempts=$MAXSERVICEATTEMPTS$ --serviceeventid=$SERVICEEVENTID$ --serviceproblemid=$SERVICEPROBLEMID$ --serviceoutput="$SERVICEOUTPUT$" --longserviceoutput="$LONGSERVICEOUTPUT$" --servicedowntime="$SERVICEDOWNTIME$" --flavour="$_SERVICExiwizard$"
The trap command would then look like:
Code: Select all
$service_trap_command = "/usr/bin/snmptrap -v 2c -c $community $tcp$address$port '' NAGIOS-NOTIFY-MIB::nSvcEvent nSvcHostname s \"%host%\" nSvcDesc s \"%service%\" nSvcStateID i %servicestateid% nSvcOutput s \"%serviceoutput%\" nSvcFlavour s \"%flavour%\"";
and the nSvcEvent in NAGIOS-NOTIFY-MIB.txt would need to be updated to look like:
Code: Select all
nSvcEvent NOTIFICATION-TYPE
OBJECTS { nHostname, nHostStateID, nSvcDesc, nSvcStateID, nSvcAttempt,
nSvcDurationSec, nSvcGroupName, nSvcLastCheck, nSvcLastChange,
nSvcOutput, nSvcFlavour }
STATUS current
DESCRIPTION
"The SNMP trap that is generated as a result of an event with the service
in Nagios."
::= { nagiosNotify 7 }
Re: Custom Macro's Creation
Posted: Mon Dec 16, 2019 8:55 am
by vignesha
Hi,
Thanks for your reply,
i have made the changes and checked but still issues remais same, data not reflecting as(windows, linux, etc..,)
PFB output and SS for the same.
[root@XXXXXXXXX snmptrapsender]# cat snmptrapsender.inc.php | grep -i '$service_trap_command'
$service_trap_command = "/usr/bin/snmptrap -v 2c -c public 192.168.5.4 '' NAGIOS-NOTIFY-MIB::nSvcEvent nSvcHostname s \"%host%\" nSvcDesc s \"%service%\" nSvcStateID i %servicestateid% nSvcOutput s \"%serviceoutput%\" nSvcXiWizard s \"%service_xiwizard%\" nSvcFlavour s \"%flavour%\"";
=========================================
*** GLOBAL HANDLER...
Array
(
[event_id] => 18132169
[event_source] => 2
[event_type] => 1
[event_time] => 2019-12-16 13:24:06
[event_meta] => Array
(
[handler-type] => service
[host] => xxxxxxxxxxx
[service] => Inter-connect to WAN - xxxx - xxxx - xxx-xxx-xx Po Bandwidth
[hostaddress] => xx.xxx.xx.xxx
[hoststate] => UP
[hoststateid] => 0
[hosteventid] => 6111744
[hostproblemid] => 0
[servicestate] => OK
[servicestateid] => 0
[lastservicestate] => CRITICAL
[lastservicestateid] => 2
[servicestatetype] => SOFT
[currentattempt] => 3
[maxattempts] => 5
[serviceeventid] => 6247580
[serviceproblemid] => 2815439
[serviceoutput] => OK - Current BW in: 10.26Mbps Out: 1.30Mbps
[longserviceoutput] =>
[servicedowntime] => 0
[flavour] => $
)
[logging_enabled] => 1
)
*** GLOBAL HANDLER (snmptrapsender)...
Array
(
[event_id] => 18132251
[event_source] => 2
[event_type] => 1
[event_time] => 2019-12-16 13:53:13
[event_meta] => Array
(
[handler-type] => service
[host] => xxxxxxxxxx
[service] => IIB Broker Status
[hostaddress] => xx.xxx.xxx.xx
[hoststate] => UP
[hoststateid] => 0
[hosteventid] => 5965715
[hostproblemid] => 0
[servicestate] => OK
[servicestateid] => 0
[lastservicestate] => CRITICAL
[lastservicestateid] => 2
[servicestatetype] => SOFT
[currentattempt] => 3
[maxattempts] => 5
[serviceeventid] => 6247641
[serviceproblemid] => 2815484
[serviceoutput] => OK - no errors or warnings
[longserviceoutput] =>
[servicedowntime] => 0
[flavour] => $
)
[logging_enabled] => 1
)
Re: Custom Macro's Creation
Posted: Mon Dec 16, 2019 3:18 pm
by cdienger
Typo on my end. The command should use uppercase and look like:
Code: Select all
/usr/bin/php /usr/local/nagiosxi/scripts/handle_nagioscore_event.php --handler-type=service --host="$HOSTNAME$" --service="$SERVICEDESC$" --hostaddress="$HOSTADDRESS$" --hoststate=$HOSTSTATE$ --hoststateid=$HOSTSTATEID$ --hosteventid=$HOSTEVENTID$ --hostproblemid=$HOSTPROBLEMID$ --servicestate=$SERVICESTATE$ --servicestateid=$SERVICESTATEID$ --lastservicestate=$LASTSERVICESTATE$ --lastservicestateid=$LASTSERVICESTATEID$ --servicestatetype=$SERVICESTATETYPE$ --currentattempt=$SERVICEATTEMPT$ --maxattempts=$MAXSERVICEATTEMPTS$ --serviceeventid=$SERVICEEVENTID$ --serviceproblemid=$SERVICEPROBLEMID$ --serviceoutput="$SERVICEOUTPUT$" --longserviceoutput="$LONGSERVICEOUTPUT$" --servicedowntime=$SERVICEDOWNTIME$ --flavour="$_SERVICEXIWIZARD$"
I've also attached a copy of my modify NAGIOS-NOTIFY-MIB.
And here are my trap commands for the service events:
Code: Select all
$trap_command = "/usr/bin/snmptrap -v 3 $engineid_string -u $username -a $authproto -A $authpassword -x $privproto -X $privacypassword $tcp$address$port '' NAGIOS-NOTIFY-MIB::nSvcEvent nSvcHostname s \"%host%\" nSvcDesc s \"%service%\" nSvcStateID i %servicestateid% nSvcOutput s \"%serviceoutput%\" nHostAlias s \"%hostalias%\" nSvcFlavour s \"%flavour%\"";
} elseif ($snmpversion == "2c") {
$trap_command = "/usr/bin/snmptrap -v 2c -c $community $tcp$address$port '' NAGIOS-NOTIFY-MIB::nSvcEvent nSvcHostname s \"%host%\" nSvcDesc s \"%service%\" nSvcStateID i %servicestateid% nSvcOutput s \"%serviceoutput%\" nHostAlias s \"%hostalias%\" nSvcFlavour s \"%flavour%\"";
} elseif ($snmpversion == "1") {
$trap_command = "/usr/bin/snmptrap -v 1 -c $community $tcp$address$port '' NAGIOS-NOTIFY-MIB::nSvcEvent nSvcHostname s \"%host%\" nSvcDesc s \"%service%\" nSvcStateID i %servicestateid% nSvcOutput s \"%serviceoutput%\" nHostAlias s \"%hostalias%\" nSvcFlavour s \%flavour%\"";
}
Re: Custom Macro's Creation
Posted: Fri Dec 20, 2019 8:18 am
by vignesha
Hi Cdienger,
I have made the changes as you mentioned below,
Also i have monitored closely and found that am able to see the SNMPTRAP alerts in nagios server but the same not reflecting in Servicenow end, so i have just removed nSvcFlavour s \"%flavour%\" variable and tried SNMPTRAP are sending to Servicenow end.
From the below output i able to see few errors after i have made the changes, PFB SNMPTRAP output
After:
*** GLOBAL HANDLER (snmptrapsender)...
Array
(
[event_id] => 18152738
[event_source] => 2
[event_type] => 1
[event_time] => 2019-12-20 12:53:48
[event_meta] => Array
(
[handler-type] => service
[host] => xxxxxxxxx
[service] => CPU Usage
[hostaddress] => xx.xxx.xxx.xx
[hoststate] => UP
[hoststateid] => 0
[hosteventid] => 6209621
[hostproblemid] => 0
[servicestate] => OK
[servicestateid] => 0
[lastservicestate] => WARNING
[lastservicestateid] => 1
[servicestatetype] => HARD
[currentattempt] => 5
[maxattempts] => 5
[serviceeventid] => 6262135
[serviceproblemid] => 2822617
[serviceoutput] => CPU Load 56% (5 min average)
[longserviceoutput] =>
[servicedowntime] => 0
[flavour] => windowsserver
)
[logging_enabled] => 1
)
PROCESSING:
Array
(
[address] => xx.xxx.xxx.xx
[port] => 9030
[hoststateid] => 0
[servicestateid] => 0
[statetype] => HARD
[downtime] => 1
[snmpversion] => 2c
[community] => xxxxx
)
PHP Notice: Undefined index: contact in /usr/local/nagiosxi/html/includes/utils-notifications.inc.php on line 0
PHP Notice: Undefined variable: _SESSION in /usr/local/nagiosxi/html/includes/utils-users.inc.php on line 1944
RUNNING COMMAND: /usr/bin/snmptrap -v 2c -c xxxxx xx.xxx.xxx.xx:9030 '' NAGIOS-NOTIFY-MIB::nSvcEvent nSvcHostname s "xxxxxxx" nSvcDesc s "CPU Usage" nSvcStateID i 0 nSvcOutput s "CPU Load 56% (5 min average)" nHostAlias s "xxxxxxx" nSvcFlavour s "windowsserver"
No log handling enabled - turning on stderr logging
nSvcFlavour: Unknown Object Identifier (Sub-id not found: (top) -> nSvcFlavour)
.....
##################################
Before:
*** GLOBAL HANDLER (snmptrapsender)...
Array
(
[event_id] => 18152771
[event_source] => 2
[event_type] => 1
[event_time] => 2019-12-20 13:02:43
[event_meta] => Array
(
[handler-type] => service
[host] => xxxxxxxxxxx
[service] => CPU Usage
[hostaddress] => xx.xxx.xxx.xx
[hoststate] => UP
[hoststateid] => 0
[hosteventid] => 6209621
[hostproblemid] => 0
[servicestate] => WARNING
[servicestateid] => 1
[lastservicestate] => WARNING
[lastservicestateid] => 1
[servicestatetype] => HARD
[currentattempt] => 5
[maxattempts] => 5
[serviceeventid] => 6262141
[serviceproblemid] => 2822626
[serviceoutput] => CPU Load 92% (5 min average)
[longserviceoutput] =>
[servicedowntime] => 0
)
[logging_enabled] => 1
)
PROCESSING:
Array
(
[address] => xx.xxx.xxx.xx
[port] => 9030
[hoststateid] => 0
[servicestateid] => 0
[statetype] => HARD
[downtime] => 1
[snmpversion] => 2c
[community] => xxxxx
)
PHP Notice: Undefined index: contact in /usr/local/nagiosxi/html/includes/utils-notifications.inc.php on line 0
PHP Notice: Undefined variable: _SESSION in /usr/local/nagiosxi/html/includes/utils-users.inc.php on line 1944
RUNNING COMMAND: /usr/bin/snmptrap -v 2c -c xxxxx xx.xxx.xxx.xx:9030 '' NAGIOS-NOTIFY-MIB::nSvcEvent nSvcHostname s "xxxxxxx" nSvcDesc s "CPU Usage" nSvcStateID i 1 nSvcOutput s "CPU Load 92% (5 min average)" nHostAlias s "xxxxxxx"
Re: Custom Macro's Creation
Posted: Fri Dec 20, 2019 5:44 pm
by ssax
Please revert the MIB to what you had before.
First, update your commands to use:
Here's what I do:
Don't use nNewName and use a free OID from the MIB:
Code: Select all
[root@xid snmptrapsender]# snmptranslate -Tz -m /usr/share/snmp/mibs/NAGIOS-NOTIFY-MIB.txt
"org" "1.3"
"dod" "1.3.6"
"internet" "1.3.6.1"
"directory" "1.3.6.1.1"
"mgmt" "1.3.6.1.2"
"mib-2" "1.3.6.1.2.1"
"transmission" "1.3.6.1.2.1.10"
"experimental" "1.3.6.1.3"
"private" "1.3.6.1.4"
"enterprises" "1.3.6.1.4.1"
"nagios" "1.3.6.1.4.1.20006"
"nagiosNotify" "1.3.6.1.4.1.20006.1"
"nagiosHostEventTable" "1.3.6.1.4.1.20006.1.1"
"nagiosHostEventEntry" "1.3.6.1.4.1.20006.1.1.1"
"nHostEventIndex" "1.3.6.1.4.1.20006.1.1.1.1"
"nHostname" "1.3.6.1.4.1.20006.1.1.1.2"
"nHostAlias" "1.3.6.1.4.1.20006.1.1.1.3"
"nHostStateID" "1.3.6.1.4.1.20006.1.1.1.4"
"nHostStateType" "1.3.6.1.4.1.20006.1.1.1.5"
"nHostAttempt" "1.3.6.1.4.1.20006.1.1.1.6"
"nHostDurationSec" "1.3.6.1.4.1.20006.1.1.1.7"
"nHostGroupName" "1.3.6.1.4.1.20006.1.1.1.8"
"nHostLastCheck" "1.3.6.1.4.1.20006.1.1.1.9"
"nHostLastChange" "1.3.6.1.4.1.20006.1.1.1.10"
"nHostLastUp" "1.3.6.1.4.1.20006.1.1.1.11"
"nHostLastDown" "1.3.6.1.4.1.20006.1.1.1.12"
"nHostLastUnreachable" "1.3.6.1.4.1.20006.1.1.1.13"
"nHostOutput" "1.3.6.1.4.1.20006.1.1.1.14"
"nHostPerfData" "1.3.6.1.4.1.20006.1.1.1.15"
"nagiosHostNotifyTable" "1.3.6.1.4.1.20006.1.2"
"nagiosHostNotifyEntry" "1.3.6.1.4.1.20006.1.2.1"
"nHostNotifyType" "1.3.6.1.4.1.20006.1.2.1.1"
"nHostNotifyNum" "1.3.6.1.4.1.20006.1.2.1.2"
"nHostAckAuthor" "1.3.6.1.4.1.20006.1.2.1.3"
"nHostAckComment" "1.3.6.1.4.1.20006.1.2.1.4"
"nagiosSvcEventTable" "1.3.6.1.4.1.20006.1.3"
"nagiosSvcEventEntry" "1.3.6.1.4.1.20006.1.3.1"
"nSvcEventIndex" "1.3.6.1.4.1.20006.1.3.1.1"
"nSvcHostname" "1.3.6.1.4.1.20006.1.3.1.2"
"nSvcHostAlias" "1.3.6.1.4.1.20006.1.3.1.3"
"nSvcHostStateID" "1.3.6.1.4.1.20006.1.3.1.4"
"nSvcHostStateType" "1.3.6.1.4.1.20006.1.3.1.5"
"nSvcDesc" "1.3.6.1.4.1.20006.1.3.1.6"
"nSvcStateID" "1.3.6.1.4.1.20006.1.3.1.7"
"nSvcAttempt" "1.3.6.1.4.1.20006.1.3.1.8"
"nSvcDurationSec" "1.3.6.1.4.1.20006.1.3.1.9"
"nSvcGroupName" "1.3.6.1.4.1.20006.1.3.1.10"
"nSvcLastCheck" "1.3.6.1.4.1.20006.1.3.1.11"
"nSvcLastChange" "1.3.6.1.4.1.20006.1.3.1.12"
"nSvcLastOK" "1.3.6.1.4.1.20006.1.3.1.13"
"nSvcLastWarn" "1.3.6.1.4.1.20006.1.3.1.14"
"nSvcLastCrit" "1.3.6.1.4.1.20006.1.3.1.15"
"nSvcLastUnkn" "1.3.6.1.4.1.20006.1.3.1.16"
"nSvcOutput" "1.3.6.1.4.1.20006.1.3.1.17"
"nSvcPerfData" "1.3.6.1.4.1.20006.1.3.1.18"
"nagiosSvcNotifyTable" "1.3.6.1.4.1.20006.1.4"
"nagiosSvcNotifyEntry" "1.3.6.1.4.1.20006.1.4.1"
"nSvcNotifyType" "1.3.6.1.4.1.20006.1.4.1.1"
"nSvcNotifyNum" "1.3.6.1.4.1.20006.1.4.1.2"
"nSvcAckAuthor" "1.3.6.1.4.1.20006.1.4.1.3"
"nSvcAckComment" "1.3.6.1.4.1.20006.1.4.1.4"
"nHostEvent" "1.3.6.1.4.1.20006.1.5"
"nHostNotify" "1.3.6.1.4.1.20006.1.6"
"nSvcEvent" "1.3.6.1.4.1.20006.1.7"
"nSvcNotify" "1.3.6.1.4.1.20006.1.8"
"security" "1.3.6.1.5"
"snmpV2" "1.3.6.1.6"
"snmpDomains" "1.3.6.1.6.1"
"snmpProxys" "1.3.6.1.6.2"
"snmpModules" "1.3.6.1.6.3"
"zeroDotZero" "0.0"
For example, just modify the host one like this:
"nHostPerfData" "1.3.6.1.4.1.20006.1.1.1.15"
"nSvcPerfData" "1.3.6.1.4.1.20006.1.3.1.18"
So add this to the Host Trap Command in the
snmptrapsender.inc.php
Code: Select all
... 1.3.6.1.4.1.20006.1.1.1.9999 s \"%flavour%\"";
For the Service:
Code: Select all
... 1.3.6.1.4.1.20006.1.3.1.9999 s \"%flavour%\"";
The MIB won't be able to translate but it's included.
What I'm trying to do is prevent you from modifying the MIB file to something we won't have a copy of. Leave MIBs alone unless you wrote them is my take on it otherwise you now have a custom system that may not survive an updated to the MIB file (if we do at some point).