Thursday, July 15, 2010

Nagios - Use an external smtp server to send notifications



One of the most important feature of Nagios is the notification system; by default Nagios will use the local mail daemon (mail) to send all the notifications.
Maybe this kind of system was working fine in past, but today, with this huge amount of spam circulating all over the world, this kind of emails from a not verified source can be filtered by the same company antispam system.
In order to avoid this issue I will explain how to configure Nagios using an external smtp server also with smtp authentication.


Since the Nagios notification event is still a triggered command, we have to download an alternative command line email client.


I suggest the powerful "sendemail" command, available at the following link:

http://caspian.dotconf.net/menu/Software/SendEmail/

Once the download is finished unpack sendemail:

[root@localhost] tar -xvf sendEmail-v1.56.tar.gz

Then copy the binary in the bin folder

[root@localhost] cp /root/sendEmail-v1.56/sendEmail /usr/local/bin/

In order to troubleshoot any eventual problem, please use the following workaround to create and give the necessary authorization to write in the sendemail log file:

[root@localhost] touch /var/log/sendEmail
[root@localhost] chmod 666 /var/log/sendEmail


(remember, by default, Nagios does not start with full administrative rights, so command sent by Nagios too)
Now we need to set some variables that we need to recall later depending on your particular environment and smtp configuration:

So edit the resource.cfg file located in:
/usr/local/nagios/etc/resource.cfg
Add the following lines with your particular smtp configuration:

$USER5$=email@address.tld

$USER7$=smtp.server.tld

#If you don't use smtp authentication skip this variables and use the version B) of commands.cfg

$USER9$=authsmtpusername
$USER10$=authsmtpassword


Save and exit (<- This commands change depending from your editor, sadly I've been in too many disputes aboute which linux editor is better, so don't expect any advice from me) After this, we are gonna change the commands.cfg file located in:
/usr/local/nagios/etc/objects/commands.cfg

First perform a backup of the config file:
cd /usr/local/nagios/etc/objects/
cp commands.cfg commands.cfg.old


Edito the commands.cfg file and you will find two commands:
'notify-host-by-email' and 'notify-service-by-email'

A) SMTP AUTHENTICATION COMMANDS
Now, if you use SMTP authentication replace the two commands with the following:

# 'notify-host-by-email' command definition define command{ command_name notify-host-by-email command_line /usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\nHost: $HOSTNAME$\nState: $HOSTSTATE$\nAddress: $HOSTADDRESS$\nInfo: $HOSTOUTPUT$\n\nDate/Time: $LONGDATETIME$\n" | /usr/local/bin/sendEmail -s $USER7$ -xu $USER9$ -xp $USER10$ -t $CONTACTEMAIL$ -f $USER5$ -l /var/log/sendEmail -u "** $NOTIFICATIONTYPE$ Host Alert: $HOSTNAME$ is $HOSTSTATE$ **" -m "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\nHost: $HOSTNAME$\nState: $HOSTSTATE$\nAddress: $HOSTADDRESS$\nInfo: $HOSTOUTPUT$\n\nDate/Time: $LONGDATETIME$\n" }

# 'notify-service-by-email' command definition define command{ command_name notify-service-by-email command_line /usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\n\nService: $SERVICEDESC$\nHost: $HOSTALIAS$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE$\n\nDate/Time: $LONGDATETIME$\n\nAdditional Info:\n\n$SERVICEOUTPUT$" | /usr/local/bin/sendEmail -s $USER7$ -xu $USER9$ -xp $USER10$ -t $CONTACTEMAIL$ -f $USER5$ -l /var/log/sendEmail -u "** $NOTIFICATIONTYPE$ Service Alert: $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$ **" -m "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\n\nService: $SERVICEDESC$\nHost: $HOSTALIAS$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE$\n\nDate/Time: $LONGDATETIME$\n\nAdditional Info:\n\n$SERVICEOUTPUT$" }


B) NO SMTP-AUTHENTICATION
This is pretty much the same but without passing the authentication triggers to sendemail:

# 'notify-host-by-email' command definition define command{ command_name notify-host-by-email command_line /usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\nHost: $HOSTNAME$\nState: $HOSTSTATE$\nAddress: $HOSTADDRESS$\nInfo: $HOSTOUTPUT$\n\nDate/Time: $LONGDATETIME$\n" | /usr/local/bin/sendEmail -s $USER7$ -t $CONTACTEMAIL$ -f $USER5$ -l /var/log/sendEmail -u "** $NOTIFICATIONTYPE$ Host Alert: $HOSTNAME$ is $HOSTSTATE$ **" -m "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\nHost: $HOSTNAME$\nState: $HOSTSTATE$\nAddress: $HOSTADDRESS$\nInfo: $HOSTOUTPUT$\n\nDate/Time: $LONGDATETIME$\n" }

# 'notify-service-by-email' command definition define command{ command_name notify-service-by-email command_line /usr/bin/printf "%b" "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\n\nService: $SERVICEDESC$\nHost: $HOSTALIAS$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE$\n\nDate/Time: $LONGDATETIME$\n\nAdditional Info:\n\n$SERVICEOUTPUT$" | /usr/local/bin/sendEmail -s $USER7$ -t $CONTACTEMAIL$ -f $USER5$ -l /var/log/sendEmail -u "** $NOTIFICATIONTYPE$ Service Alert: $HOSTALIAS$/$SERVICEDESC$ is $SERVICESTATE$ **" -m "***** Nagios *****\n\nNotification Type: $NOTIFICATIONTYPE$\n\nService: $SERVICEDESC$\nHost: $HOSTALIAS$\nAddress: $HOSTADDRESS$\nState: $SERVICESTATE$\n\nDate/Time: $LONGDATETIME$\n\nAdditional Info:\n\n$SERVICEOUTPUT$" }

Now the configuration is finished. Anyway, before applying the new configuration, run the following command to check for any error or mistake:
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

If there are no errors, restart the nagios service:

service nagios restart

To troubleshoot the sendemail command run the following to check in the log file:

tail -f /var/log/sendEmail


Hope this post will be useful to you. If you have any troube or you want to suggest me a better system do not hesitate to write a line.

Regards
Daniel

30 comments:

  1. Great post - I wanted nagios posting to a google apps address, so I needed to add -o tls=yes and it worked a treat!

    ReplyDelete
  2. Hi Daniele,

    I have configured everything as mentioned, now i'm getting the following error, could please help me out.

    ERROR => Received: 530 5.7.0 Must issue a STARTTLS command first.

    ReplyDelete
  3. To issue STARTTLS add the following option to sendEmail command:

    -o tls=yes

    ReplyDelete
  4. Thank you so much! I just couldn't get smtp email working in Nagios, and this worked perfectly! :-)

    ReplyDelete
  5. Thank you and I would recommend your post to my friends ..

    ReplyDelete
  6. Hi all

    > tail -f /var/log/sendEmail

    Oct 21 12:33:57 localhost sendEmail[17463]: NOTICE => Authentication not supported by the remote SMTP server!
    Oct 21 12:33:57 localhost sendEmail[17463]: ERROR => Received: 530 5.7.0 Must issue a STARTTLS command first. a10sm3904486paw.17


    i getting error;
    if this parameter is requiter then where put this(File name,command) -o tls=yes

    ReplyDelete
  7. Its not working for me.

    Error: Unexpected start of object definition in file '/usr/local/nagios/etc/objects/commands.cfg' on line 33. Make sure you close preceding objects before starting a new one.
    Error processing object config files!

    Can u PLEASE help me?

    ReplyDelete
  8. Hi, I am trying to configure it with gmail. But I am not getting anything in logfile. When I run this from command line

    #ll |sendEmail -f testuser@gmail.com -u TEST -m Test -s smtp.googlemail.com:465 -xu testuser@gmail.com -xp Testing$#@! -t myuser@rediffmail.com -o tls=yes

    I am getting this error.
    Apr 06 02:43:00 localhost sendEmail[29533]: ERROR => Timeout while reading from smtp.googlemail.com:465 There was no response after 60 seconds.

    When I use #telnet smtp.googlemail.com 465, it works. Please guide me what to do

    ReplyDelete
  9. Hi Daniele Cuocci

    Thanks for a great blog :)

    sendEmail stopped working after a reboot, how do I get it up and running again? I can't see sendEmail service in server --status-all :( Hope you can help

    ReplyDelete
  10. Nice post with great details. I really appreciate your work Thanks for sharing.

    desktop notification software

    ReplyDelete
  11. This comment has been removed by the author.

    ReplyDelete
  12. Hi Erjol,

    I had some problems with the Centreon/Nagios too. But I sorted it out.

    Im not sure if its too late. But if u still have the issue, could you post ur error message ?

    ReplyDelete
  13. Hi, Please help... I've setup an instance of Fully Automated Nagios (FAN) and followed your guide. I can send an email from the CLI using sendEmail but Nagios isn't able to send any notifications. I have setup the configurations using the Centrion web interface. It's as if Nagios is not executing what it needs to when an alarm is triggered because I'm getting no sendEmail log activity. I need to troubleshoot further but don't know where to start. I'm hoping someone else encountered the issue with FAN... Can anyone point me in the right direction?

    ReplyDelete
  14. thank you. still working....;-)

    ReplyDelete
  15. Benefits of an SMTP server
    http://smtpimap.email/

    ReplyDelete
  16. Benefits of an SMTP server
    http://imapsmtp.email/

    ReplyDelete
  17. try fullyautomatednagios , its ready to install ISO. You can download fan nagios from http://www.dlightdaily.com and installation guide is also there.

    ReplyDelete
  18. Very interesting blog post.Quite informative and very helpful.This indeed is one of the recommended blog for learners.Thank you for providing such nice piece of article. I'm glad to leave a comment. Expect more articles in future. You too can check this DevOps tutorial for updated knowledge on DevOps.https://www.youtube.com/watch?v=4AJoRkjm998

    ReplyDelete
  19. Hi Daniele,
    I am facing problem to copy paste command in command.cfg, Should i replace \n by new Line?

    ReplyDelete
  20. hi, i got error
    ERROR => Can't use improperly formatted email address:

    ReplyDelete
  21. As used by countless online gamers worldwide, a lot of people have no concept what an activity server is best ark survival server hosting

    ReplyDelete
  22. Thank you for your post. This is excellent information. It is amazing and wonderful to visit your site. SMTP Server for Bulk Mailing

    ReplyDelete
  23. Hello Daniel, it's an amazing post about SMTP. It provide information about SMTP server .your blog provide knowledgeable post. SMTP plans must visit https://www.buckethost.com/smtp.html from buckethost .

    ReplyDelete
  24. wizardcyprushacker@gmail.com or whatsApp: +1 (424) 209-7204, is a professional hacking team, We are professional ,we get your work done in less than 24 hours. We provide the following services and more;
    * HACK INTO WHATSAPP, FACEBOOK, EMAIL BOX, INSTAGRAM, TEXT MESSAGES ETC.
    * RECOVER YOUR MONEY FROM ANY KIND OF SCAMMERS.
    * FREE BITCOIN LOADING AND PAYPAL LOADING, WE SHARE ON %.
    * MOBILE PHONE MONITOR/HACK.
    * HACK AND CHANGE UNIVERSITY GRADES
    * HACK INTO ANY BANK WEBSITE AND DO MONEY TRANSFER.
    * HACK INTO ANY COMPANY WEBSITE.
    * HACK INTO ANY GOVERNMENT AGENCY WEBSITE.
    * HACK INTO ANY DATABASE SYSTEM AND GRANT YOU ADMIN PRIVILEGES.
    * HACK PAYPAL ACCOUNT.
    * HACK WORDPRESS BLOGS.
    * SERVER CRASHED HACK.
    * Untraceable IP and so much more....
    * We can restore LOST FILES AND DOCUMENTS , no matter how long they have been missing.
    NOTE:
    If you refer a client to us as a result of the previous job done for you, you will stand a chance of getting any job of your choice hacked for you free of charge.
    We can also teach you how to do the following with our ebook and online tutorials
    * Hack and use Credit Card to shop online.
    * Monitor any phone and email address.
    * Hack Android & iPhones.
    * Tap into anybody’s call and monitor their conversation.
    * Email and Text message interception.

    For more information contact us at wizardcyprushacker@gmail.com  or whatsApp:+1 (424) 209-7204

    ReplyDelete
  25. Your blog was really good and I gain good knowledge from your post. Good work!
    Divorce in Virginia with Child
    Divorce Attorney in Fairfax

    ReplyDelete
  26. Realtor Websites With Idx are real estate websites which include property listings, real estate blogs, and other real estate-related resources. The websites provide a wide variety of resources for agents and homebuyers.
    Dpi Web
    Realtor Websites With Idx
    idx website for realtors

    ReplyDelete