Hi All! In our organization we use Zabbix as a monitoring solution for our servers and network hardware. So, I wrote a small addon to the SystemMonitoring module, which adds Zabbix acknowledgement functions to this module.
Work sequence in general:
1. OTRS receives e-mail with text like "Event: 1234567".
2. PostMaster filter SystemMonitoring gets EventID by regexp and writes
it into TicketFreeText field.
3. Ticket Event stack calls ZabbixAcknowledge module.
4. ZabbixAcknowledge module fetches EventID from the ticket and sends
JSON request to Zabbix.
The attachments contain changed files. What was added:
1. In Kernel/System/PostMaster/Filter/SystemMonitoring.pm: additional
TicketFreeField (#3 by default) for storing Zabbix EventID.
2. Added Kernel/System/Ticket/Event/ZabbixAcknowledge.pm - filter
module, which sends acknowledgement to Zabbix server when TicketFreeText
with key='Event' and value=ZabbixEventID is added to the ticket.
3. In Kernel/Config/Files/SystemMonitoring.xml: options for the
ZabbixAcknowledge module.
Options description:
1. PostMaster::PreFilterModule###1-SystemMonitoring
Added fields:
- FreeTextEvent - FreeText number for EventID
- EventRegExp - RegExp to find EventID in the mail.
2. Ticket::EventModulePost###930-NagiosAcknowledge
Adds NagiosAcknowledge module to the EventModule stack for the Ticket.
3. Ticket::EventModulePost###931-ZabbixAcknowledge
Adds ZabbixAcknowledge module to the EventModule stack for the Ticket.
4. Zabbix::Acknowledge::Enable - self-explainory :)
5. Zabbix::Acknowledge::FreeField::Event - TicketFreeField for EventID.
6. Zabbix::Acknowledge::HTTP::URL, Zabbix::Acknowledge::HTTP::User,
Zabbix::Acknowledge::HTTP::Password - Zabbix JSON API URL, user name and
password.
7. Zabbix::Acknowledge::Message - message to post in Zabbix when
acknowledging. See NagiosAcknowledge, format is the same.
Zabbix configuration:
1. Add group with API access rights and GUI access set to "Internal".
2. Grant permissions to all the objects, events from which you want to
acknowledge.
3. Create a user and add it to the group. Set user's e-mail to one of
the OTRS mail addresses.
4. Configure Zabbix::Acknowledge::HTTP::User,
Zabbix::Acknowledge::HTTP::Password corresponding to this users parameters.
5. In Zabbix in Configuration -> Actions add new action to send mail
event reports to the user you created with text like:
Trigger: {TRIGGER.NAME}
Host: {HOSTNAME}
Service: {TRIGGER.KEY}
Severity: {TRIGGER.NSEVERITY} ({TRIGGER.SEVERITY})
State: {TRIGGER.STATUS}
Event: {EVENT.ID}
Last value: {ITEM.LASTVALUE}
URL:
http://zabbix.example.com/zabbix/tr_events.php?triggerid={TRIGGER.ID}&eventid={EVENT.ID}
6. Set "Restore message" with the same text.
7/ Save config and enjoy :)
SystemMonitoring.pm
Description: Perl program
<?xml version="1.0" encoding="iso-8859-1" ?>
<otrs_config version="1.0" init="Application">
<CVS>$Id: SystemMonitoring.xml,v 1.18 2010/11/12 12:40:38 mb Exp $</CVS>
<ConfigItem Name="PostMaster::PreFilterModule###1-SystemMonitoring" Required="0" Valid="1">
<Description Translatable="1">Basic mail interface to System Monitoring Suites. Use this block if the filter should run AFTER PostMasterFilter.</Description>
<Group>SystemMonitoring</Group>
<SubGroup>Core::PostMaster</SubGroup>
<Setting>
<Hash>
<Item Key="Module">Kernel::System::PostMaster::Filter::SystemMonitoring</Item>
<Item Key="FromAddressRegExp">nag...@example.com</Item>
<Item Key="StateRegExp">\s*State:\s+(\S+)</Item>
<Item Key="HostRegExp">\s*Host:\s+(.*)\s*</Item>
<Item Key="ServiceRegExp">\s*Service:\s+(.*)\s*</Item>
<Item Key="NewTicketRegExp">CRITICAL|DOWN</Item>
<Item Key="CloseTicketRegExp">OK|UP</Item>
<Item Key="CloseActionState">closed successful</Item>
<Item Key="ClosePendingTime">172800</Item>
<Item Key="DefaultService">Host</Item>
<Item Key="FreeTextHost">1</Item>
<Item Key="FreeTextService">2</Item>
<Item Key="SenderType">system</Item>
<Item Key="ArticleType">note-report</Item>
<Item Key="FreeTextState">1</Item>
<Item Key="FreeTextEvent">3</Item>
<Item Key="EventRegExp">\s*Event:\s+(\d+)\s*</Item>
</Hash>
</Setting>
</ConfigItem>
<ConfigItem Name="Ticket::EventModulePost###930-NagiosAcknowledge" Required="0" Valid="0">
<Description Translatable="1">Load Nagios acknowledge module</Description>
<Group>SystemMonitoring</Group>
<SubGroup>Core::Ticket</SubGroup>
<Setting>
<Hash>
<Item Key="Module">Kernel::System::Ticket::Event::NagiosAcknowledge</Item>
<Item Key="Event">TicketFreeTextUpdate</Item>
</Hash>
</Setting>
</ConfigItem>
<ConfigItem Name="Ticket::EventModulePost###931-ZabbixAcknowledge" Required="0" Valid="0">
<Description Translatable="1">Load Zabbix acknowledge</Description>
<Group>SystemMonitoring</Group>
<SubGroup>Core::Ticket</SubGroup>
<Setting>
<Hash>
<Item Key="Module">Kernel::System::Ticket::Event::ZabbixAcknowledge</Item>
<Item Key="Event">TicketFreeTextUpdate</Item>
</Hash>
</Setting>
</ConfigItem>
<ConfigItem Name="PostMaster::PreFilterModule###00-SystemMonitoring" Required="0" Valid="0">
<Description Translatable="1">Basic mail interface to System Monitoring Suites. Use this block if the filter should run BEFORE PostMasterFilter.</Description>
<Group>SystemMonitoring</Group>
<SubGroup>Core::PostMaster</SubGroup>
<Setting>
<Hash>
<Item Key="Module">Kernel::System::PostMaster::Filter::SystemMonitoring</Item>
<Item Key="FromAddressRegExp">nag...@example.com</Item>
<Item Key="StateRegExp">\s*State:\s+(\S+)</Item>
<Item Key="HostRegExp">\s*Host:\s+(.*)\s*</Item>
<Item Key="ServiceRegExp">\s*Service:\s+(.*)\s*</Item>
<Item Key="NewTicketRegExp">CRITICAL|DOWN</Item>
<Item Key="CloseTicketRegExp">OK|UP</Item>
<Item Key="CloseActionState">closed successful</Item>
<Item Key="ClosePendingTime">172800</Item>
<Item Key="DefaultService">Host</Item>
<Item Key="FreeTextHost">1</Item>
<Item Key="FreeTextService">2</Item>
<Item Key="SenderType">system</Item>
<Item Key="ArticleType">note-report</Item>
<Item Key="FreeTextState">1</Item>
<Item Key="FreeTextEvent">3</Item>
<Item Key="EventRegExp">\s*Event:\s+(\d+)\s*</Item>
</Hash>
</Setting>
</ConfigItem>
<ConfigItem Name="SystemMonitoring::SetIncidentState" Required="0" Valid="1">
<Description Translatable="1">Set the incident state of a CI automatically when a system monitoring email arrives.</Description>
<Group>SystemMonitoring</Group>
<SubGroup>Core::ConfigItem</SubGroup>
<Setting>
<Option SelectedID="0">
<Item Key="0">No</Item>
<Item Key="1">Yes</Item>
</Option>
</Setting>
</ConfigItem>
<ConfigItem Name="SystemMonitoring::LinkTicketWithCI" Required="0" Valid="1">
<Description Translatable="1">Link an already opened incident ticket with the affected CI. This is only possible when a subsequent system monitoring email arrives.</Description>
<Group>SystemMonitoring</Group>
<SubGroup>Core::ConfigItem</SubGroup>
<Setting>
<Option SelectedID="0">
<Item Key="0">No</Item>
<Item Key="1">Yes</Item>
</Option>
</Setting>
</ConfigItem>
<ConfigItem Name="Nagios::Acknowledge::FreeField::Host" Required="1" Valid="1">
<Description Translatable="1">Name of TicketFreeField for Host.</Description>
<Group>SystemMonitoring</Group>
<SubGroup>Nagios::Acknowledge</SubGroup>
<Setting>
<String Regex="">TicketFreeText1</String>
</Setting>
</ConfigItem>
<ConfigItem Name="Nagios::Acknowledge::FreeField::Service" Required="1" Valid="1">
<Description Translatable="1">Name of TicketFreeField for Service.</Description>
<Group>SystemMonitoring</Group>
<SubGroup>Nagios::Acknowledge</SubGroup>
<Setting>
<String Regex="">TicketFreeText2</String>
</Setting>
</ConfigItem>
<ConfigItem Name="Nagios::Acknowledge::Type" Required="0" Valid="1">
<Description Translatable="1">Define Nagios acknowledge type.</Description>
<Group>SystemMonitoring</Group>
<SubGroup>Nagios::Acknowledge</SubGroup>
<Setting>
<Option SelectedID="">
<Item Key="">-</Item>
<Item Key="pipe">pipe</Item>
<Item Key="http">http</Item>
</Option>
</Setting>
</ConfigItem>
<ConfigItem Name="Nagios::Acknowledge::NamedPipe::CMD" Required="0" Valid="1">
<Description Translatable="1">Named pipe acknowledge command.</Description>
<Group>SystemMonitoring</Group>
<SubGroup>Nagios::Acknowledge</SubGroup>
<Setting>
<String Regex="">echo '<OUTPUTSTRING>' > /usr/local/nagios/var/rw/nagios.cmd</String>
</Setting>
</ConfigItem>
<ConfigItem Name="Nagios::Acknowledge::NamedPipe::Host" Required="0" Valid="1">
<Description Translatable="1">Named pipe acknowledge format for host.</Description>
<Group>SystemMonitoring</Group>
<SubGroup>Nagios::Acknowledge</SubGroup>
<Setting>
<String Regex="">[<UNIXTIME>] ACKNOWLEDGE_HOST_PROBLEM;<HOST_NAME>;1;1;1;<LOGIN>;<a href="<CONFIG_HttpType>://<CONFIG_FQDN>/<CONFIG_ScriptAlias>index.pl?Action=AgentTicketZoom&TicketID=<TicketID>"><CONFIG_Ticket::Hook><TicketNumber></a></String>
</Setting>
</ConfigItem>
<ConfigItem Name="Nagios::Acknowledge::NamedPipe::Service" Required="0" Valid="1">
<Description Translatable="1">Named pipe acknowledge format for service.</Description>
<Group>SystemMonitoring</Group>
<SubGroup>Nagios::Acknowledge</SubGroup>
<Setting>
<String Regex="">[<UNIXTIME>] ACKNOWLEDGE_SVC_PROBLEM;<HOST_NAME>;<SERVICE_NAME>;1;1;1;<LOGIN>;<a href="<CONFIG_HttpType>://<CONFIG_FQDN>/<CONFIG_ScriptAlias>index.pl?Action=AgentTicketZoom&TicketID=<TicketID>"><CONFIG_Ticket::Hook><TicketNumber></a></String>
</Setting>
</ConfigItem>
<ConfigItem Name="Ticket::EventModulePost###9-NagiosAcknowledge" Required="1" Valid="1">
<Description Translatable="1">Ticket event module to send an acknowlage to Nagios.</Description>
<Group>SystemMonitoring</Group>
<SubGroup>Nagios::Acknowledge</SubGroup>
<Setting>
<Hash>
<Item Key="Module">Kernel::System::Ticket::Event::NagiosAcknowledge</Item>
<Item Key="Event">TicketLockUpdate</Item>
</Hash>
</Setting>
</ConfigItem>
<ConfigItem Name="Nagios::Acknowledge::HTTP::URL" Required="0" Valid="1">
<Description Translatable="1">The http acknowledge url.</Description>
<Group>SystemMonitoring</Group>
<SubGroup>Nagios::Acknowledge</SubGroup>
<Setting>
<String Regex="">http://nagios.example.com/nagios/cgi-bin/cmd.cgi?cmd_typ=<CMD_TYP>&cmd_mod=2&host=<HOST_NAME>&service=<SERVICE_NAME>&sticky_ack=on&send_notification=on&persistent=on&com_data=<TicketNumber>&btnSubmit=Commit</String>
</Setting>
</ConfigItem>
<ConfigItem Name="Nagios::Acknowledge::HTTP::User" Required="0" Valid="1">
<Description Translatable="1">The http acknowledge user.</Description>
<Group>SystemMonitoring</Group>
<SubGroup>Nagios::Acknowledge</SubGroup>
<Setting>
<String Regex="">John</String>
</Setting>
</ConfigItem>
<ConfigItem Name="Nagios::Acknowledge::HTTP::Password" Required="0" Valid="1">
<Description Translatable="1">The http acknowledge password.</Description>
<Group>SystemMonitoring</Group>
<SubGroup>Nagios::Acknowledge</SubGroup>
<Setting>
<String Regex="">some_pass</String>
</Setting>
</ConfigItem>
<ConfigItem Name="Zabbix::Acknowledge::Enable" Required="1" Valid="1">
<Description Translatable="1">Enable Zabbix events acknowledgement on ticket creation</Description>
<Group>SystemMonitoring</Group>
<SubGroup>Zabbix::Acknowledge</SubGroup>
<Setting>
<Option SelectedID="0">
<Item Key="0">No</Item>
<Item Key="1">Yes</Item>
</Option>
</Setting>
</ConfigItem>
<ConfigItem Name="Zabbix::Acknowledge::FreeField::Event" Required="1" Valid="1">
<Description Translatable="1">Name of TicketFreeField for Event.</Description>
<Group>SystemMonitoring</Group>
<SubGroup>Zabbix::Acknowledge</SubGroup>
<Setting>
<String Regex="">TicketFreeText3</String>
</Setting>
</ConfigItem>
<ConfigItem Name="Zabbix::Acknowledge::HTTP::URL" Required="1" Valid="1">
<Description Translatable="1">The http acknowledge url.</Description>
<Group>SystemMonitoring</Group>
<SubGroup>Zabbix::Acknowledge</SubGroup>
<Setting>
<String Regex="">http://zabbix.example.com/zabbix/api_jsonrpc.php</String>
</Setting>
</ConfigItem>
<ConfigItem Name="Zabbix::Acknowledge::HTTP::User" Required="1" Valid="1">
<Description Translatable="1">The http acknowledge user.</Description>
<Group>SystemMonitoring</Group>
<SubGroup>Zabbix::Acknowledge</SubGroup>
<Setting>
<String Regex="">John</String>
</Setting>
</ConfigItem>
<ConfigItem Name="Zabbix::Acknowledge::HTTP::Password" Required="1" Valid="1">
<Description Translatable="1">The http acknowledge password.</Description>
<Group>SystemMonitoring</Group>
<SubGroup>Zabbix::Acknowledge</SubGroup>
<Setting>
<String Regex="">some_pass</String>
</Setting>
</ConfigItem>
<ConfigItem Name="Zabbix::Acknowledge::Message" Required="1" Valid="1">
<Description Translatable="1">Named pipe acknowledge format for service.</Description>
<Group>SystemMonitoring</Group>
<SubGroup>Zabbix::Acknowledge</SubGroup>
<Setting>
<String Regex="">OTRS Ticket: <a href="<CONFIG_HttpType>://<CONFIG_FQDN>/<CONFIG_ScriptAlias>index.pl?Action=AgentTicketZoom&TicketID=<TicketID>"><CONFIG_Ticket::Hook><TicketNumber></a></String>
</Setting>
</ConfigItem>
</otrs_config>
ZabbixAcknowledge.pm
Description: Perl program
_______________________________________________ OTRS mailing list: dev - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/dev To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/dev
