Re: [Nagios-users] Nagios Change Config via email
If you implement some sort of email signing (like GPG) you can have enough security with email commands. Moreover, via email you can send commands to nagios even if its interface is firewalled to the outside. On Thu, Sep 23, 2010 at 2:38 PM, Breandan Dezendorf wrote: > On Thu, Sep 23, 2010 at 5:38 AM, Ron Wilson wrote: >> I would like to be able to disable nagios notifications by using email. >> >> Situation is we are investing in automating patching of our servers. The >> patching software can send an email out at the beginning of each server >> patch and another at the end of patch >> >> I want Nagios to be able to receive the email which would have something >> like servername and stop en email subject line. >> >> If I set up an inwards mail client on the nagios server which would receive >> the email and drop it into a directory where Nagios would scan it and >> disable alerting for the server. At the end of patching the patch server >> will issue another email saying servername start and Nagios would receive >> email and re-enable alerting >> >> Anyone got any good ideas how to avhieve this? > > Rather than email, it might be a good idea to host a CGI which is > locked down to monitored hosts, and let servers call the CGI as needed > to disable notifications/monitoring for themselves (only) when needed. > I think this would be *slightly* harder to spoof than an email. > (Email is really bad that way). > > For any automated disabling of notifications, the other thing to keep > in mind is: what happens if a server fails in the middle of patching? > Will it sit for hours, waiting? Depending on your setup, you could > setup a cron job to look for a comment associated with the > server/service, that contains a timestamp. If the timestamp is longer > than [x] [time] ago, go ahead and turn notifications/alerting back on, > so administrators are notified that something went wrong. > > We are doing much of the above with our production systems, and it > works well, especially for the Windows hosts that patch at least once > a month. Server can call a CGI, and if the server is in the database > (DNS and IP resolve exactly to the name in the DB), it can disable > notifications for itself. After 45 minutes, if a host is still in > this maintenance state, alerts are enabled again, and we get woken up > as the server needs handholding while we still have a patch window to > do the work in. > > -- > Breandan Dezendorf > brean...@dezendorf.com > bwdez...@gmail.com > > -- > Start uncovering the many advantages of virtual appliances > and start using them to simplify application deployment and > accelerate your shift to cloud computing. > http://p.sf.net/sfu/novell-sfdev2dev > ___ > Nagios-users mailing list > Nagios-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when reporting > any issue. > ::: Messages without supporting info will risk being sent to /dev/null > -- Diego Roccia diego.roccia (at) gmail (dot) com -- Nokia and AT&T present the 2010 Calling All Innovators-North America contest Create new apps & games for the Nokia N8 for consumers in U.S. and Canada $10 million total in prizes - $4M cash, 500 devices, nearly $6M in marketing Develop with Nokia Qt SDK, Web Runtime, or Java and Publish to Ovi Store http://p.sf.net/sfu/nokia-dev2dev ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] Nagios Change Config via email
On Thu, Sep 23, 2010 at 5:38 AM, Ron Wilson wrote: > I would like to be able to disable nagios notifications by using email. > > Situation is we are investing in automating patching of our servers. The > patching software can send an email out at the beginning of each server > patch and another at the end of patch > > I want Nagios to be able to receive the email which would have something > like servername and stop en email subject line. > > If I set up an inwards mail client on the nagios server which would receive > the email and drop it into a directory where Nagios would scan it and > disable alerting for the server. At the end of patching the patch server > will issue another email saying servername start and Nagios would receive > email and re-enable alerting > > Anyone got any good ideas how to avhieve this? Rather than email, it might be a good idea to host a CGI which is locked down to monitored hosts, and let servers call the CGI as needed to disable notifications/monitoring for themselves (only) when needed. I think this would be *slightly* harder to spoof than an email. (Email is really bad that way). For any automated disabling of notifications, the other thing to keep in mind is: what happens if a server fails in the middle of patching? Will it sit for hours, waiting? Depending on your setup, you could setup a cron job to look for a comment associated with the server/service, that contains a timestamp. If the timestamp is longer than [x] [time] ago, go ahead and turn notifications/alerting back on, so administrators are notified that something went wrong. We are doing much of the above with our production systems, and it works well, especially for the Windows hosts that patch at least once a month. Server can call a CGI, and if the server is in the database (DNS and IP resolve exactly to the name in the DB), it can disable notifications for itself. After 45 minutes, if a host is still in this maintenance state, alerts are enabled again, and we get woken up as the server needs handholding while we still have a patch window to do the work in. -- Breandan Dezendorf brean...@dezendorf.com bwdez...@gmail.com -- Start uncovering the many advantages of virtual appliances and start using them to simplify application deployment and accelerate your shift to cloud computing. http://p.sf.net/sfu/novell-sfdev2dev ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
Re: [Nagios-users] Nagios Change Config via email
Using procmail you can pipe emails trough scripts, so you're able to create a script that parse the email subject/body and commit external commands to nagios regards Diego On Thu, Sep 23, 2010 at 5:38 AM, Ron Wilson wrote: > I would like to be able to disable nagios notifications by using email. > > Situation is we are investing in automating patching of our servers. The > patching software can send an email out at the beginning of each server > patch and another at the end of patch > > I want Nagios to be able to receive the email which would have something > like servername and stop en email subject line. > > If I set up an inwards mail client on the nagios server which would receive > the email and drop it into a directory where Nagios would scan it and > disable alerting for the server. At the end of patching the patch server > will issue another email saying servername start and Nagios would receive > email and re-enable alerting > > Anyone got any good ideas how to avhieve this? > > > > > > -- > > Ron Wilson > > Systems Engineer > > Television New Zealand > > P.O. Box 3819 > > Auckland, New Zealand > > Phone 649-916-7560 > > If you find yourself in a hole, the first thing to do is stop diggin'. > > > == > For more information on the Television New Zealand Group, visit us > online at tvnz.co.nz > == > CAUTION: This e-mail and any attachment(s) contain information that > is intended to be read only by the named recipient(s). This information > is not to be used or stored by any other person and/or organisation. > -- > Start uncovering the many advantages of virtual appliances > and start using them to simplify application deployment and > accelerate your shift to cloud computing. > http://p.sf.net/sfu/novell-sfdev2dev > ___ > Nagios-users mailing list > Nagios-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/nagios-users > ::: Please include Nagios version, plugin version (-v) and OS when reporting > any issue. > ::: Messages without supporting info will risk being sent to /dev/null > -- Diego Roccia diego.roccia (at) gmail (dot) com -- Start uncovering the many advantages of virtual appliances and start using them to simplify application deployment and accelerate your shift to cloud computing. http://p.sf.net/sfu/novell-sfdev2dev ___ Nagios-users mailing list Nagios-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nagios-users ::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. ::: Messages without supporting info will risk being sent to /dev/null
