Forum: CFEngine Help Subject: Re: CFengine and Nagios Integration for Security Monitoring! Author: bbomgardner Link to topic: https://cfengine.com/forum/read.php?3,23459,23522#msg-23522
Sadly its not as glamorous as I may have made it sound! What I should have said was: I still depend on Nagios for capacity data, event notifications, and availability reports, but I don't feel like I _need_ it as much as I did before implementing CFEngine. Most of the critical processes and tasks I used to tell Nagios to alert me about CFEngine just takes care of. It makes me less reactive overall and I don't need as many checks and event handlers as before. The best part is that I don't feel like I need to watch the Nagios display or my inbox like a hawk anymore... =) It would be interesting to see if CFEngine can do more of Nagios's job (like performance trending) but I think that is a feature of Nova. Regarding the CFEngine emails: Our Nagios server runs a postfix instance which was graciously allowed by our mail administrator to be a recipient on our network. This is allows us to do some awesome things like acknowledging problems, creating cases, or scheduling downtime by replying to emails. In addition, we use this email address for programs that can only alert us via email (like CFEngine). This .procmailrc rule identifies the message as coming from cf-execd. Instead of storing it in a mailbox it gets piped to a perl script with the hostname grabbed from the subject: :0w * ^From.*cfeng...@domain.com * ^Subject: community \[\/[^[]?[^.]* | /usr/local/nagios/libexec/eventhandlers/email_to_passive_check.pl $MATCH AP:CF3:Output 1 The script parses the message, takes the first 512 characters of the plain-text body and sends it along to the nagios command file with the hostname, service name, and status. Of course once the email is in the perl script you could easily flag various Nagios services depending on the content, allowing different admins to get notified about their own parts of the CFEngine policy. IMHO its a very good investment if you can get the permission to have your own mail server... _______________________________________________ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
