I'm trying to configure icinga2 notification. I restart icinga2 and no error occurs. But my notification command does not execute. I defined user, template and applied notification to host, notification command for notification (as below) and turned on notification feature, i don't know why my script did not run. Anyone in forum used to configure icinga2 notification can give me full steps to configure icinga notification.
Notification Command
object NotificationCommand "test-notification" {
import "plugin-notification-command"
command = [ "/etc/icinga2/scripts/test.sh" ]}
Notification template
template Notification "generic-notification" {
command = "test-notification"
period = "test-24x7"
user_groups = [ "icinga" ]}
User
object User "icinga" {
import "generic-user"
display_name = "Icinga 2 Admin"
enable_notifications = true
email = "icinga#localhost"}
Notification
apply Notification "test-notification" to Host {
import "generic-notification"
users = [ "icinga" ]
assign where host.display_name}
You should try to verify that the execution is not working if not happen yet. Is it executable (chmod +x test.sh)?:
In your test.sh you could do something like
echo "script executed" >> /tmp/doesmyscriptrun.txt
Have a look to your file:
cat /tmp/doesmyscriptrun.txt
Related
I am trying to create an alert notification on ambari choosing alert script as method. Here are the steps I have followed:
Create an alert target using Create Alert Notification screen
{
"AlertTarget":
{
"name": "test_dispatcher",
"description": "Custom Notification Dispatcher",
"notification_type": "ALERT_SCRIPT",
"global": true,
"alert_states": ["CRITICAL","WARNING","UNKNOWN","OK"],
"properties": {
"ambari.dispatch-property.script": "notification.dispatch.alert.script",
"ambari.dispatch-property.script.filename" : "customdispatcher.py"
}
}
}
Create customdispatcher.py in /var/lib/ambari-server/resources/scripts/
## Writing notification to a file. Use your own logic here.
file = open("/var/log/ambari-server/custom_notification.log", "a+")
file.write("New notifiation")
file.close()
if __name__ == '__main__':
handle_alert()
Change file permissions.
chmod 777 /var/lib/ambari-server/resources/scripts/customdispatcher.py
chmod +x /var/lib/ambari-server/resources/scripts/customdispatcher.py
Add following line to ambari properties file
notification.dispatch.alert.script=/var/lib/ambari-server/resources/scripts/customdispatcher.py
Restart ambari
After these steps, I stop some services to trigger an alarm but get a warning in /var/log/ambari-server/ambari-server.log file and nothing is logged to custom_notification.log file.
2022-06-23 09:38:53,144 WARN [script-dispatcher-1] AlertScriptDispatcher$AlertScriptRunnable:363 - Unable to dispatch ALERT_SCRIPT notification because /var/lib/ambari-server/resources/scripts/customdispatcher.py terminated with exit code 2
Any ideas on how to fix this?
I am trying to create a Vault user in Terraform but can't seem to find the appropriate command to do so. I've searched the Terraform Registry and also performed some online searches but all to no avail.
All I'm looking to do is create a user, using the corresponding Terraform command to the Vault CLI command below:
vault write auth/userpass/users/bob password="passworld123" policies="default"
Any suggestions?
#hitman126 I guess you can take use of 'vault' provider module and 'vault_auth_backend' resource block. I guess your code should look like something similar to below
terraform {
required_providers {
vault = {
source = "hashicorp/vault"
version = "3.5.0"
}
}
}
provider "vault" {
}
resource "vault_auth_backend" "example" {
type = "userpass"
}
resource "vault_generic_secret" "developer_sample_data" {
path = "secret/foo"
data_json = <<EOT
{
"username": "bob",
"password": "passworld123"
}
EOT
}
In above code block, path is one full logic path where we write given data.To write data into the "generic" secret backend mounted in Vault by default, this should be prefixed with 'secret/'.
This might not be a full-fledged solution, but you can try something like this
Solution-2 :
If you have installed vault in machine and you would like to achieve above use case using vault command alone(if you don't want to use terraform-vault provider), then you can try something below
create one small sh script with above vault command. (valut-write.sh)
touch vault-write.sh
let content of script can be similar to below
#!/bin/sh
vault write auth/userpass/users/bob password="passworld123" policies="default"
chmod +x vault-write.sh
Create a .tf file with null resource, local-exec provisioner and invoke this sh script.
touch vault.tf
contents of vault.tf file can be similar to below
terraform {
required_version = "~> 1.1.1"
}
resource "null_resource" "vault_write" {
provisioner "local-exec" {
command = "/bin/sh vault-write.sh"
}
}
I am trying to download the content of a password-protected Gerrit URL in a Jenkins pipeline Groovy script. HTTPBuilder is not accessible so I am using the URL class with Authenticator:
// To avoid pipline bailing out since data PasswordAuthentication is non-serializable
#NonCPS
def getToString(data) {
data.toString()
}
def fetchCommit(host, project, version) {
withCredentials([usernamePassword(credentialsId: 'my-credentials',
usernameVariable: 'user',
passwordVariable: 'PASSWORD')]) {
proj = java.net.URLEncoder.encode(project, 'UTF-8')
echo "Setting default authentication"
Authenticator.default = {
new PasswordAuthentication(env.user, env.PASSWORD as char[])
} as Authenticator
echo "https://${host}/a/projects/${proj}/commits/${version}"
url = "https://${host}/a/projects/${proj}/commits/${version}".toURL()
result = getToString(url.getText())
echo "${result}"
}
}
The result is a PasswordAuthentication instance, and not the expected data:
[Pipeline] echo
java.net.PasswordAuthentication#3938b0f1
I have been wrestling with this for a while. I have tried different ways to setup the authentication and reading the data, but those mostly end up with an exception. Using eachLine() on the url does not enter the closure at all. The job also exits far to quickly, giving the impression it not even tries to make a connection.
Refs:
https://kousenit.org/2012/06/07/password-authentication-using-groovy/
I would like to share with you a way to send notifications from icinga2 to cachet via the API.
Icinga2 version : 2.4.10-1
Cachet version : 2.3.9
First of all, you have to know which component ID you want to use (in my case, because you can update component by name)
To get the component ID, you can use the curl command :
curl --insecure --request GET --url https://URL/api/v1/components -H "X-Cachet-Token: TOKEN"
URL : The URL of your cachet installation
TOKEN : The Token of the member in Cachet
Create command in /etc/icinga2/conf.d/commands.conf
object NotificationCommand "cachet-incident-notification-v2" {
import "plugin-notification-command"
command = [ PluginDir + "/cachet-notification-v2.sh" ]
env = {
"SERVICESTATE" = "$service.state$"
}
}
Create notification template in /etc/icinga2/conf.d/templates.conf
template Notification "cachet-incident-notification-v2" {
command = "cachet-incident-notification-v2"
states = [ OK, Warning, Critical, Unknown ]
types = [ Problem, Acknowledgement, Recovery, Custom,
FlappingStart, FlappingEnd,
DowntimeStart, DowntimeEnd, DowntimeRemoved ]
/*
period = "24x7"
*/
interval = 0
}
Create notification in /etc/icinga2/conf.d/notifications.conf
apply Notification "cachet-incident-notification-v2" to Service {
import "cachet-incident-notification-v2"
user_groups = host.vars.notification.pager.groups
assign where service.vars.cachetv2 == "1" && host.vars.cachetv2 == "1"
interval = 0 # Disable Re-notification
}
Add variable in your check service in /etc/icinga2/conf.d/service/your/service.conf
[...]
vars.cachetv2 = "1"
[...]
Add variable in your host config file in /etc/icinga2/conf.d/hosts/your/host
[...]
vars.cachetv2 = "1"
[...]
Create the script in /usr/lib/nagios/plugins/cachet-notification-v2.sh
#!/bin/bash
# Some Constants
NOW="$(date +'%d/%m/%Y')"
CACHETAPI_URL="https://URL/api/v1/components/<ID DU COMPOSANT>"
CACHETAPI_TOKEN="TOKEN><"
# Map Notification states for icinga2
# OK - 1 operational
# Warning - 3 Partial outage
# Critical - 4 Major outage
# Unknown - 2 Performance issues
case "$SERVICESTATE" in
'OK')
COMPONENT_STATUS=1
;;
'WARNING')
COMPONENT_STATUS=3
;;
'CRITICAL')
COMPONENT_STATUS=4
;;
'UNKNOWN')
COMPONENT_STATUS=2
;;
esac
curl -X PUT -H "Content-Type: application/json;" -H "X-Cachet-Token: ${CACHETAPI_TOKEN}" -d '{"status": "'"${COMPONENT_STATUS}"'"}' ${CACHETAPI_URL} -k
PS : Give the execution permission to the script
Check the syntax and reload
/etc/init.d/icinga2 checkconfig && /etc/init.d/icinga2 reload
The result :
When your check results in "CRITICAL", the status in Cachet will be MAJOR ISSUE
When your check results in "WARNING", the status in Cachet will be PARTIAL ISSUE
When your check results in "OK", the status in Cachet will be OPERATIONAL
When your check results in "UNKNOWN", the status in Cachet will be PERFORMANCE DELAY
I hope it will help.
Nicolas B.
I have created custom telegram notification very similar to email notifications. The problem is that it works for hosts and most of the services but not for all of them.
I do not post the *.sh files in scripts folder as it works!
In constants.conf I have added the bot token:
const TelegramBotToken = "MyTelegramToken"
I wanted to manage telegram channels or chat ids in users file, so I have users/user-my-username.conf as below:
object User "my-username" {
import "generic-user"
display_name = "My Username"
groups = ["faxadmins"]
email = "my-username#domain.com"
vars.telegram_chat_id = "#my_channel"
}
In templates/templates.conf I have added the below code:
template Host "generic-host-domain" {
import "generic-host"
vars.notification.mail.groups = ["domainadmins"]
vars.notification["telegram"] = {
users = [ "my-username" ]
}
}
template Service "generic-service-fax" {
import "generic-service"
vars.notification["telegram"] = {
users = [ "my-username" ]
}
}
And in notifications I have:
template Notification "telegram-host-notification" {
command = "telegram-host-notification"
period = "24x7"
}
template Notification "telegram-service-notification" {
command = "telegram-service-notification"
period = "24x7"
}
apply Notification "telegram-notification" to Host {
import "telegram-host-notification"
user_groups = host.vars.notification.telegram.groups
users = host.vars.notification.telegram.users
assign where host.vars.notification.telegram
}
apply Notification "telegram-notification" to Service {
import "telegram-service-notification"
user_groups = host.vars.notification.telegram.groups
users = host.vars.notification.telegram.users
assign where host.vars.notification.telegram
}
This is all I have. As I have said before it works for some services and does not work for other services. I do not have any configuration in service or host files for telegram notification.
To test I use Icinga web2. Going to a specific service in a host and send custom notification. When I send a custom notification I check the log file to see if there is any error and it says completed:
[2017-01-01 11:48:38 +0000] information/Notification: Sending reminder 'Problem' notification 'host-***!serviceName!telegram-notification for user 'my-username'
[2017-01-01 11:48:38 +0000] information/Notification: Completed sending 'Problem' notification 'host-***!serviceName!telegram-notification' for checkable 'host-***!serviceName' and user 'my-username'.
I should note that email is sent as expected. There is just a problem in telegram notifications for 2 services out of 12.
Any idea what would be the culprit? What is the problem here? Does return of scripts (commands) affect this behaviour?
There is no Telegram config in any service whatsoever.
Some telegram commands may fail due to markdown parser.
I've encountered this problem:
If service name has one underscore ('_'), then parser will complain about not closed markdown tag and message will not be sent