Configure Nagios Email Notification Using Gmail

0
251

Nagios can be configured to sent out alerts on the state of the host or host service being monitored via email. This guide will therefore take you through how to Configure Nagios Email Notification using Gmail.

The current state of a service or host being monitored is determined by the status of the service or host which can be OK, WARNING, UP, DOWN, etc. and the type of state the service or host which can hard or soft.

Read more about notification on Nagios notification.

Before you can proceed, install Nagios and add hosts to be monitored.

Install Nagios Server on CentOS 8

Add Hosts to Nagios Server For Monitoring

Configure Nagios Availability Monitoring

Configure Nagios Email Notification Using Gmail

Install Required Mail Packages

In this guide, we are going to use Postfix as out Mail Transfer Agent (MTA). Also, by default, Nagios Mail notification is sent using mail command. Hence, run the command below to install the required packages.

dnf install postfix cyrus-sasl-plain mailx

Configure Postfix to Use Gmail Relay

Enable STARTTLS encryption by changing the line smtp_tls_security_level = may to smtp_tls_security_level = encrypt.

sed -i 's/smtp_tls_security_level = may/smtp_tls_security_level = encrypt/' /etc/postfix/main.cf

If the smtp_tls_security_level option is not set, just insert it;

echo "smtp_tls_security_level = encrypt" >> /etc/postfix/main.cf

Define the path to CA certificates. The public root certificates are usually found under /etc/pki/tls/certs/ca-bundle.crt on RHEL derivatives and /etc/ssl/certs/ca-certificates.crt on Debian/Ubuntu systems.

echo "smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt" >> /etc/postfix/main.cf 

Next, insert the following lines to the Postfix configuration file to define the Gmail relay host and SASL options.

cat >> /etc/postfix/main.cf << EOF
relayhost = [smtp.gmail.com]:587
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_sasl_security_options = noanonymous
EOF

Configure SASL credentials for your gmail account.

vim /etc/postfix/sasl_passwd

Enter the following content, replacing the userid and password accordingly.

[smtp.gmail.com]:587 [email protected]:password

Generate Postfix lookup table from the /etc/postfix/sasl_passwd file.

postmap /etc/postfix/sasl_passwd

Change ownership and permission to of the /etc/postfix/sasl_passwd to root and read-write only respectively.

chown root:root /etc/postfix/sasl_passwd*
chmod 600 /etc/postfix/sasl_passwd*

Start and enable Postfix

systemctl enable postfix --now

Test the relay;

First allow less secure apps access to your gmail account.

After that, try to sent a test mail.

echo "Test Postfix Gmail Relay" | mail -s "Postfix Gmail Relay" [email protected]

You should be able to receive the mail on your inbox. You can also check the mail logs. The log filename may be different for your case.

tail -f /var/log/maillog
Oct 19 15:01:44 dev-server postfix/smtp[5109]: C7E8C3B5AD: to=[email protected], relay=smtp.gmail.com[74.125.200.109]:587, delay=18, delays=0.04/0.02/16/2.1, dsn=2.0.0, status=sent (250 2.0.0 OK  1571511704 h8sm11800598pfo.64 - gsmtp)
Oct 19 15:01:44 dev-server postfix/qmgr[4574]: C7E8C3B5AD: removed

Create Nagios Contact Object Definition

The first step in configuring is to create a Nagios contacts group that defines who should be notified on the state of a monitored service or host.

Nagios comes with a default contact group, contacts.cfg, located on the default objects definition configurations directory, /usr/local/nagios/etc/objects.

You can modify the default contacts definition configuration file or create your own.

Note that, if you are not using non-default Nagios object definitions directory, you need to configure Nagios to process object definitions in that directory.

For example in the above case, insert the line, cfg_dir=/usr/local/nagios/etc/objects/kifarunix-demo on the Object definitions file section of the /usr/local/nagios/etc/nagios.cfg.

In this guide, we create a custom contacts definition configuration under a custom directory, /usr/local/nagios/etc/objects/kifarunix-demo.

vim /usr/local/nagios/etc/objects/kifarunix-demo/contacts.cfg
define contact{
        name                            kifarunix-demo-contact
        service_notification_period     24x7
        host_notification_period        24x7
        service_notification_options    w,u,c,r
        host_notification_options       d,r
        service_notification_commands   notify-service-by-email
        host_notification_commands      notify-host-by-email
        register                        0
        }
# Define Individual Contacts
define contact{
        contact_name                    johndoe
        use                             kifarunix-demo-contact
        alias                           John Doe-Oracle DBA
        email                           [email protected]
        }
define contact{
        contact_name                    janedoe
        use                             kifarunix-demo-contact
        alias                           Jane Doe-System Admin
        email                           [email protected]
        }
# CONTACT GROUP DEFINITION allows multiple contacts to receive alerts
define contactgroup{
        contactgroup_name    kifarunix-demo-admins
        alias                Sys-DB Admins
        members              johndoe,janedoe
       }

Modify the contact configuration above accordingly.

Verify Nagios Configuration file

/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg

If there is no syntax error, restart Nagios service.

systemctl restart nagios

Testing Nagios Mail Alerts Notification

  • To test if mail notification works, first change the IP address of one of the hosts to an IP that is unreachable such that it looks like the host is down.
  • Reschedule the next check for the host state. This will automatically sent out an email alert on host DOWN.

If you encounter the error below when rescheduling checks,

Error: Could not open command file '/usr/local/nagios/var/rw/nagios.cmd' for update!

This is due to SELinux. To fix, run journactl -xe. It should show some SELinux commands to execute to fix this. The commands below is what i run myself.

ausearch -c 'cmd.cgi' --raw | audit2allow -M my-cmdcgi
semodule -X 300 -i my-cmdcgi.pp

Also, you may encounter the error;

Could not open command file '/usr/local/nagios/var/rw/nagios.cmd'

Run the command below to fix it.

chcon -R -t httpd_sys_script_rw_t /usr/local/nagios/var/rw

You should be able to manually reschedule Nagios host or service checks.

You should now get the email alert on the host being down.

** PROBLEM Host Alert: web01.kifarunix-demo.com is DOWN **

[email protected]

***** Nagios *****

Notification Type: PROBLEM
Host: web01.kifarunix-demo.com
State: DOWN
Address: 192.168.56.18
Info: CRITICAL - Host Unreachable (192.168.56.18)

Date/Time: Sat Oct 19 15:16:09 EDT 2019

Put back the right server IP and reschedule the check to now. You should be able to get the host status UP alert on the mail.

** RECOVERY Host Alert: web01.kifarunix-demo.com is UP **

[email protected]

***** Nagios *****

Notification Type: RECOVERY
Host: web01.kifarunix-demo.com
State: UP
Address: 192.168.56.128
Info: PING OK - Packet loss = 0%, RTA = 1.36 ms

Date/Time: Sat Oct 19 15:31:13 EDT 2019

That is just it on how to configure Nagios email notification using Gmail. You should be able to receive alerts for service/host state changes.

You may also be interested in checking the following tutorials.

Nagios SNMP Monitoring of Linux Hosts on AlienVault USM/OSSIM

Monitor Linux Hosts using Nagios check_by_ssh Plugin

How to Install Nagios NRPE Agent on RHEL/CentOS/Oracle Linux

LEAVE A REPLY

Please enter your comment!
Please enter your name here