Network Monitoring 1 comment

Barracuda plug-in for Nagios V3.1

By on August 20th, 2010

Right on the heels of version 3.0 is the 3.1 version of the plug-in.  Once again thanks to Ray, this version now includes error checking for the SNMP get.  The previous version would not go critical on the failure to retrieve SNMP values.

Download Barracuda Plugin V3.1 Version 3.1

See the previous post for more details on usage, the only difference in this version is the SNMP error checking which does not impact usage or installation.

Network Monitoring 12 comments

Version 3 of the Barracuda plugin for Nagios

By on August 11th, 2010

I have updated the Nagios plugin for Barracuda Spam & Virus firewalls to V3.  This release has been tested under PHP5 and works with Barracuda firmware versions 3 and 4.  Barracuda Networks changed their MIB with version 4 firmware and the plugin now supports the new OIDs or the old by way of a configuration setting within the plugin script.  Read more below for details.

Download Barracuda Plugin V3 Version 3.0

Installation

Place the check_cuda file in the nagios libexec folder along with all your other check plugins.  Don’t forget to
set permissions and ownership as appropriate for your installation.  Version 3 was tested under PHP5 and should work with either 4 or 5 by simply using check_cuda.  Be sure to edit the check_cuda script and set the value of $cuda_firmware (line 10) to either 3 or 4 depending on the firmware version of the Barracdua Spam and Virus firewalls you will be using the plugin to check.

Usage

Usage: check_cuda <host-ip> <community-string> <queue> <warning-threshold> <critical-threshold>

Queue can be either in, out or bounce for firmware version 3 firewalls; for version 4 firewalls the values are
in, out, deferred or latency

Warning and Critical values should be positive integers

Prerequisites

This plugin requires php and php_snmp support (as noted this version has been tested with PHP 5)

Nagios Configuration

Commands

Define commands as shown below:

define command {
command_name Check Barracuda Inbound Mail Queue
command_line $USER1$/check_cuda $HOSTADDRESS$ public in 500 1000
}

define command {
command_name Check Barracuda Outbound Mail Queue
command_line $USER1$/check_cuda $HOSTADDRESS$ public out 500 1000
}

Obviously you will need to change the SNMP community string from public to match your community string. If you wish you could also add a check command to track the bounce/deferred queue and even averagelatency on version 4 firmware. You may also want to use different warning and critical threshold than I did (500 and 1000 respectively). These numbers may not be right for your situation.
Contact Groups

Add a service group like the one below (customizing for your site of course):

# contactgroups Cuda Admins
define contactgroup {
contactgroup_name Cuda_Admins
alias Cuda_Admins
members joe,sally,fred
}

Service Templates

define service {
name Check Barracuda Mail Queue Template
use generic-service
contact_groups Cuda_Admins
register 0
}
Services

Add the service as needed to your hosts, sample shown below:

define service {
service_description Check Barracuda Inbound Mail Queue
use Check Barracuda Mail Queue Template
host_name yourcuda
check_command Check Barracuda Inbound Mail Queue
}

define service {
service_description Check Barracuda Outbound Mail Queue
use Check Barracuda Mail Queue Template
host_name yourcuda
check_command Check Barracuda Outbound Mail Queue
}

Here is an excerpt from the Barracuda version 4 release notes that describes the new OID/Objects and their meanings:

Object Description
inQueueSize Number of messages waiting to be processed by the Barracuda Spam & Virus Firewall
outQueueSize Number of messages waiting to be sent to the mail server
deferredQueueSize Number of messages deferred because they could not be processed, and will be requeued for processing
avgEmailLatency Difference between the time a message was received by the Barracuda Spam & Virus Firewall and the time it is sent to the mail server

A special note of thanks to Ray who pointed out that the plugin needed an update to support the new firmware and for testing the new version.  Thanks Ray!

Network Monitoring No comments yet

The check_cuda plugin for Nagios has been updated

By on March 16th, 2010

Thanks to Ray who pointed out a problem with the script under PHP5, the download of the plugin now includes a version that functions under PHP5, it can be found on this site here.

IT Security No comments yet

Best practice configurations

By on March 11th, 2010

Just in case you didn’t know it … CIS is a great source for best practice configurations for various platforms from a security perspective.  They also have audit tools available to members, but the benchmarks (best practice configurations) are available for public download.  There is also a download for consensus security metric reporting in addition to other very useful information available on the site.  It is worth spending a bit of time there if you have an interest in Information Systems security.

Site News No comments yet

Site Updated

By on February 2nd, 2010

I updated the site to focus strictly on technology.  All of my personal and photography related content has been moved to http://www.seigafuse.net.  I also installed a new theme to freshen the layout and colors a bit.