Nagios Plugin for Barracuda Spam Firewalls

In our environment we use Barracuda Spam Firewalls to handle in and outbound mail delivery. Wanting to keep an eye on the in and outbound queues to make sure we are not seeing any delays with delivery I went looking for ways to monitor the queues and alert when they are above certain thresholds. Barracuda exposes the queue lengths in a number of ways (CGI/API, web interface and SNMP) and since we wanted this automated and we already use Nagios I chose to use SNMP. I tried some of the other SNMP plugins to try to use those, but after a bit of struggling without success I decided to write my own in PHP (mainly because that is what is easiest for me). Use the download link below to download a zip file of the plugin.

Download Barracuda Plugin Version 1.0

Downloaded a total of 338 times

Or click on this link to see the code within this post.

> check_cuda

Usage

Usage: check_cuda host-ip community-string queue warning-threshold critical-threshold

Queue can be either in, out or bounce
Warning and Critical values should be positive integers

Prerequisites

This plugin requires php_snmp support

Nagios Configuration

Commands

Define commands as shown below:

define command {
command_name Check Barracuda Inbound Mail Queue
command_line $USER1$/check_cuda $HOSTADDRESS$ public in 500 1000
}

define command {
command_name Check Barracuda Outbound Mail Queue
command_line $USER1$/check_cuda $HOSTADDRESS$ public out 500 1000
}

Obviously you will need to change the SNMP community string from public to match your community string. If you wish you could also add a check command to track the bounce queue. You may also want to use different warning and critical threshold than I did (500 and 1000 respectively). These numbers may not be right for your situation.

Contact Groups

Add a service group like the one below (customizing for your site of course):

# contactgroups Cuda Admins
define contactgroup {
contactgroup_name Cuda_Admins
alias Cuda_Admins
members joe,sally,fred
}

Service Templates

define service {
name Check Barracuda Mail Queue Template
use generic-service
contact_groups Cuda_Admins
register 0
}

Services

Add the service as needed to your hosts, sample shown below:

define service {
service_description Check Barracuda Inbound Mail Queue
use Check Barracuda Mail Queue Template
host_name yourcuda
check_command Check Barracuda Inbound Mail Queue
}

define service {
service_description Check Barracuda Outbound Mail Queue
use Check Barracuda Mail Queue Template
host_name yourcuda
check_command Check Barracuda Outbound Mail Queue
}

If you have any questions, comments or problems then just post a comment on this post and I’ll get back to you.

Update (January 2008)

There are now some additional plug-ins available to perform the same functions written in PERL and with hooks to graphing solutions. You can find them here.

Forums and Comments

I moved comments from the forums to the appropriate pages (ADISS, etc) and updated pages to let people know to just leave comments on pages now. The forums were confusing and not adding any real value. For those of you who posted about ADISS, your comments and my replies can be found on the ADISS page. Once I moved the comments I also removed the forums since they were no longer needed.

Daily diskspace alerts using OCS Inventory NG

Being proactive about managing system capacity is always a good idea. If you happen to use the OCS Inventory NG tool then here is a way for you to automatically have reports emailed to you (or various people) regarding systems with disk capacity below a threshold you set in a configuration file. This solution is geared towards Windows Servers, but you can easily change the select statement and use a different criteria (change where osname like ‘%server%’ to suit yourself). The results are sent as an attached CSV file, so you can easily view it in Excel or Open Office or even using vi if that is suits your fancy.

The percentage free space threshold, along with email addresses and domain names (aka workgroup names) are configured in a file named ocsdiff_conf.php. I run this (and other reports which I may post later) from a new subdirectory named reports that I created under /var/www/html/ocsreports. Be sure to set the same ownership and permissions on files in this directory as the other files under ocsreports. Here is what the file looks like:

> ocsdiff_conf.php

The file is named like this because the first report I wrote was to generate reports on hardware changes (RAM and disk in particular). I know reports like this can be implemented using GLPI integration - but we already have a helpdesk/ticketing system and I just can’t justify the effort to setup GLPI when writing one’s own reports is just not that hard.

The report itself is contained in the code below, I named the file diskreport.php and I scheduled it to run everyday using cron. I run my cron jobs for OCS-NG reports under the apache account.

> diskreport.php

Be sure to change the From and Reply To addresses in at the top of the file to suit yourself. If I have time I will move this to the configuration file.

My version of OCS-NG displays 4020 on the screen, I believe this equates to V1.0 (I know 1.01 is released, but just haven’t had the time to upgrade yet). I am running on RHEL 4.

Use the link below to download a zip file of both of these files. If you have any comments or questions post a comment on this post and I will reply.

Download OCS-NG Diskspace Report Version 1.0

Downloaded a total of 221 times

Updated NORSK posted

The NORSK page and downloads have been updated with a new release (0.6). This release adds the following:

  • Additional checking for blank users names returned from Contivity switches, when detected the blank is replaced with UNKNOWN
  • Additional administrative functions to enabled NORSK administrators to modify the configuration file and the .htaccess file via the web interface

Details can be found here.

NORSK posted to site

NORSK is a web based utility that allows administrators of Nortel Contivity switches to delegate the ability for other groups (such as a Call Center or Helpdesk) to terminate orphaned sessions on Nortel Contivity switches. This is done using a web interface and does not require granting full administrative rights on those devices. You can find more details and the link to download the tool here.

15599 pages viewed, 53 today
8147 visits, 45 today
FireStats icon Powered by FireStats