Nagios Plugin for Barracuda Spam Firewalls
In our environment we use Barracuda Spam Firewalls to handle in and outbound mail delivery. Wanting to keep an eye on the in and outbound queues to make sure we are not seeing any delays with delivery I went looking for ways to monitor the queues and alert when they are above certain thresholds. Barracuda exposes the queue lengths in a number of ways (CGI/API, web interface and SNMP) and since we wanted this automated and we already use Nagios I chose to use SNMP. I tried some of the other SNMP plugins to try to use those, but after a bit of struggling without success I decided to write my own in PHP (mainly because that is what is easiest for me). Use the download link below to download a zip file of the plugin.
Or click on this link to see the code within this post.
Usage
Usage: check_cuda host-ip community-string queue warning-threshold critical-threshold
Queue can be either in, out or bounce
Warning and Critical values should be positive integers
Note: Version 1.5 of the zip file includes check_cuda5, which is a version of the script that works under PHP5
Prerequisites
This plugin requires php_snmp support
Nagios Configuration
Commands
Define commands as shown below:
define command {
command_name Check Barracuda Inbound Mail Queue
command_line $USER1$/check_cuda $HOSTADDRESS$ public in 500 1000
}
define command {
command_name Check Barracuda Outbound Mail Queue
command_line $USER1$/check_cuda $HOSTADDRESS$ public out 500 1000
}
Obviously you will need to change the SNMP community string from public to match your community string. If you wish you could also add a check command to track the bounce queue. You may also want to use different warning and critical threshold than I did (500 and 1000 respectively). These numbers may not be right for your situation.
Contact Groups
Add a service group like the one below (customizing for your site of course):
# contactgroups Cuda Admins
define contactgroup {
contactgroup_name Cuda_Admins
alias Cuda_Admins
members joe,sally,fred
}
Service Templates
define service {
name Check Barracuda Mail Queue Template
use generic-service
contact_groups Cuda_Admins
register 0
}
Services
Add the service as needed to your hosts, sample shown below:
define service {
service_description Check Barracuda Inbound Mail Queue
use Check Barracuda Mail Queue Template
host_name yourcuda
check_command Check Barracuda Inbound Mail Queue
}
define service {
service_description Check Barracuda Outbound Mail Queue
use Check Barracuda Mail Queue Template
host_name yourcuda
check_command Check Barracuda Outbound Mail Queue
}
If you have any questions, comments or problems then just post a comment on this post and I’ll get back to you.
Update (January 2008)
There are now some additional plug-ins available to perform the same functions written in PERL and with hooks to graphing solutions. You can find them here.
Update (March 2010)
The new version (1.5) of the zip file contains check_cuda5, which has been updated to work with PHP5 (check_cuda was originally written under php4 and seemed to have an issue under php5 with the shebang line)
Hi there , I found your blog on Yahoo while I was searching for barracuda firewall spam and your post regarding Nagios Plugin for Barracuda Spam Firewalls . It sounds very interesting and I learned a lot from your article , who did it write it? . I also writing articles about to fight spam on how to get rid of spam , I hope you like it also. Have a great Saturday !
I was searching for a barracuda plug-in for nagios, and ran across your article. I tried to download your plug-in, but it come up unavailable. Is the plugin missing?
Thanks
Scott Miller
Scott – thank you for letting me know! I had upgraded and apparently I forgot to put the files back. The files are back in place now. Thanks again for letting me know.
Mike
Whenever Nagios tries to run the check gets (Return code of 127 is out of bounds – plugin may be missing).
Have check_cuda in /usr/local/nagios/libexec/
Command Info
———————-
define command{
command_name Check Barracuda Inbound Mail Queue
command_line $USER1$/check_cuda $HOSTADDRESS$ public in 5 15
}
Host Config Info
———————–
define host{
contact_groups Cuda_Admins
host_name barracuda2
alias Inbound Barracuda Appliance
address barracuda2.dns.com
max_check_attempts 10
notification_interval 120
notification_period 24×7
}
Am new to Nagios in general so anything you can point me to look at would be greatly appreciated.
Bryan,
What I would suggest is to try to execute the script as the account which Nagios is running as. Usually Nagios runs under the nagios account. So while logged in as nagios (or su nagios) try to execute the script by running it. It would probably be something like /usr/local/nagios/libexec/check_cuda 1.2.3.4 public in 5 15
See if you get an error while running it this way. My guess is you will. Perhaps you will get a permission error or perhaps you don’t have php installed? Depending on what you get I can try to help from there.
Mike
Hi Guys,
Hoping you can help me, I am getting a check_cuda: command not found error
I got PHP5 installed and PHP5_SNMP as php4 is obsolete (and cant find it anywhere)
is there a compatabilty issue with this script and php5?
/usr/local/nagios/libexec/check_cuda barracuda.x.x.x public in 10 20
I suggest you check the ownership and permission on the file. Also make sure there is a space in between the script name and the IP address, if not Nagios will be looking for a script named check_cuda.x.x.x
Post back if that does not resolve the issue…
Permissions are fine, double checked
there is a space
/usr/local/nagios/libexec/check_cuda 203.142.x.x public in 10 20
The error I am getting is
could not open input file: 203.142.x.x
Anyone?
For some reason it seems to be trying to execute what should be considered a passed parameter. The first line of the check scripts is:
#!/usr/bin/php -q
Does this match the location of your php binary/executable? Perhaps your installation of php is in a different location? If so you will need to edit the script to point to your php install.
Hi Mike,
Yes this matches the location,
I think the issue is that I installed php5 and php5snmp
I think this script is designed for php4, is there a link I can use to install php4, I have ubuntu installed and cant find it anywhere in the synaptic manager, unless you think its something else?
Is there anything else I need to install on this system, the nagios plugins are installed also…
Ray,
Sorry it took me a while to do this, but I did just actually test the script under PHP5. I don’t currently have access to Barracuda firewalls, so I could only replicate and resolve the issue you were seeing, not fully test. Strictly speaking the script SHOULD have worked under PHP5 without any modifications. But, I got the same results you did when I ran it from the command line under PHP5. After a bit of testing and experimentation all I basically did was create a new file with a working shebang line and a stupid little hello world to just confirm the shebang line was the source of the problem. Then I pasted in the other portion of the script without any other changes and I got the expected results. The download link in the post above now points to a new zip file with a new file called check_cuda5. Thanks for letting me know and being patient/persistent.
Mike
[...] of the plugin now includes a version that functions under PHP5, it can be found on this site here. Posted March 16, 2010 by Mike. Comments and trackbacks are open. Follow the comments feed. [...]
Hi Mike,
I am trying to download the link, but the link is down, I am hanging to download this!!
The link is fixed now and I did send it to Ray via email as well. My apologies for the problems Ray!
Mike
I can confirm that this update does work on php5 and php5-snmp
Anyone that uses the barracuda and nagios must have this.
Thanks again Mike
Top Plugin – works a treat
For Ubuntu, i needed to install php5-cli and php5-snmp, copy teh plugin to /usr/local/nagios/libexec and make sure that i define the plugin something like:
define command {
command_name Check_Cuda_Queues
command_line $USER1$/check_cuda.php $HOSTADDRESS$ public $ARG1$ $ARG2$ $ARG3$
}
make sure that it is check_cuda.php!
I can then call the check as:
define service {
service_description Check Barracuda Outbound Mail Queue
use generic-service
host_name Barracuda-In,Barracuda-Out
check_command Check_Cuda_Queues!in!350!500
}
thanks for the plugin…
Worked for me with the follows
1. put all “downloands” files (2 php) at /usr/local/nagios/libexec
2. change privilages on thoses 2 files for user nagios to read-write (and everyone!). Make sure that check_cuda5.php is executable.
3. gedit /usr/local/nagios/etc/objects/commands.cfg and put at the end :
define command {
command_name Check_Cuda_Queues
command_line $USER1$/check_cuda5 $HOSTADDRESS$ public $ARG1$ $ARG2$ $ARG3$
}
Note that i removed the .php.
4. gedit /usr/local/nagios/etc/objects/localhost.cfg and put
define host{
use linux-server ; Inherit default values from a template
host_name baracuda ; The name we’re giving to this host
alias baracuda ; A longer name associated with the host
address 10.10.10.3 ; IP address of the host
}
define service {
service_description Check Barracuda Outbound Mail Queue
use generic-service
host_name baracuda
check_command Check_Cuda_Queues!in!350!500
}
5. check if all is ok.
/usr/local/nagios/bin/nagios -v /usr/local/nagios/etc/nagios.cfg
6. restart nagios.
The problem i have now is that
Current Status: OK
(No output returned from plugin)
Warning: snmpget(): No response from 10.10.10.3 in /usr/local/nagios/libexec/check_cuda5 on line 22
IN OK – 0 messages queued
is normal the No output returned.. but it’s says In OK -0 messages queed
(isn’t that an output)?
In #4 where you defined the service check command, did you just leave out the SNMP community string so you wouldn’t disclose it, or is it actually not there in the service check definition. You will need a community string passed or the SNMP check won’t work.
The plugin really should catch this and not give you a OK result… I will try to take a look at that when I get a few minutes. But in the meantime if you resolve the lack of a community string that should resolve the issue. If you really do have a community string in there, then I would suggest running the command from the command line as the account nagios runs under and seeing what you get. Post results if that is the case and I will try to assist you.
Mike
Hi Mike,
Its Ray again! hope things are well.
I am having problems with my current Nagios configuration.
I am not sure what went wrong… when I type in check_cuda5 xxxx.xxx.xxxx.xxxx public in 10 30 it displays
IN Critical – 0 messages queued |MailINQueue=0;10;30root@CHILMELLX01:
I’ve checked the SNMP connection with SNMP tools – I cant figure out this issue! can you please help! does the newer barracuda firmware affect this script?
Thanks!
-Ray
Thanks Ray for point out this issue and for testing the new version. Anyone else looking to resolve this issue should visit the updated version at http://seigafuse.com/2010/08/11/barracuda-plugin-for-nagios-v3/