In our environment we use Barracuda Spam Firewalls to handle in and outbound mail delivery. Wanting to keep an eye on the in and outbound queues to make sure we are not seeing any delays with delivery I went looking for ways to monitor the queues and alert when they are above certain thresholds. Barracuda exposes the queue lengths in a number of ways (CGI/API, web interface and SNMP) and since we wanted this automated and we already use Nagios I chose to use SNMP. I tried some of the other SNMP plugins to try to use those, but after a bit of struggling without success I decided to write my own in PHP (mainly because that is what is easiest for me). Use the download link below to download a zip file of the plugin.

Or click on this link to see the code within this post.

> check_cuda

#!/usr/bin/php -q
<?php
#
# check_cuda - nagios plugin
#
#
# Copyright (C) 2007 Mike Seigafuse
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
#
# Report bugs to: mike@seigafuse.net
#
# This script will check counters of a Barracuda Spam Firewall using PHP SNMP functions
# and return them along with the status.
#
$numbparams = sizeof($argv);
# should be 5
if ($numbparams < 5 ) {
	echo "Usage: check_cuda <host ip> <community string> <queue> <warn> <crit>\\n";
	echo "     Queue can be either in, out or bounce\\n";
	echo "     Warning and Critical values should be positive integers\\n";
	exit;
}
$host = $argv[1];
$cstring = $argv[2];
$checkqueue = strtoupper($argv[3]);
$warn = $argv[4];
$crit = $argv[5];
 
$mailinqueue = "1.3.6.1.4.1.2021.8.1.101.1";
$mailoutqueue = "1.3.6.1.4.1.2021.8.1.101.2";
$mailbouncequeue = "1.3.6.1.4.1.2021.8.1.101.3";
 
function getsnmpvalue($host, $cstring, $oid) {
     $valuestring = snmpget($host, $cstring, $oid);
     $colpos = strpos($valuestring, ":");
     $subvalue = trim(substr($valuestring, $colpos+1));
     return $subvalue;
}
 
# Ready set go, time to do the real work
 
if ($checkqueue == "IN") {
	$queuelen = getsnmpvalue($host, $cstring, $mailinqueue);
} elseif ($checkqueue == "OUT") {
         $queuelen = getsnmpvalue($host, $cstring, $mailoutqueue);
} elseif ($checkqueue == "BOUNCE") {
         $queuelen = getsnmpvalue($host, $cstring, $mailbouncequeue);
}
if ($queuelen < $warn) {
	$format = '%s OK - %d messages queued |Mail%sQueue=%d;%d;%d';
	printf($format, $checkqueue, $queuelen, $checkqueue, $queuelen, $warn, $crit);
	exit(0);
}
if (($queuelen > $warn) && ($queuelen < $crit)) {
	$format = '%s Warning - %d messages queued |Mail%sQueue=%d;%d;%d';
	printf($format, $checkqueue, $queuelen, $checkqueue, $queuelen, $warn, $crit);
	exit(1);
}
if ($queuelen > $crit) {
	$format = '%s Critical - %d messages queued |Mail%sQueue=%d;%d;%d';
	printf($format, $checkqueue, $queuelen, $checkqueue, $queuelen, $warn, $crit);
	exit(2);
}
 
?>

Usage

Usage: check_cuda host-ip community-string queue warning-threshold critical-threshold

Queue can be either in, out or bounce
Warning and Critical values should be positive integers

Note: Version 1.5 of the zip file includes check_cuda5, which is a version of the script that works under PHP5

Prerequisites

This plugin requires php_snmp support

Nagios Configuration

Commands

Define commands as shown below:

define command {
command_name Check Barracuda Inbound Mail Queue
command_line $USER1$/check_cuda $HOSTADDRESS$ public in 500 1000
}

define command {
command_name Check Barracuda Outbound Mail Queue
command_line $USER1$/check_cuda $HOSTADDRESS$ public out 500 1000
}

Obviously you will need to change the SNMP community string from public to match your community string. If you wish you could also add a check command to track the bounce queue. You may also want to use different warning and critical threshold than I did (500 and 1000 respectively). These numbers may not be right for your situation.

Contact Groups

Add a service group like the one below (customizing for your site of course):

# contactgroups Cuda Admins
define contactgroup {
contactgroup_name Cuda_Admins
alias Cuda_Admins
members joe,sally,fred
}

Service Templates

define service {
name Check Barracuda Mail Queue Template
use generic-service
contact_groups Cuda_Admins
register 0
}

Services

Add the service as needed to your hosts, sample shown below:

define service {
service_description Check Barracuda Inbound Mail Queue
use Check Barracuda Mail Queue Template
host_name yourcuda
check_command Check Barracuda Inbound Mail Queue
}

define service {
service_description Check Barracuda Outbound Mail Queue
use Check Barracuda Mail Queue Template
host_name yourcuda
check_command Check Barracuda Outbound Mail Queue
}

If you have any questions, comments or problems then just post a comment on this post and I’ll get back to you.

Update (January 2008)

There are now some additional plug-ins available to perform the same functions written in PERL and with hooks to graphing solutions. You can find them here.

Update (March 2010)

The new version (1.5) of the zip file contains check_cuda5, which has been updated to work with PHP5 (check_cuda was originally written under php4 and seemed to have an issue under php5 with the shebang line)