|
|
| Author |
Message |
warnesj
Cacti User
Joined: 29 May 2005
Posts: 163
|
 Posted: Mon Nov 06, 2006 9:40 am Post subject: |
 |
|
| sizulku wrote: | | how to add "rejected messages" to this graph? |
The rejected messages are implied by the number of SPAM and Virus messages. Or are you referring to something else?
|
|
| Back to top |
|
 |
sizulku
Cacti User
Joined: 04 Nov 2002
Posts: 102
Location: ACEH
|
|
| Back to top |
|
|
warnesj
Cacti User
Joined: 29 May 2005
Posts: 163
|
| Posted: Wed Nov 08, 2006 10:17 am Post subject: |
|
|
| Oh, I understand. I'm sorry but I'm not keeping track of the sendmail rejected messages. It would be easy enough to add to the script. Give me a day or so to try and I'll post the modified code and scripts.
|
|
| Back to top |
|
|
warnesj
Cacti User
Joined: 29 May 2005
Posts: 163
|
| Posted: Mon Nov 13, 2006 4:26 pm Post subject: |
|
|
Okay, I think I have it working now.  Here are the list of modifications (you can either follow the modifications or just re-download the whole thing from the first page of this post),
maillog Watcher Script
I needed to get the watcher script to start tagging on the keywords "ruleset" and "reject=" together as well as just the keyword "rejecting". But adding those two new tags I think I am catching all the stuff that Sendmail is rejected before MailScanner even gets a chance to see it.
/opt/watchmaillog/watchmaillog.sh
Find, | Code: | if(($line=~/stat\=Sent/) && ($line!~/\@domain1.com|\@domain2.com/)){
$item="mess_sent";
&readcounterfile;
$counter{$item}++;
if($debug){print("Found an outbound message, incrementing the message sent counter to $counter{$item}.\n");}
&writecounterfile;
} |
And add this snippet of code after it, | Code: | # Look for rejected messages
if((($line=~/ruleset/) && ($line=~/reject\=/)) || ($line =~/rejecting/)){
$item="mess_rejected";
&readcounterfile;
$counter{$item}++;
if($debug){print("Found a rejected message, incrementing the message rejected counter to $counter{$item}.\n");}
&writecounterfile;
} |
/opt/watchmaillog/watchmaillog_counters
We need to add a new empty counter to the counter file for rejected messages. So just add this code to the counter file (it doesn't matter where you add it),
Read Counters Script
We need to add the new value to be able to be read by the read counters script that is called by Net-SNMP.
/opt/watchmaillog/readcounters.sh
Find, | Code: | | $oid{"mess_waiting"}=".1.3.6.1.4.100.8"; |
And add this bit of code right after it, | Code: | | $oid{"mess_rejected"}=".1.3.6.1.4.100.9"; |
Then in your Net-SNMP snmpd.conf file you need to add the new OID to be viewable.
snmpd.conf additions
Find, | Code: | | pass .1.3.6.1.4.100.8 /opt/watchmaillog/readcounters.sh mess_waiting |
And add this right after it, | Code: | | pass .1.3.6.1.4.100.9 /opt/watchmaillog/readcounters.sh mess_rejected |
Then restart your snmpd daemon.
Cacti Templates
On the first page of this post I've updated the ZIP files that have the graph and data templates. Basically if you've imported this template already all you'll need to do is import the cacti_data_template_watchmaillog_sendmail_messages_rejected.xml data template and the new version of the cacti_graph_template_watchmaillog_sendmail_mailscanner_stats.xml graph template from the files below.
But note that the files below are for Cacti version 0.8.6h.
| Description: |
| Updated graph template for Sendmail & MailScanner stats including Sendmail rejected messages. VERSION 0.8.6h |
|
Download |
| Filename: |
cacti_graph_template_watchmaillog_sendmail_mailscanner_stats.xml |
| Filesize: |
15.63 KB |
| Downloaded: |
316 Time(s) |
| Description: |
| Data template for tracking rejected messages from Sendmail. VERSION 0.8.6h |
|
Download |
| Filename: |
cacti_data_template_watchmaillog_sendmail_messages_rejected.xml |
| Filesize: |
5.58 KB |
| Downloaded: |
236 Time(s) |
|
|
| Back to top |
|
|
sdetroch
Joined: 31 Mar 2005
Posts: 22
|
| Posted: Mon Nov 13, 2006 4:34 pm Post subject: |
|
|
Very nice!
PS: Little note for the next version: Little typo on the graphs legend --> "recieved" --> should be "received" I assume?
regards,
Sven
|
|
| Back to top |
|
|
warnesj
Cacti User
Joined: 29 May 2005
Posts: 163
|
| Posted: Mon Nov 13, 2006 4:37 pm Post subject: |
|
|
| sdetroch wrote: | | PS: Little note for the next version: Little typo on the graphs legend --> "recieved" --> should be "received" I assume? |
LOL, yeah I caught that this round too. Ooops. It's fixed in this latest graph template. I've updated the graph on the first page of the post too, so it should be representative of what the new graph looks like (minus the typo's  ).
|
|
| Back to top |
|
|
Conz
Joined: 28 Apr 2005
Posts: 18
|
| Posted: Thu Nov 23, 2006 10:41 am Post subject: |
|
|
Im getting the following error when importing cacti_graph_template_watchmaillog_sendmail_mailscanner_stats.xml on cacti 0.8.6i.
All the other xml's imported just fine.
The messages waiting graph works.
This seems to be the same error some people are having with the 0.8.6h version.
CDEF
[success] Make Stack Negative [update]
GPRINT Preset
[success] Normal [update]
[success] Exact Numbers [update]
Graph Template
[success] watchmaillog - Sendmail & MailScanner Stats [update]
+ Found Dependency: (GPRINT Preset) Normal
+ Unmet Dependency: (Data Template Item)
+ Found Dependency: (CDEF) Make Stack Negative
+ Unmet Dependency: (Data Template Item)
+ Found Dependency: (GPRINT Preset) Exact Numbers
+ Unmet Dependency: (Data Template Item)
+ Unmet Dependency: (Data Template Item)
+ Unmet Dependency: (Data Template Item)
+ Unmet Dependency: (Data Template Item)
+ Unmet Dependency: (Data Template Item)
+ Unmet Dependency: (Data Template Item)
+ Unmet Dependency: (Data Template Item)
+ Unmet Dependency: (Data Template Item)
+ Unmet Dependency: (Data Template Item)
+ Unmet Dependency: (Data Template Item)
+ Unmet Dependency: (Data Template Item)
|
|
| Back to top |
|
|
sdetroch
Joined: 31 Mar 2005
Posts: 22
|
| Posted: Thu Nov 23, 2006 12:46 pm Post subject: |
|
|
The solution for me was to create all datasources manually. After that everything was working fine again.
Sven
Last edited by sdetroch on Sun Nov 26, 2006 8:02 pm; edited 1 time in total |
|
| Back to top |
|
|
warnesj
Cacti User
Joined: 29 May 2005
Posts: 163
|
| Posted: Sun Nov 26, 2006 7:40 pm Post subject: |
|
|
That darn unmet dependency has been plaguing me since I first posted the template. I haven't upgraded (yet) to 0.8.6i, but as soon as I do (hopefully this week) I'll try and post another copy of it to see if it works any better.
Thanks Sven for the work-around.
|
|
| Back to top |
|
|
sdetroch
Joined: 31 Mar 2005
Posts: 22
|
| Posted: Sun Nov 26, 2006 8:06 pm Post subject: |
|
|
I don't know if it's usable, but here is mine (for the current cacti version) and working for me.
Sven
| Description: |
|
Download |
| Filename: |
cacti_graph_template_mailscanner_sendmail_mailscanner_stats.xml |
| Filesize: |
27.35 KB |
| Downloaded: |
434 Time(s) |
|
|
| Back to top |
|
|
Conz
Joined: 28 Apr 2005
Posts: 18
|
| Posted: Mon Nov 27, 2006 4:00 am Post subject: |
|
|
| sdetroch wrote: | I don't know if it's usable, but here is mine (for the current cacti version) and working for me.
Sven |
Worked like a charm, thanks.
|
|
| Back to top |
|
|
warnesj
Cacti User
Joined: 29 May 2005
Posts: 163
|
| Posted: Mon Nov 27, 2006 11:10 am Post subject: |
|
|
| sdetroch wrote: | I don't know if it's usable, but here is mine (for the current cacti version) and working for me.
Sven |
Thanks a million Sven! Takes a bit of pressure off me to upgrade right away. But I'll try to this week anyway. Once I've done I'll have to compare how your export is different than mine.
Glad it's working for Conz.
Thanks again.
|
|
| Back to top |
|
|
Avenger
Joined: 05 Feb 2007
Posts: 6
|
| Posted: Mon Feb 05, 2007 11:56 am Post subject: |
|
|
Hy,
Sorry for my english but I'm french!
So I try to install this template for my cacti by I have some problems with.
Cacti 0.8.6j
Linux Gentoo Base System version 1.12.6
NET-SNMP version: 5.2.1.2
RRDtool 1.2.15
When I run manually the script perl -w /opt/watchmaillog/watchmaillog.sh
I have this message error : | Code: | Name "main::SYSLOG" used only once: possible typo at /opt/watchmaillog/watchmaillog.sh line 145.
watchmaillog is starting.
Use of uninitialized value in pattern match (m//) at /opt/watchmaillog/watchmaillog.sh line 80.
Use of uninitialized value in pattern match (m//) at /opt/watchmaillog/watchmaillog.sh line 88.
Use of uninitialized value in pattern match (m//) at /opt/watchmaillog/watchmaillog.sh line 96.
Use of uninitialized value in pattern match (m//) at /opt/watchmaillog/watchmaillog.sh line 104.
Use of uninitialized value in pattern match (m//) at /opt/watchmaillog/watchmaillog.sh line 104.
Use of uninitialized value in pattern match (m//) at /opt/watchmaillog/watchmaillog.sh line 112.
Use of uninitialized value in pattern match (m//) at /opt/watchmaillog/watchmaillog.sh line 123.
Use of uninitialized value in pattern match (m//) at /opt/watchmaillog/watchmaillog.sh line 134.
watchmaillog is ending.
|
My watchmaillog.sh is like that ( I voluntarily hide the domain name) :
| Code: | #!/usr/bin/perl
#
# Daemon used to watch the maillog messages for certain messages and trigger events when
# certain messages occur
#
# By Jason Warnes
#
# Change Log
# ~~~~~~~~~~
# 2006-08-22: Initial release
# 2006-09-05: Fixed signal handling
# Added /var/run/watchmaillog.pid file for logrotate usage
# 2006-09-07: Added proper signal handling (Thanks pvenezia!)
# Added SpamAssassin spamd checking support for SPAM (Thanks raiten!)
# 2006-09-18: Added new item mess_waiting, which is the number of messages MailScanner
# detects when a new batch is started.
# 2006-11-02: Changed the way SPAM messages were detected so the script works
# on servers configured for less verbose logging. (Thanks sdetroch!)
# 2006-11-08: Added new item mess_rejected, which is the number of rejected
# messages by Sendmail.
$debug=1; # 1=Debug messages are displayed, 0=No debug messages are displayed
$daemon=0; # 1=Daemonize the program, 0=Run interactive
$syslog=1; # 1=Log stuff to syslog, 0=No logging to syslog
$self="/opt/watchmaillog/watchmaillog.sh"; # Location of this script
$counterfile="/opt/watchmaillog/watchmaillog_counters"; # Location to store the counter file
$resetfile="/opt/watchmaillog/watchmaillog_reset"; # Location of the reset counter flag file
$pidfile="/etc/init.d//watchmaillog.pid"; # Location of the running process ID file (used in logrotate)
use Sys::Syslog;
use POSIX;
use Time::HiRes qw( gettimeofday tv_interval );
$|=1;
my $sigset = POSIX::SigSet->new();
my $hupaction = POSIX::SigAction->new('hup_signal_handler',
$sigset,
&POSIX::SA_NODEFER);
my $osigaction = POSIX::SigAction->new('signal_handler',
$sigset,
&POSIX::SA_NODEFER);
POSIX::sigaction(&POSIX::SIGHUP, $hupaction);
POSIX::sigaction(&POSIX::SIGINT, $osigaction);
POSIX::sigaction(&POSIX::SIGTERM, $osigaction);
if($daemon){
$pid=fork;
if($pid) {
open(PID,">".$pidfile) or die "Cannot open PID file: $!.";
print PID ("$pid\n"); # Write the PID out to the PID file for logrotate
close(PID);
}
exit if $pid;
die "Couldn't fork : $!" unless defined($pid);
setsid() or die "Can't start a new session: $!";
$time_to_die=0;
}
sub signal_handler {
$time_to_die=1;
}
sub hup_signal_handler {
if($debug){print "got SIGHUP\n";}
exec($self) or die "Couldn't restart: $!\n";
}
if($syslog){openlog("watchmaillog","pid","daemon");}
if($syslog){syslog("notice","Starting.");}
if($debug){print("watchmaillog is starting.\n");}
# Main part of the program
open(MAILLOG, "tail -n 0 -f /var/log/mail|") or die "Cannot open maillog: $!.";
while(!$time_to_die){
$line=<MAILLOG>;
# Look for received messages where the sender is not from our domain(s)
if(($line=~/from\=/) && ($line!~/\@domain1.com|\@domain2.fr/)){
$item="mess_recv";
&readcounterfile;
$counter{$item}++;
if($debug){print("Found an inbound message, incrementing the message recieve counter to $counter{$item}.\n");}
&writecounterfile;
}
# Look for messages sent to our domain(s), indicates an inbound message relayed to an internal server
if(($line=~/stat\=Sent/) && ($line=~/\@domain1.com|\@domain2.fr/)){
$item="mess_relay";
&readcounterfile;
$counter{$item}++;
if($debug){print("Found an clean inbound message, incrementing the clean message recieve counter to $counter{$item}.\n");}
&writecounterfile;
}
# Look for sent messages to NOT our email domain(s), indicates an outbound message
if(($line=~/stat\=Sent/) && ($line!~/\@domain1.com|\@domain2.fr/)){
$item="mess_sent";
&readcounterfile;
$counter{$item}++;
if($debug){print("Found an outbound message, incrementing the message sent counter to $counter{$item}.\n");}
&writecounterfile;
}
# Look for rejected messages
if((($line=~/ruleset/) && ($line=~/reject\=/)) || ($line =~/rejecting/)){
$item="mess_rejected";
&readcounterfile;
$counter{$item}++;
if($debug){print("Found a rejected message, incrementing the message rejected counter to $counter{$item}.\n");}
&writecounterfile;
}
# Look for MailScanner spam scanning batch results
if($line=~/Spam\ Checks\:\ Found/){
$item="spam";
$spam_count_pos = index($line,"Spam\ Checks\:\ Found");
$spam_count_pos2 = index($line, "\ spam\ messages");
$spam_count = substr($line,($spam_count_pos+19),($spam_count_pos2-($spam_count_pos+19)));
&readcounterfile;
$counter{$item}=$counter{$item}+$spam_count;
if($debug){print("Found $spam_count SPAM in the MailScanner batch, incrementing the spam counter to $counter{$item}.\n");}
&writecounterfile;
}
# Look for MainScanner virus scanning batch results
if($line=~/Virus\ Scanning\:\ Found/){
$item="virus";
$virus_count_pos = index($line,"Virus\ Scanning\:\ Found");
$virus_count_pos2 = index($line, "\ viruses");
$virus_count = substr($line,($virus_count_pos+22),($virus_count_pos2-($virus_count_pos+22)));
&readcounterfile;
$counter{$item}=$counter{$item}+$virus_count;
if($debug){print("Found $virus_count viruses in the MailScanner batch, incrementing the virus counter to $counter{$item}.\n");}
&writecounterfile;
}
# Look for MailScanner waiting messages
if($line=~/New\ Batch\:\ Found/){
$item="mess_waiting";
$mess_waiting_pos = index($line,"New\ Batch\:\ Found");
$mess_waiting_pos2 = index($line,"\ messages\ waiting");
$mess_waiting = substr($line,($mess_waiting_pos+17),($mess_waiting_pos2-($mess_waiting_pos+17)));
&readcounterfile;
$counter{$item}=$mess_waiting;
if($debug){print("Mailscanner found $mess_waiting messages waiting, setting the mess_waiting counter to $counter{$item}.\n");}
&writecounterfile;
}
}
close(SYSLOG);
if($debug){print("watchmaillog is ending.\n");}
if($syslog){syslog("notice","Ending.");}
unlink($pidfile);
# Subroutine to read the contents of the counter file
sub readcounterfile {
# Read the counter values from the file
if($debug){print("Reading contents of counter file.\n");}
open(COUNTER,$counterfile);
while($line=<COUNTER>){
@line=split(/\:/,$line);
chop($line[1]); # Drop the trailing LF off the value
# Check for reset counter flag file
if(-e $resetfile."_".$line[0]){
if($debug){print("Reset counter flag file found for counter $line[0], resetting counter value to 0.\n");}
$counter{$line[0]}=0;
unlink($resetfile."_".$line[0]);
} else {
$counter{$line[0]}=$line[1];
}
if($debug){print("Counter $line[0] = $counter{$line[0]}.\n");}
}
close(COUNTER);
}
# Subrouting to write the contents of the counter file
sub writecounterfile {
if($debug){print("Writing counter values to counter file.\n");}
open(COUNTER,">".$counterfile);
# Write each counter item out to the counter file
foreach $item (sort keys(%counter)) {
print COUNTER ($item."\:".$counter{$item}."\n");
}
close(COUNTER);
chmod(0666,$counterfile);
}
|
If someone can help me.....
Think for your reply and ask me more informations if necessary
|
|
| Back to top |
|
|
warnesj
Cacti User
Joined: 29 May 2005
Posts: 163
|
| Posted: Mon Feb 05, 2007 12:18 pm Post subject: |
|
|
You found a bug.  I think all the problems are because I reused some old code and forgot to change [b]one]/b] line.
If you find,And change it to,That should fix the error (I hope!) I'll update the files on the main post.
Thanks for finding this.
|
|
| Back to top |
|
|
Avenger
Joined: 05 Feb 2007
Posts: 6
|
| Posted: Tue Feb 06, 2007 4:36 am Post subject: |
|
|
Thank for your reply I don't have this kind of error anymore but I still have this one like if the /var/log/mail was empty : | Code: |
watchmaillog is starting.
Use of uninitialized value in pattern match (m//) at /opt/watchmaillog/watchmaillog.sh line 79, <MAILLOG> line 9.
Use of uninitialized value in pattern match (m//) at /opt/watchmaillog/watchmaillog.sh line 87, <MAILLOG> line 9.
Use of uninitialized value in pattern match (m//) at /opt/watchmaillog/watchmaillog.sh line 95, <MAILLOG> line 9.
Use of uninitialized value in pattern match (m//) at /opt/watchmaillog/watchmaillog.sh line 103, <MAILLOG> line 9.
Use of uninitialized value in pattern match (m//) at /opt/watchmaillog/watchmaillog.sh line 103, <MAILLOG> line 9.
Use of uninitialized value in pattern match (m//) at /opt/watchmaillog/watchmaillog.sh line 111, <MAILLOG> line 9.
Use of uninitialized value in pattern match (m//) at /opt/watchmaillog/watchmaillog.sh line 122, <MAILLOG> line 9.
Use of uninitialized value in pattern match (m//) at /opt/watchmaillog/watchmaillog.sh line 133, <MAILLOG> line 9.
watchmaillog is ending.
|
Maybe someone can help me for this !
Thx
|
|
| Back to top |
|
|
|
Powered by phpBB © 2001, 2005 phpBB Group
|
|
FAQ
Search
Memberlist
Register
Profile
Log in to check your private messages
Log in
