RT::Extension::Nagios(3) Merge and resolve Nagios tickets

DESCRIPTION

Nagios <http://www.nagios.org> is a powerful monitoring system that enables organizations to identify and resolve IT infrastructure problems before they affect critical business processes.

This extension allows email alerts generated by Nagios to be aggregated and resolved as it generates them. It does this by examining the standard subject line that Nagios generates; by default, these take the form:

    PROBLEM Service Alert: localhost/Root Partition is WARNING

There are 5 useful parts in subject; we call them "type", "category", "host", "problem_type" and "problem_severity". These are parsed from the subject via a regular expression; in the above example, the extension would extract:

    type:             PROBLEM
    category:         Service
    host:             localhost
    problem_type:     Root Partition
    problem_severity: WARNING

After the new ticket is created, the following is done:

1.
Find all the other active tickets in the same queue with the same values of "category", "host" and "problem_type". If the configuration setting "NagiosSearchAllQueues" is set (see below), all queues are searched.
2.
If the configuration setting "NagiosMergeTickets" is set (see below), merge all matching tickets.
3.
If "type" is 'RECOVERY', resolve them.

INSTALLATION

"perl Makefile.PL"
"make"
"make install"
May need root permissions
"make initdb"
Only run this the first time you install this module.

If you run this twice, you may end up with duplicate data in your database.

If you are upgrading this module, check for upgrading instructions in case changes need to be made to your database.

Edit your /opt/rt4/etc/RT_SiteConfig.pm
If you are using RT 4.2 or greater, add this line:

    Plugin('RT::Extension::Nagios');

For RT 4.0, add this line:

    Set(@Plugins, qw(RT::Extension::Nagios));

or add "RT::Extension::Nagios" to your existing @Plugins line.

Restart your webserver

CONFIGURATION

This extension has three configuration settings; setting them should be done in "RT_SiteConfig.pm".
"NagiosSearchAllQueues"
If set, this causes step 1, above, to search for matching Nagios tickets in an queue. In most configurations, Nagios notifications will arrive in one queue, and remain there. If your workflow involves triaging Nagios notifications from there into other queues, you will want to set:

   Set( $NagiosSearchAllQueues, 1 );
"NagiosMergeTickets"
Controls if the extensions merges tickets about the same incident together. By default, each "PROBLEM", "ACKNOWLEDGEMENT", "FLAPPINGSTART", "FLAPPINGSTOP" and "RECOVERY" notification will remain as its own ticket; when the "RECOVERY" email is received by RT, all will be resolved.

Setting this configuration parameter to 1 causes the extension to merge all old tickets on the same topic into new tickets as they arrive; as such, the "Created" date will respect the most recent message.

Setting it to "-1" causes the extension to merge new tickets into any existing tickets as they arrive; the "Created" date will respect the oldest message, and the ticket ID will remain constant:

    Set( $NagiosMergeTickets, -1 );
"NagiosResolvedStatus"
Since RT allows for custom lifecycles on queues, this extension's default of setting tickets to "Resolved" upon "RECOVERY" may be incorrect for the queue they are in. If the queue your Nagios tickets reside in does not have a "Resolved" status, or you would like tickets to be transitioned to a different status on "RECOVERY", set "NagiosResolvedStatus":

    Set( $NagiosResolvedStatus, 'recovered' );

AUTHOR

Best Practical Solutions, LLC <[email protected]>

Based on work by Todd Chapman.

BUGS

All bugs should be reported via email to

    L<[email protected]|mailto:[email protected]>

or via the web at

    L<rt.cpan.org|http://rt.cpan.org/Public/Dist/Display.html?Name=RT-Extension-Nagios>.

LICENSE AND COPYRIGHT

This software is Copyright (c) 2014 by Best Practical Solutions

This is free software, licensed under:

  The GNU General Public License, Version 2, June 1991