Looper - Alert Routing System.
More Rules and Modules
In this document, we will go through the process of creating a simple alert forwarder.
First let's look at the conf file:
Now the rules file (Forgive the indentation, HTML sucks sometimes):
The above code uses the hash maps to decide what alert goes where. Certain nodes go to Netcool, some generate traps and others get e-mailed. As you can see above building even complicated routes are a breeze. Just use multiple writeTo() calls for your modules. Looper also supports multiple instances of the same module.
Netcool Notes
If your objectserver is running in secure mode, add the username and password tokens to the configuration.
Go to the Looper Event / Alert System home page: looper.sf.net.
Mohit Muthanna [mohit AT muthanna DOT com]
inputmodulepath = 'modules/input'
outputmodulepath = 'modules/output'
rulesfile = 'conf/rules/sample.rules'
logfile = '/tmp/looper.log'
input in {
module = 'syslog_in'
debugmessages = '/tmp/syslog.looper.log'
logfile = '/var/log/messages.1.bak'
debugmode = '3'
sleeptime = '2'
}
output snmpout {
module = 'snmptrap_out'
debugmessages = '/tmp/snmptrap.looper.log'
managementstation = '192.168.0.150'
enterprise = '1.3.6.1.4.1.13444'
varbindoids = '1.3.6.1.4.1.13444'
debugmode = '3'
}
output netcoolout {
module = 'netcool_out'
server = 'NCOMS'
sybasehome = '/opt/looper/freetds'
debugmessages = '/tmp/netcoolout.log'
debugmode = '3'
}
output mailout {
module = 'email_out'
mailpath='/bin/mail'
}
@netcoolnodes = (
prometheus,
weed,
dope
);
@trapnodes = (
prometheus
);
%mailers = (
prometheus => 'admin@prometheus'
);
%netcoolseverities = (
prometheus => 4,
dope => 3,
weed => 2
);
$severity = 0;
$sendtrap = 0;
$mailto = 0;
for (@netcoolnodes) {
($inputTokens{node} eq $_) && ($severity = $netcoolseverities{$_});
}
for (@trapnodes) {
($inputTokens{node} eq $_) && ($sendtrap = 1);
}
for (keys %mailers) {
($inputTokens{node} eq $_) && ($mailto = $mailers{$_});
}
if ($sendtrap) {
%outputTokens = ();
$outputTokens{generictrap}=6;
$outputTokens{specifictrap}=1001;
$outputTokens{varbinds}="$inputTokens{date}:::$inputTokens{node}:::$inputTokens{desc}";
writeTo ("snmpout");
}
if ($severity) {
%outputTokens = ();
$outputTokens{Summary} = $inputTokens{desc};
$outputTokens{Node} = $inputTokens{node};
$outputTokens{Manager} = Looper Syslog;
$outputTokens{Identifier} = "$inputTokens{node}$inputTokens{desc}";
$outputTokens{Severity} = $severity;
writeTo ("netcoolout");
}
if ($mailto) {
%outputTokens = ();
$outputTokens{mailto} = $mailto;
$outputTokens{mailsubject} = "Alert received at $inputTokens{date}";
$outputTokens{mailbody} =
'Warning
' .
'Description: ' . $inputTokens{desc} . '
' .
'Date: ' . $inputTokens{date} . '
';
writeTo ("mailout");
}