Check MK
1. Prerequisites:
This section explains on how to integrate and ingest alerts from Check MK monitoring tool into CloudFabrix AIOPs platform.
Check MK (derived from Nagios Core) is a monitoring tool which supports alert notifications via email, slack, pagerduty, victorops or a script executing a command. CloudFabrix AIOPs platform uses webhook notification method using a script from Check MK monitoring tool to receive and ingest the alerts or events.
Click here for Alert Sources to create a Webhook URL for Check MK alert notifications in CloudFabrix OIA application.
Note: Under Alert Mapping section, use Nagios alert mapping configuration for Check MK alerts.
2.Configure Check MK for Alert notifications over a Webhook:
Step 1: Download the below scripts for both Host and Service type of alerts
For Host type alerts:
https://macaw-amer.s3.amazonaws.com/releases/OIA/scripts/webhook/cfx-host-webhook-notification.sh
For Service type alerts:
https://macaw-amer.s3.amazonaws.com/releases/OIA/scripts/webhook/cfx-service-webhook-notification.sh
Step 2: Copy the cfx-host-webhook-notification.sh and cfx-service-webhook-notification.sh script to Check MK system into the folder /omd/sites/
Step 3: Login into Check MK monitoring tool's machine using SSH CLI as root user and execute the below commands.
Step 4: Edit the scripts cfx-host-webhook-notification.sh & cfx-service-webhook-notification.sh and configure the below variables. Configure the CFX_WEBHOOK_URL variable with Webhook URL that was created under Alert Sources section in CloudFabrix OIA application.Configure CFX_WEBHOOK_USERNAME and CFX_WEBHOOK_PASSWORD variables if the Webhook is configured with HTTP authentication, otherwise, leave them empty.
CFX_WEBHOOK_URL="<cfx-webhook-url>"
CFX_WEBHOOK_USERNAME="<cfx-webhook-username-Optional>"
CFX_WEBHOOK_PASSWORD="<cfx-webhook-username-Optional>"
Step 5: Login into Check MK monitoring tool UI as a user which has admin privileges to configure the alert notifications.
Step 6: Under Setup menu, click on Users menu to create a new user for Check MK alert notifications.
Step 7: Click on Add button
Step 8: Enter username as cfx_notifications. Select appropriate sites under Authorized sites. Under Security section, select Automatic secret for machine accounts and generate a secret.
Select Disable password option to disable the login to this account. Select the roles as Normal monitoring user
Step 9: Commit the changes.
Step 10: Under Setup menu, click on Notifications menu to create configure alert notifications for both Host and Service type problems.
Step 11: Configure alert notifications for Host type problems.
Click on Add rule button.
Step 12: Enter the Description as cfx_host_notification.
Select Notification Method as cfx-host-webhook-notification.sh from the drop down menu.
Under Contact selection section, select cfx_notifications user that was created to enable the alert notification.
Select appropriate Sites to enable the alert notification.
Step 13: For Match host event type option, select appropriate options as shown below. Click on Save button to save the alert notification rule.
Step 14: Configure alert notifications for Service type problems.
Click on Add rule button.
Enter the Description as cfx_service_notification.
Select Notification Method as cfx-service-webhook-notification.sh from the drop down menu.
Under Contact selection section, select cfx_notifications user that was created to enable the alert notification.
Select appropriate Sites to enable the alert notification.
Step 15: For Match service event type option, select appropriate options as shown below. Click on Save button to save the alert notification rule.
Below is the Alert Filed mapping table (for information only) between Check MK alert notification fields and CloudFabrix OIA's common data model fields for Alerts.
Check MK Alert Field | CloudFabrix OIA Alert Field |
---|---|
Alert_NotificationType | alertType |
Alert_Nagios_SourceType | Determines whether source alert is from Host or Service type |
Alert_ServiceNotificationId / Alert_HostNotificationId | key (Service/Host) |
Alert_ServiceDescription /Alert_ServiceOutput | message (Service) |
Alert_HostName | assetName |
Alert_HostAddress | assetIpAddress |
Alert_Nagios_SourceType | assetType |
Alert_HostState /Alert_HostAddress (or) Alert_HostOutput | message (Host) |
Alert_DateTime | raisedAt / clearedAt |
Alert_ServiceState/Alert_HostState | severity (Service/Host) |