glenpp / cacti-uloganalyser Goto Github PK
View Code? Open in Web Editor NEWCacti Templates, data collection with Universal Loganalyser and plugins via SNMP
License: GNU General Public License v2.0
cacti-uloganalyser's People
Contributors
Stargazers
Watchers
cacti-uloganalyser's Issues
Deferral reasons: postfix-loganalyser 20171016
hi,
another one:
/etc/snmp/uloganalyser-plugin/postfix.pm:549 version 20171016
postfix/smtp[\d+]:\s*44D3B1200BE: to=<.+>, relay=[\w.-]+[[\w.:]+]:25, delay=910, delays=908/0.01/1.2/0.56, dsn=4.2.0, status=deferred (host [\w.-]+[[\w.:]+] said: 450 4.2.0 <.+>: Recipient address rejected: temporary server error (in reply to RCPT TO command))"
/etc/snmp/uloganalyser-plugin/postfix.pm:550 version 20171016
$message: "<.+>: Recipient address rejected: temporary server error (in reply to RCPT TO command)"
thanks for adding
Support ClamSMTP
Hi, thanks for your scripts, i've been using them for years! =)
I had a look at them again today because i upgraded my Cacti, and i noticed that you added OpenDKIM and ClamAV support - but ClamAV only via milter.
Could you add support for ClamSMTP? An example log message would look like this (the rest should be pretty identical to clamav-milter, i guess)
Feb 5 21:12:06 hades clamsmtpd: 10000D: [email protected], [email protected], status=VIRUS:Eicar-Test-Signature
spamd_other in Cacti template
There is a datasource 'spamd_other' mentioned in the spamd cacti template, which doesn't seem to be really used.
Deferral reasons: postfix-loganalyser 20170723
/etc/snmp/uloganalyser-plugin/postfix.pm:548 version 20170723
postfix/smtp[\d+]:\s*B429E1200BF: to=<.+>, relay=[\w.-]+[[\w.:]+]:25, delay=461, delays=456/0.01/4.3/0.2, dsn=4.0.0, status=deferred (host [\w.-]+[[\w.:]+] said: 452 Too many recipients received from the sender (in reply to RCPT TO command))"
/etc/snmp/uloganalyser-plugin/postfix.pm:549 version 20170723
$message: "Too many recipients received from the sender (in reply to RCPT TO command)"
RRA / RRD files not created in Cacti 1.0
My Cacti was complaining that there were no RRAs for new graphs, and i wouldn't create them either. While investigating this issue i noticed that there were also no Data Source Templates for those Data Sources, even though they were being referenced.
My solution was to go to each Data Source that it complained about, click "Edit Data Template" and then save that template, et voilá, they showed up in the Data Source Templates list and everything started to work.
Can't import templates on cacti 1.1.30
Hello!
I using cacti 1.1.30 and I can't import templates, I have no error messages or feedback when I try it.
Is there anything I need to do?
Thanks.
No rrd file created after executed poller (cacti 1.2.5)
When I add graph of interfaces for new added device , I got the error message below , and there isn't any rrd file created:
CMDPHP PHP ERROR WARNING Backtrace: (/graph.php[538]:rrdtool_function_graph(), /lib/rrd.php[1527]:variable_nth_percentile(), /lib/graph_variables.php[432]:nth_percentile(), /lib/graph_variables.php[33]:json_decode(), CactiErrorHandler())
2019/08/23 23:54:10 - ERROR PHP WARNING: json_decode() expects parameter 1 to be string, array given in file: /var/www/html/cacti/lib/graph_variables.php on line: 33
2019/08/23 23:54:10 - CMDPHP PHP ERROR NOTICE Backtrace: (/graph.php[538]:rrdtool_function_graph(), /lib/rrd.php[1527]:variable_nth_percentile(), /lib/graph_variables.php[432]:nth_percentile(), /lib/graph_variables.php[33]:rrdtool_function_stats(), /lib/graph_variables.php[103]:CactiErrorHandler())
2019/08/23 23:54:10 - ERROR PHP NOTICE: Undefined offset: 152 in file: /var/www/html/cacti/lib/graph_variables.php on line: 103
2019/08/23 23:54:10 - CMDPHP PHP ERROR NOTICE Backtrace: (/graph.php[538]:rrdtool_function_graph(), /lib/rrd.php[1527]:variable_nth_percentile(), /lib/graph_variables.php[432]:nth_percentile(), /lib/graph_variables.php[33]:rrdtool_function_stats(), /lib/graph_variables.php[84]:CactiErrorHandler())
2019/08/23 23:54:10 - ERROR PHP NOTICE: Undefined variable: fetch_array in file: /var/www/html/cacti/lib/graph_variables.php on line: 84
Does anyone met this before ?
/bin/rrdtool graph -
--imgformat=PNG
--start='-86400'
--end='-300'
--pango-markup
--title='04AC15-WORK-SWITCH - Traffic - F131 '
--vertical-label='bits per second'
--slope-mode
--base=1000
--height=200
--width=700
--rigid
--alt-autoscale-max
--lower-limit='0'
COMMENT:"From 2019/08/23 00:15:24 To 2019/08/24 00:10:24\c"
COMMENT:" \n"
--color BACK#F3F3F3
--color CANVAS#FDFDFD
--color SHADEA#CBCBCB
--color SHADEB#999999
--color FONT#000000
--color AXIS#2C4D43
--color ARROW#2C4D43
--color FRAME#2C4D43
--border 1 --font TITLE:11:'Arial'
--font AXIS:8:'Arial'
--font LEGEND:8:'Courier'
--font UNIT:8:'Arial'
--font WATERMARK:6:'Arial'
--slope-mode
--watermark 'Generated by Cacti®'
DEF:a='/var/www/html/cacti/rra/04ac15-work-switch_traffic_in_152.rrd':'traffic_in':AVERAGE
DEF:b='/var/www/html/cacti/rra/04ac15-work-switch_traffic_in_152.rrd':'traffic_out':AVERAGE
CDEF:cdefa='a,8,'
CDEF:cdeff='b,8,'
LINE1:cdefa#00CF00FF:
AREA:cdefa#00CF007F:'Inbound '
GPRINT:cdefa:LAST:'Current:%8.2lf %s'
GPRINT:cdefa:AVERAGE:'Average:%8.2lf %s'
GPRINT:cdefa:MAX:'Maximum:%8.2lf %s\n'
LINE1:cdeff#002A97FF:
AREA:cdeff#002A977F:'Outbound'
GPRINT:cdeff:LAST:'Current:%8.2lf %s'
GPRINT:cdeff:AVERAGE:'Average:%8.2lf %s'
GPRINT:cdeff:MAX:'Maximum:%8.2lf %s\n'
COMMENT:' \n'
HRULE:0#FF0000FF:'95th Percentile'
COMMENT:'(0 mbit in+out)'
RRDtool Says:
ERROR: opening '/var/www/html/cacti/rra/04ac15-work-switch_traffic_in_152.rrd': no such file or directory .
Deferral reasons: postfix-loganalyser 20171016
hi,
another one. please add. thanks
/etc/snmp/uloganalyser-plugin/postfix.pm:549 version 20171016
postfix/smtp[\d+]:\s*56F471200C7: to=<.+>, relay=[\w.-]+[[\w.:]+]:25, delay=2.7, delays=0.02/0.01/2/0.76, dsn=4.3.0, status=deferred (host [\w.-]+[[\w.:]+] said: 451 4.3.0 error in error handling (in reply to end of DATA command))"
/etc/snmp/uloganalyser-plugin/postfix.pm:550 version 20171016
$message: "error in error handling (in reply to end of DATA command)"
Dovecot plugin failed login are not parsed correctly
The dovecot plugin auth section is not parsing correctly failed login.
Everything is tag under dovecot:auth:disallowedchar instead of unknow user and password mismatch.
Log sample
May 30 10:28:00 machinenamesvr01 dovecot: auth-worker(15299): sql([email protected],123.123.123.123,<jQRvKG1tzuWuW+tI>): unknown user
May 30 10:28:52 machinenamesvr01 dovecot: pop3-login: Disconnected (auth failed, 1 attempts in 52 secs): user=[email protected], method=PLAIN, rip=123.123.123.123, lip=321.321.321.321, session=<jQRvKG1tzuWuW+tI>
May 30 10:29:00 machinenamesvr01 dovecot: auth-worker(15299): sql([email protected],123.123.123.123,<39ACLG1t0OWuW+tI>): unknown user
May 30 10:29:09 machinenamesvr01 dovecot: pop3-login: Disconnected (auth failed, 1 attempts in 9 secs): user=[email protected], method=PLAIN, rip=123.123.123.123, lip=321.321.321.321, session=<39ACLG1t0OWuW+tI>
May 30 10:30:00 machinenamesvr01 dovecot: auth-worker(15299): sql([email protected],123.123.123.123,<6GqWL21t0eWuW+tI>): unknown user
May 30 10:30:52 machinenamesvr01 dovecot: pop3-login: Disconnected (auth failed, 1 attempts in 52 secs): user=[email protected], method=PLAIN, rip=123.123.123.123, lip=321.321.321.321, session=<6GqWL21t0eWuW+tI>
May 30 10:31:00 machinenamesvr01 dovecot: auth-worker(15299): sql([email protected],123.123.123.123,<gDEqM21t0uWuW+tI>): unknown user
May 30 10:31:52 machinenamesvr01 dovecot: pop3-login: Disconnected (auth failed, 1 attempts in 52 secs): user=[email protected], method=PLAIN, rip=123.123.123.123, lip=321.321.321.321, session=<gDEqM21t0uWuW+tI>
May 30 10:32:00 machinenamesvr01 dovecot: auth-worker(15299): sql([email protected],123.123.123.123,<XgO+Nm1t0+WuW+tI>): unknown user
May 30 10:32:37 machinenamesvr01 dovecot: pop3-login: Disconnected (auth failed, 1 attempts in 37 secs): user=[email protected], method=PLAIN, rip=123.123.123.123, lip=321.321.321.321, session=<XgO+Nm1t0+WuW+tI>
May 30 10:33:00 machinenamesvr01 dovecot: auth-worker(15299): sql([email protected],123.123.123.123,<xsxROm1t1eWuW+tI>): unknown user
May 30 10:33:52 machinenamesvr01 dovecot: pop3-login: Disconnected (auth failed, 1 attempts in 52 secs): user=[email protected], method=PLAIN, rip=123.123.123.123, lip=321.321.321.321, session=<xsxROm1t1eWuW+tI>
May 30 10:34:00 machinenamesvr01 dovecot: auth-worker(15299): sql([email protected],123.123.123.123,<l33lPW1t1uWuW+tI>): unknown user
May 30 10:34:52 machinenamesvr01 dovecot: pop3-login: Disconnected (auth failed, 1 attempts in 52 secs): user=[email protected], method=PLAIN, rip=123.123.123.123, lip=321.321.321.321, session=<l33lPW1t1uWuW+tI>
May 30 10:35:00 machinenamesvr01 dovecot: auth-worker(15299): sql([email protected],123.123.123.123,<jEJ5QW1t1+WuW+tI>): unknown user
May 30 10:35:52 machinenamesvr01 dovecot: pop3-login: Disconnected (auth failed, 1 attempts in 52 secs): user=[email protected], method=PLAIN, rip=123.123.123.123, lip=321.321.321.321, session=<jEJ5QW1t1+WuW+tI>
May 30 10:50:26 machinenamesvr01 dovecot: auth-worker(15299): sql([email protected],123.123.123.123,): Password mismatch
May 30 10:50:28 machinenamesvr01 dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 17 secs): user=[email protected], method=PLAIN, rip=123.123.123.123, lip=321.321.321.321, session=
May 30 10:50:43 machinenamesvr01 dovecot: auth-worker(15299): sql([email protected],123.123.123.123,<Z0HJeG1tY/ltSAGL>): Password mismatch
May 30 10:50:45 machinenamesvr01 dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 17 secs): user=[email protected], method=PLAIN, rip=123.123.123.123, lip=321.321.321.321, session=<Z0HJeG1tY/ltSAGL>
May 30 10:51:00 machinenamesvr01 dovecot: auth-worker(15299): sql([email protected],123.123.123.123,): Password mismatch
May 30 10:51:02 machinenamesvr01 dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 17 secs): user=[email protected], method=PLAIN, rip=123.123.123.123, lip=321.321.321.321, session=
May 30 10:51:17 machinenamesvr01 dovecot: auth-worker(15299): sql([email protected],123.123.123.123,): Password mismatch
May 30 10:51:19 machinenamesvr01 dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 17 secs): user=[email protected], method=PLAIN, rip=123.123.123.123, lip=321.321.321.321, session=
May 30 10:51:34 machinenamesvr01 dovecot: auth-worker(15299): sql([email protected],123.123.123.123,): Password mismatch
May 30 10:51:36 machinenamesvr01 dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 17 secs): user=[email protected], method=PLAIN, rip=123.123.123.123, lip=321.321.321.321, session=
May 30 10:51:51 machinenamesvr01 dovecot: auth-worker(15299): sql([email protected],123.123.123.123,): Password mismatch
May 30 10:51:53 machinenamesvr01 dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 17 secs): user=[email protected], method=PLAIN, rip=123.123.123.123, lip=321.321.321.321, session=
Unrecognized postfix log entires
No idea what is happening here:
/etc/snmp/uloganalyser-plugin/postfix.pm 20160718:237 /var/log/mail.log:9412 unknown: Aug 17 15:17:45 mailhost postfix/smtpd[4935]: NOQUEUE: client=domain.example[123.123.123.123]
Message passed through local proxy (smtpd):
/etc/snmp/uloganalyser-plugin/postfix.pm 20160718:298 /var/log/mail.log:9419 unknown: Aug 17 15:17:46 mailhost postfix/smtpd[4935]: proxy-accept: END-OF-MESSAGE: 250 2.0.0 Ok: queued as C13124A33421; from=[email protected] to=[email protected] proto=ESMTP helo=<server.net>
Message to local mailman:
/etc/snmp/uloganalyser-plugin/postfix.pm 20160718:598 /var/log/mail.log:8991 unknown: Aug 17 14:21:09 mailhost postfix/pipe[18901]: CEA503A4170A: to=[email protected], relay=mailman, delay=0.16, delays=0.08/0/0/0.08, dsn=2.0.0, status=sent (delivered via mailman service)
TLS connection that is verified with local tls_policy:
/etc/snmp/uloganalyser-plugin/postfix.pm 20160718:567 /var/log/mail.log:7635 unknown: Aug 17 13:00:09 mailhost postfix/smtp[25627]: Verified TLS connection established to sever.net[123.123.123.123]:25: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
Unrecognized postfix log entires - greylist
hi,
got this
/etc/snmp/uloganalyser-plugin/postfix.pm:547 version 20161220
postfix/smtp\[\d+\]:\s*867F51200BD: to=<.+>, relay=[\w\.\-]+\[[\w\.:]+\]:25, delay=3.3, delays=2.7/0.01/0.45/0.13, dsn=4.0.0, status=deferred (host [\w\.\-]+\[[\w\.:]+\] said: 457 Greylisted, please come back later. (in reply to RCPT TO command))"
/etc/snmp/uloganalyser-plugin/postfix.pm:548 version 20161220
$message: ""
and
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.