glenpp / cacti-uloganalyser Goto Github PK
View Code? Open in Web Editor NEWCacti Templates, data collection with Universal Loganalyser and plugins via SNMP
License: GNU General Public License v2.0
Cacti Templates, data collection with Universal Loganalyser and plugins via SNMP
License: GNU General Public License v2.0
hi,
another one:
/etc/snmp/uloganalyser-plugin/postfix.pm:549 version 20171016
postfix/smtp[\d+]:\s*44D3B1200BE: to=<.+>, relay=[\w.-]+[[\w.:]+]:25, delay=910, delays=908/0.01/1.2/0.56, dsn=4.2.0, status=deferred (host [\w.-]+[[\w.:]+] said: 450 4.2.0 <.+>: Recipient address rejected: temporary server error (in reply to RCPT TO command))"
/etc/snmp/uloganalyser-plugin/postfix.pm:550 version 20171016
$message: "<.+>: Recipient address rejected: temporary server error (in reply to RCPT TO command)"
thanks for adding
Hi, thanks for your scripts, i've been using them for years! =)
I had a look at them again today because i upgraded my Cacti, and i noticed that you added OpenDKIM and ClamAV support - but ClamAV only via milter.
Could you add support for ClamSMTP? An example log message would look like this (the rest should be pretty identical to clamav-milter, i guess)
Feb 5 21:12:06 hades clamsmtpd: 10000D: [email protected], [email protected], status=VIRUS:Eicar-Test-Signature
There is a datasource 'spamd_other' mentioned in the spamd cacti template, which doesn't seem to be really used.
/etc/snmp/uloganalyser-plugin/postfix.pm:548 version 20170723
postfix/smtp[\d+]:\s*B429E1200BF: to=<.+>, relay=[\w.-]+[[\w.:]+]:25, delay=461, delays=456/0.01/4.3/0.2, dsn=4.0.0, status=deferred (host [\w.-]+[[\w.:]+] said: 452 Too many recipients received from the sender (in reply to RCPT TO command))"
/etc/snmp/uloganalyser-plugin/postfix.pm:549 version 20170723
$message: "Too many recipients received from the sender (in reply to RCPT TO command)"
My Cacti was complaining that there were no RRAs for new graphs, and i wouldn't create them either. While investigating this issue i noticed that there were also no Data Source Templates for those Data Sources, even though they were being referenced.
My solution was to go to each Data Source that it complained about, click "Edit Data Template" and then save that template, et voilá, they showed up in the Data Source Templates list and everything started to work.
Hello!
I using cacti 1.1.30 and I can't import templates, I have no error messages or feedback when I try it.
Is there anything I need to do?
Thanks.
When I add graph of interfaces for new added device , I got the error message below , and there isn't any rrd file created:
2019/08/23 23:54:10 - ERROR PHP WARNING: json_decode() expects parameter 1 to be string, array given in file: /var/www/html/cacti/lib/graph_variables.php on line: 33
2019/08/23 23:54:10 - CMDPHP PHP ERROR NOTICE Backtrace: (/graph.php[538]:rrdtool_function_graph(), /lib/rrd.php[1527]:variable_nth_percentile(), /lib/graph_variables.php[432]:nth_percentile(), /lib/graph_variables.php[33]:rrdtool_function_stats(), /lib/graph_variables.php[103]:CactiErrorHandler())
2019/08/23 23:54:10 - ERROR PHP NOTICE: Undefined offset: 152 in file: /var/www/html/cacti/lib/graph_variables.php on line: 103
2019/08/23 23:54:10 - CMDPHP PHP ERROR NOTICE Backtrace: (/graph.php[538]:rrdtool_function_graph(), /lib/rrd.php[1527]:variable_nth_percentile(), /lib/graph_variables.php[432]:nth_percentile(), /lib/graph_variables.php[33]:rrdtool_function_stats(), /lib/graph_variables.php[84]:CactiErrorHandler())
2019/08/23 23:54:10 - ERROR PHP NOTICE: Undefined variable: fetch_array in file: /var/www/html/cacti/lib/graph_variables.php on line: 84
Does anyone met this before ?
/bin/rrdtool graph -
--imgformat=PNG
--start='-86400'
--end='-300'
--pango-markup
--title='04AC15-WORK-SWITCH - Traffic - F131 '
--vertical-label='bits per second'
--slope-mode
--base=1000
--height=200
--width=700
--rigid
--alt-autoscale-max
--lower-limit='0'
COMMENT:"From 2019/08/23 00:15:24 To 2019/08/24 00:10:24\c"
COMMENT:" \n"
--color BACK#F3F3F3
--color CANVAS#FDFDFD
--color SHADEA#CBCBCB
--color SHADEB#999999
--color FONT#000000
--color AXIS#2C4D43
--color ARROW#2C4D43
--color FRAME#2C4D43
--border 1 --font TITLE:11:'Arial'
--font AXIS:8:'Arial'
--font LEGEND:8:'Courier'
--font UNIT:8:'Arial'
--font WATERMARK:6:'Arial'
--slope-mode
--watermark 'Generated by Cacti®'
DEF:a='/var/www/html/cacti/rra/04ac15-work-switch_traffic_in_152.rrd':'traffic_in':AVERAGE
DEF:b='/var/www/html/cacti/rra/04ac15-work-switch_traffic_in_152.rrd':'traffic_out':AVERAGE
CDEF:cdefa='a,8,'
CDEF:cdeff='b,8,'
LINE1:cdefa#00CF00FF:
AREA:cdefa#00CF007F:'Inbound '
GPRINT:cdefa:LAST:'Current:%8.2lf %s'
GPRINT:cdefa:AVERAGE:'Average:%8.2lf %s'
GPRINT:cdefa:MAX:'Maximum:%8.2lf %s\n'
LINE1:cdeff#002A97FF:
AREA:cdeff#002A977F:'Outbound'
GPRINT:cdeff:LAST:'Current:%8.2lf %s'
GPRINT:cdeff:AVERAGE:'Average:%8.2lf %s'
GPRINT:cdeff:MAX:'Maximum:%8.2lf %s\n'
COMMENT:' \n'
HRULE:0#FF0000FF:'95th Percentile'
COMMENT:'(0 mbit in+out)'
RRDtool Says:
ERROR: opening '/var/www/html/cacti/rra/04ac15-work-switch_traffic_in_152.rrd': no such file or directory .
hi,
another one. please add. thanks
/etc/snmp/uloganalyser-plugin/postfix.pm:549 version 20171016
postfix/smtp[\d+]:\s*56F471200C7: to=<.+>, relay=[\w.-]+[[\w.:]+]:25, delay=2.7, delays=0.02/0.01/2/0.76, dsn=4.3.0, status=deferred (host [\w.-]+[[\w.:]+] said: 451 4.3.0 error in error handling (in reply to end of DATA command))"
/etc/snmp/uloganalyser-plugin/postfix.pm:550 version 20171016
$message: "error in error handling (in reply to end of DATA command)"
The dovecot plugin auth section is not parsing correctly failed login.
Everything is tag under dovecot:auth:disallowedchar instead of unknow user and password mismatch.
Log sample
May 30 10:28:00 machinenamesvr01 dovecot: auth-worker(15299): sql([email protected],123.123.123.123,<jQRvKG1tzuWuW+tI>): unknown user
May 30 10:28:52 machinenamesvr01 dovecot: pop3-login: Disconnected (auth failed, 1 attempts in 52 secs): user=[email protected], method=PLAIN, rip=123.123.123.123, lip=321.321.321.321, session=<jQRvKG1tzuWuW+tI>
May 30 10:29:00 machinenamesvr01 dovecot: auth-worker(15299): sql([email protected],123.123.123.123,<39ACLG1t0OWuW+tI>): unknown user
May 30 10:29:09 machinenamesvr01 dovecot: pop3-login: Disconnected (auth failed, 1 attempts in 9 secs): user=[email protected], method=PLAIN, rip=123.123.123.123, lip=321.321.321.321, session=<39ACLG1t0OWuW+tI>
May 30 10:30:00 machinenamesvr01 dovecot: auth-worker(15299): sql([email protected],123.123.123.123,<6GqWL21t0eWuW+tI>): unknown user
May 30 10:30:52 machinenamesvr01 dovecot: pop3-login: Disconnected (auth failed, 1 attempts in 52 secs): user=[email protected], method=PLAIN, rip=123.123.123.123, lip=321.321.321.321, session=<6GqWL21t0eWuW+tI>
May 30 10:31:00 machinenamesvr01 dovecot: auth-worker(15299): sql([email protected],123.123.123.123,<gDEqM21t0uWuW+tI>): unknown user
May 30 10:31:52 machinenamesvr01 dovecot: pop3-login: Disconnected (auth failed, 1 attempts in 52 secs): user=[email protected], method=PLAIN, rip=123.123.123.123, lip=321.321.321.321, session=<gDEqM21t0uWuW+tI>
May 30 10:32:00 machinenamesvr01 dovecot: auth-worker(15299): sql([email protected],123.123.123.123,<XgO+Nm1t0+WuW+tI>): unknown user
May 30 10:32:37 machinenamesvr01 dovecot: pop3-login: Disconnected (auth failed, 1 attempts in 37 secs): user=[email protected], method=PLAIN, rip=123.123.123.123, lip=321.321.321.321, session=<XgO+Nm1t0+WuW+tI>
May 30 10:33:00 machinenamesvr01 dovecot: auth-worker(15299): sql([email protected],123.123.123.123,<xsxROm1t1eWuW+tI>): unknown user
May 30 10:33:52 machinenamesvr01 dovecot: pop3-login: Disconnected (auth failed, 1 attempts in 52 secs): user=[email protected], method=PLAIN, rip=123.123.123.123, lip=321.321.321.321, session=<xsxROm1t1eWuW+tI>
May 30 10:34:00 machinenamesvr01 dovecot: auth-worker(15299): sql([email protected],123.123.123.123,<l33lPW1t1uWuW+tI>): unknown user
May 30 10:34:52 machinenamesvr01 dovecot: pop3-login: Disconnected (auth failed, 1 attempts in 52 secs): user=[email protected], method=PLAIN, rip=123.123.123.123, lip=321.321.321.321, session=<l33lPW1t1uWuW+tI>
May 30 10:35:00 machinenamesvr01 dovecot: auth-worker(15299): sql([email protected],123.123.123.123,<jEJ5QW1t1+WuW+tI>): unknown user
May 30 10:35:52 machinenamesvr01 dovecot: pop3-login: Disconnected (auth failed, 1 attempts in 52 secs): user=[email protected], method=PLAIN, rip=123.123.123.123, lip=321.321.321.321, session=<jEJ5QW1t1+WuW+tI>
May 30 10:50:26 machinenamesvr01 dovecot: auth-worker(15299): sql([email protected],123.123.123.123,): Password mismatch
May 30 10:50:28 machinenamesvr01 dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 17 secs): user=[email protected], method=PLAIN, rip=123.123.123.123, lip=321.321.321.321, session=
May 30 10:50:43 machinenamesvr01 dovecot: auth-worker(15299): sql([email protected],123.123.123.123,<Z0HJeG1tY/ltSAGL>): Password mismatch
May 30 10:50:45 machinenamesvr01 dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 17 secs): user=[email protected], method=PLAIN, rip=123.123.123.123, lip=321.321.321.321, session=<Z0HJeG1tY/ltSAGL>
May 30 10:51:00 machinenamesvr01 dovecot: auth-worker(15299): sql([email protected],123.123.123.123,): Password mismatch
May 30 10:51:02 machinenamesvr01 dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 17 secs): user=[email protected], method=PLAIN, rip=123.123.123.123, lip=321.321.321.321, session=
May 30 10:51:17 machinenamesvr01 dovecot: auth-worker(15299): sql([email protected],123.123.123.123,): Password mismatch
May 30 10:51:19 machinenamesvr01 dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 17 secs): user=[email protected], method=PLAIN, rip=123.123.123.123, lip=321.321.321.321, session=
May 30 10:51:34 machinenamesvr01 dovecot: auth-worker(15299): sql([email protected],123.123.123.123,): Password mismatch
May 30 10:51:36 machinenamesvr01 dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 17 secs): user=[email protected], method=PLAIN, rip=123.123.123.123, lip=321.321.321.321, session=
May 30 10:51:51 machinenamesvr01 dovecot: auth-worker(15299): sql([email protected],123.123.123.123,): Password mismatch
May 30 10:51:53 machinenamesvr01 dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 17 secs): user=[email protected], method=PLAIN, rip=123.123.123.123, lip=321.321.321.321, session=
No idea what is happening here:
/etc/snmp/uloganalyser-plugin/postfix.pm 20160718:237 /var/log/mail.log:9412 unknown: Aug 17 15:17:45 mailhost postfix/smtpd[4935]: NOQUEUE: client=domain.example[123.123.123.123]
Message passed through local proxy (smtpd):
/etc/snmp/uloganalyser-plugin/postfix.pm 20160718:298 /var/log/mail.log:9419 unknown: Aug 17 15:17:46 mailhost postfix/smtpd[4935]: proxy-accept: END-OF-MESSAGE: 250 2.0.0 Ok: queued as C13124A33421; from=[email protected] to=[email protected] proto=ESMTP helo=<server.net>
Message to local mailman:
/etc/snmp/uloganalyser-plugin/postfix.pm 20160718:598 /var/log/mail.log:8991 unknown: Aug 17 14:21:09 mailhost postfix/pipe[18901]: CEA503A4170A: to=[email protected], relay=mailman, delay=0.16, delays=0.08/0/0/0.08, dsn=2.0.0, status=sent (delivered via mailman service)
TLS connection that is verified with local tls_policy:
/etc/snmp/uloganalyser-plugin/postfix.pm 20160718:567 /var/log/mail.log:7635 unknown: Aug 17 13:00:09 mailhost postfix/smtp[25627]: Verified TLS connection established to sever.net[123.123.123.123]:25: TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)
hi,
got this
/etc/snmp/uloganalyser-plugin/postfix.pm:547 version 20161220
postfix/smtp\[\d+\]:\s*867F51200BD: to=<.+>, relay=[\w\.\-]+\[[\w\.:]+\]:25, delay=3.3, delays=2.7/0.01/0.45/0.13, dsn=4.0.0, status=deferred (host [\w\.\-]+\[[\w\.:]+\] said: 457 Greylisted, please come back later. (in reply to RCPT TO command))"
/etc/snmp/uloganalyser-plugin/postfix.pm:548 version 20161220
$message: ""
and
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.