Sendmail & Mailscanner (alternate)

[anTIDot]

work's for me
thanks
thanks
thanks

[africanw]

The import works fine. Does everyone get the graphs to work ok?

[warnesj]

I'm glad the import works. Sorry about that everyone. I've updated my original post to have the working Graph and Data Source templates.

Anyway, regarding the graph generation. Let troubleshoot this a step at a time.

1. I'm going to assume that everyone has added the required scripts to your mail servers and configured the SNMP daemon to run them (yianniska, I know you did from your post). If not, refer to the first post in this thread.

2. Has everyone had a chance to see if that part is working? A quick way to test is try and query that OID with an snmpget from your Cacti server. You should get a response similar to,

Code: Select all

[root@stu ~]# snmpget -v 2c -c {COMMUNITY STRING HERE} {IPADDR HERE} .1.3.6.1.4.100.5
SNMPv2-SMI::private.100.5 = Gauge32: 38

NOTE: The above example is using SNMP v2c. If you're using v1 or v3 your command line may be different.
The above example queried my number of recieved messages in the past 5 minutes OID, which would have run /opt/count_recv.sh.

3. If you are getting successful SNMP responses, have you created your Data Sources for each of the OIDs? If not, you need to create a seperate Data Source for each OID using the "SNMP - Generic OID Template" Template.

4. Once that is done you should be able to create a new graph using the "Sendmail + Mailscanner" Graph Template and reference the above data sources you created in step 3 for mess_recv, mess_sent, spam, and viruses.

This is my first attempt at an add-on, so I appologize that I didn't explain it very well.

[yianniska]

Everything seems to be working well except from spam!!
what i mean is:
when i try snmpget -v 2c -c public (ip number) .1.3.6.1.4.100.2
i got a value like
SNMPv2-SMI::private.100.2 = Gauge32: 41
but this value is not appearing in the graph!

an other strange thing is that. When i put to the

Supplemental Graph Template Data

Graph Item Fields
Data Source [mess_recv]-----> The data source of the snmp oid for the spam

the value is displayed. So in the graph i've got the number of spam messages instead of the number of received messages.

thanks again

[axioma]

hello,

i am new to awk, but i had a look at the scripts, and i wonder if we are looking at mails being sent (or recvd) five minutes ago, i mean exactly five minutes ago, and not since then.

because you are using:
if ($0 ~ search_time && $0 ~ search_sent) time_trigger = 1;

and search_time is strftime("%b %e %H:%M", systime() - 5 * 60)
so search_time could be: "Jun 9 03:09" and this scripts will only look for mails being sent that minute.

am i right or am i missing something?

[warnesj]

Everything seems to be working well except from spam!!
what i mean is:
when i try snmpget -v 2c -c public (ip number) .1.3.6.1.4.100.2
i got a value like
SNMPv2-SMI::private.100.2 = Gauge32: 41
but this value is not appearing in the graph!

an other strange thing is that. When i put to the

Supplemental Graph Template Data

Graph Item Fields
Data Source [mess_recv]-----> The data source of the snmp oid for the spam

the value is displayed. So in the graph i've got the number of spam messages instead of the number of received messages.

thanks again

That is really really really wierd. If SNMP is replying and you have an RRA being generated it should appear on the graph. Try just graphing the SPAM on a seperate graph altogether and see if it shows up.

hello,

i am new to awk, but i had a look at the scripts, and i wonder if we are looking at mails being sent (or recvd) five minutes ago, i mean exactly five minutes ago, and not since then.

because you are using:
if ($0 ~ search_time && $0 ~ search_sent) time_trigger = 1;

and search_time is strftime("%b %e %H:%M", systime() - 5 * 60)
so search_time could be: "Jun 9 03:09" and this scripts will only look for mails being sent that minute.

am i right or am i missing something?

Good question, and I think you may have found a flaw in my programming logic. The intention of that line was to have the time_trigger be set when we hit the -5 minute mark of the maillog file. The problem is that I added that stupid "&& $0 ~ search_sent" in there. I'm trying to remember why I did that and I can't think of a reason other than stupidity. But essentially by me adding that little extra bit in for the time_trigger to get set, if the email server doesn't process messages at least every minute then that time_trigger might not get set and the counters would never increase. Not so good.

So we may want to change that line to just,

Code: Select all

if ($0 ~ search_time) time_trigger = 1;

I'm trying to remember the reason why I added tha extra part, and I thought it was being sometime my maillog file doesn't have things in order. I don't know how that would happen, but I could have sworn that's why I added it. But if I would have thought about it for a second I would have realized, just as you did, that the "fix" is problematic.

I'll have to take some time and go over those files again and see if there is a better way for me to do that time_trigger search. Thanks for pointing that out.

[axioma]

So we may want to change that line to just,

Code: Select all

if ($0 ~ search_time) time_trigger = 1;

I'm trying to remember the reason why I added tha extra part, and I thought it was being sometime my maillog file doesn't have things in order. I don't know how that would happen, but I could have sworn that's why I added it. But if I would have thought about it for a second I would have realized, just as you did, that the "fix" is problematic.

I'll have to take some time and go over those files again and see if there is a better way for me to do that time_trigger search. Thanks for pointing that out.

thanks, i see now. once you hit the five minutes ago mark time_trigger is set to 1, and then the counters work. it sound good.
except for server with very low activity, if nothing happened five minutes ago, then time_trigger is not set to 1.
i am using this but only locally so i manage to use only one script, also i am using clamav and spamass-milter, i put this script:

http://www.guegue.com/~javier/cacti/mail_stats.sh.txt

in my cacti scripts dir, created the data source, graph template, etc, and it looks like the attached image.
i am currently not graphing (or counting) rejected (dnsbl) messages.

[warnesj]

Sweet mod and graph axioma! I'm glad it's working for you.

[wmcdonald]

Good question, and I think you may have found a flaw in my programming logic. The intention of that line was to have the time_trigger be set when we hit the -5 minute mark of the maillog file. The problem is that I added that stupid "&& $0 ~ search_sent" in there. I'm trying to remember why I did that and I can't think of a reason other than stupidity. But essentially by me adding that little extra bit in for the time_trigger to get set, if the email server doesn't process messages at least every minute then that time_trigger might not get set and the counters would never increase. Not so good.

So we may want to change that line to just,

Code: Select all

if ($0 ~ search_time) time_trigger = 1;

I'm trying to remember the reason why I added tha extra part, and I thought it was being sometime my maillog file doesn't have things in order. I don't know how that would happen, but I could have sworn that's why I added it. But if I would have thought about it for a second I would have realized, just as you did, that the "fix" is problematic.

I'll have to take some time and go over those files again and see if there is a better way for me to do that time_trigger search. Thanks for pointing that out.

Would converting the logtime and then carrying out a string comparison be preferable? This isn't the most elegant code but it seems to work.

Code: Select all

#!/bin/sh
#
# Modification of http://forums.cacti.net/about7830.html
#
# $Id: sent_mail.sh,v 1.1 2005/07/12 16:26:51 wmcdonald Exp wmcdonald $

logfile=/var/log/maillog

echo .1.3.6.1.4.100.6
echo gauge

tail -n 5000 ${logfile} | sed 's/\:/ /g' | awk '
BEGIN {
        start_time      = strftime( "%Y%m%d%H%M%S", systime() - 5 * 60 );
        year_run        = strftime( "%Y", systime() );
        # print "Start time: " start_time;
        # print "Year run: " year_run;

        search_sent = "stat=Sent";
        recv_count = 0;

        }

{

        if ( $1 == "Jan" ) logmonth = "01";
        if ( $1 == "Feb" ) logmonth = "02";
        if ( $1 == "Mar" ) logmonth = "03";
        if ( $1 == "Apr" ) logmonth = "04";
        if ( $1 == "May" ) logmonth = "05";
        if ( $1 == "Jun" ) logmonth = "06";
        if ( $1 == "Jul" ) logmonth = "07";
        if ( $1 == "Aug" ) logmonth = "08";
        if ( $1 == "Sep" ) logmonth = "09";
        if ( $1 == "Oct" ) logmonth = "10";
        if ( $1 == "Nov" ) logmonth = "11";
        if ( $1 == "Dec" ) logmonth = "12";

        logdayofmonth   = $2;
        loghour                 = $3;
        logminute               = $4;
        logsecond               = $5;

        logmessagetime  = year_run logmonth logdayofmonth loghour logminute logsecond;

        if ( logmessagetime >= start_time && $0 ~ search_sent )
        {
                recv_count++;
                # print "Start time: " start_time "\t Message time: " logmessagetime;
                # print $0;
        }

}

END { print recv_count; }'

exit

# vim:ts=4:sb:ai

Will.

[mwestern]

Hi,

I love this script. I'm a little stuck on step 3 of the troubleshooting the graph generation thread.

the statement in the first post:

Now all you need to do is setup Cacti to start querying the above SNMP OIDs and then graph them using the template.

and in the troubleshooting thread still left me a little lost

If you are getting successful SNMP responses, have you created your Data Sources for each of the OIDs? If not, you need to create a seperate Data Source for each OID using the "SNMP - Generic OID Template" Template.

in my host i already have Sendmail + Mailscanner being graphed and the only place that I can see the generic OID value is in the graph area.

'create a seperate data source for each OID' has lost me completely.

anybody help me out?

thanks
Matthew

[mwestern]

hi all,

i mucked around for a while and figured out how to add those OIDs into and then changed the graph template to use the ones i created manually.

i reckon someone needs to review the template and see if we can't make it a little easier to use.

should be able to import the template which has the OIDs inbuild and then voila, it works.. none of this manual stuff..

i'll have a crack and post it if i get it working...

matt

[warnesj]

I have a new version of the script that I've been working on. It's actually a whole re-write. As soon as I have the bugs (err...features) worked out I'll be sure to post a new version (soon!).

The new version should be a bit easier to setup.

[mwestern]

one last thing that would be nice would be a totals in text only in the graph similar to how the default network graphs have a in/out with total bandwidth.

i'm just taking a look at how that one does it and trying to put a totals in my spam one.

that way over the period of the graph it will show total send/recv/spam/viruses.

very good work tho.

keep it out.

regards
matthew

[mwestern]

hi,

anybody an expert on the bandwidth summation options?

i'm trying to sum each of the 4 data sources for printing on the graph same as the total bandwidth going thru.

if i read correctly in the manual i should be doing

Total Sent: |sum:0:current:0:auto|

sum
0 - for no decimal points
current - for only the current data source, not the total of the whole graph
0 - for no Mb/Kb etc
auto - makes the time period the length of the graph.

this gives me some numbers but sadly they are wildly out. my server has an average of 20 over the last 24 hours. when i total it gives me a total of slightly more than 800,000 messages which isn't right. should be more like 140k.

anybody got any ideas or would like to try to get this working on theirs to compare notes?

M

[mehal]

Am i missing something?

added what you said to /etc/snmp/snmp.conf

I try the test;
No such object available on this agent on this OID???

Please help.