IronPort C10 Mail & Spam Appliance
Moderators: Developers, Moderators
-
- Cacti User
- Posts: 234
- Joined: Mon Dec 13, 2004 3:03 pm
I have made a few changes to the templates and cleaned a few bits and pieces up. I'm posting the python script (unchanged) and the host template in this post. I use M1050/X1050 appliances so I made changes to reflect the differences when using this hardware. Here is a list of changes I made:
1. On the M1050/X1050 there is no CPU temperature, only ambient temperature. Having worked with Dell 2950's before I know this is the case from a hardware perspective (at least looking via OpenManage). The CPU OID still exists, but it's actually the Ambient temperature now. I changed this in the template and removed the CPU temperature completely.
2. I removed the 5 minute Cisco CPU graph/data template from the host template. These units do not provide this information via SNMP from what I can see.
3. I removed the "Legend Color" from the following:
Ironport Ambient Temp
Ironport CPU Usage
Ironport Disk I/O
Ironport Mail Transfer Threads
Ironport Memory Usage
Ironport Messages in Work Queue
Ironport Open Files/Sockets
Ironport Queue Util
I didn't really see a purpose behind selecting colors for each of these for every device you add. Now when you add a device, you are no longer prompted for color choices. It's easy enough to change these at the template level.
4. I renamed all the Graph Item Input Data Source names in the graph templates to have more meaningful names
5. I changed the Data Input Method "Check ESA" to "Check ESA (IronPort)" and changed the Input string to include "-u USERNAME" This is well documented in the script but I felt like including it by default, instead of encouraging people to use the Admin account. I strongly encourage anyone that's planning on using this to create a monitoring account with minimal privileges (guest works!)
6. The user who originally exported these templates had made modifications to the default Interface - Traffic graph templates. When importing this host template those changes came along with it (some sort of red line on the graphs). I created this host template with an un-modified Interface Traffic template so this change will not occur when importing the new host template.
I think that's about it. Please let me know if you experience any problems.
1. On the M1050/X1050 there is no CPU temperature, only ambient temperature. Having worked with Dell 2950's before I know this is the case from a hardware perspective (at least looking via OpenManage). The CPU OID still exists, but it's actually the Ambient temperature now. I changed this in the template and removed the CPU temperature completely.
2. I removed the 5 minute Cisco CPU graph/data template from the host template. These units do not provide this information via SNMP from what I can see.
3. I removed the "Legend Color" from the following:
Ironport Ambient Temp
Ironport CPU Usage
Ironport Disk I/O
Ironport Mail Transfer Threads
Ironport Memory Usage
Ironport Messages in Work Queue
Ironport Open Files/Sockets
Ironport Queue Util
I didn't really see a purpose behind selecting colors for each of these for every device you add. Now when you add a device, you are no longer prompted for color choices. It's easy enough to change these at the template level.
4. I renamed all the Graph Item Input Data Source names in the graph templates to have more meaningful names
5. I changed the Data Input Method "Check ESA" to "Check ESA (IronPort)" and changed the Input string to include "-u USERNAME" This is well documented in the script but I felt like including it by default, instead of encouraging people to use the Admin account. I strongly encourage anyone that's planning on using this to create a monitoring account with minimal privileges (guest works!)
6. The user who originally exported these templates had made modifications to the default Interface - Traffic graph templates. When importing this host template those changes came along with it (some sort of red line on the graphs). I created this host template with an un-modified Interface Traffic template so this change will not occur when importing the new host template.
I think that's about it. Please let me know if you experience any problems.
- Attachments
-
- cacti_host_template_ironport_-_email_security_appliance-NEW.xml
- New Version of the IronPort Email Security Appliance Host template
- (272.16 KiB) Downloaded 4056 times
-
- cacti_check_esa.py.tgz
- Original cacti_check_esa.py script
- (1.11 KiB) Downloaded 3667 times
- gandalf
- Developer
- Posts: 22383
- Joined: Thu Dec 02, 2004 2:46 am
- Location: Muenster, Germany
- Contact:
That indeed eases support to a great extendeschoeller wrote:6. The user who originally exported these templates had made modifications to the default Interface - Traffic graph templates. When importing this host template those changes came along with it (some sort of red line on the graphs). I created this host template with an un-modified Interface Traffic template so this change will not occur when importing the new host template.
Reinhard
I've just deployed the new template and Python script with success.
It's 2AM here in Perth so I'm going to head to bed and when I wake up there'll be more pretty graphs to look at.
Thanks to everyone involved with these templates - it's very much appreciated.
It's 2AM here in Perth so I'm going to head to bed and when I wake up there'll be more pretty graphs to look at.
Thanks to everyone involved with these templates - it's very much appreciated.
Matt Lambie
Chief Information Officer
THE FRONTIER GROUP
Chief Information Officer
THE FRONTIER GROUP
-
- Cacti User
- Posts: 234
- Joined: Mon Dec 13, 2004 3:03 pm
Thanks for the feedback, and I hope you're getting some good data by now. Our appliances went into production on Tuesday so I now have some data to play with. I am considering creating some new graph templates that create a better summary of Bounces, Messages and Recipients. Currently I think there are too many individual graphs. I may just use the aggregate plugin to create these, but If not, I'll post my changes again.
Any progress on the S650 Web Appliance?
[b]Cacti Version - 0.8.7b[/b]
Plugin Architecture - 2.1
Poller Type - spine-0.8.7c-beta3-win32
Server Info - Windows Server 2003 x86
Web Server - IIS6.0
PHP - 5.2.6
MySQL - 5.0.67-community-nt
RRDTool - 1.2.26
SNMP - 5.4.2
Plugins:
Thresholds (thold - v0.3.9)
Global Plugin Settings (settings - v0.5)
Realtime for Cacti (realtime - v0.32)
Network Discovery (discovery - v0.8.4)
Network Tools (tools - v0.3)
Update Checker (update - v0.4)
Cacti-ReportIt (reportit - v0.6.1)
Real-time statistics (zond - v0.34)
Device Tracking (mactrack - v1.1)
RRD File Cleaner (RRD Cleaner - v0.34)
Host Info (hostinfo - v0.2)
Plugin Architecture - 2.1
Poller Type - spine-0.8.7c-beta3-win32
Server Info - Windows Server 2003 x86
Web Server - IIS6.0
PHP - 5.2.6
MySQL - 5.0.67-community-nt
RRDTool - 1.2.26
SNMP - 5.4.2
Plugins:
Thresholds (thold - v0.3.9)
Global Plugin Settings (settings - v0.5)
Realtime for Cacti (realtime - v0.32)
Network Discovery (discovery - v0.8.4)
Network Tools (tools - v0.3)
Update Checker (update - v0.4)
Cacti-ReportIt (reportit - v0.6.1)
Real-time statistics (zond - v0.34)
Device Tracking (mactrack - v1.1)
RRD File Cleaner (RRD Cleaner - v0.34)
Host Info (hostinfo - v0.2)
Python script receives the data, but no graphing :-(
Hi Apperrault,
Did you manage to fix this?
If you did, would you mind sharing the solution?
I'm having exactely the same issue on my Cacti when trying to query an Ironport.
Regards,
Bart
Did you manage to fix this?
If you did, would you mind sharing the solution?
I'm having exactely the same issue on my Cacti when trying to query an Ironport.
Regards,
Bart
apperrault wrote:GNinja,
These look great. I am having a problem though with some of the graphs, most of them actually. I am getting the following in the error log:Code: Select all
01/11/2008 07:15:26 AM - CMDPHP: Poller[0] Host[278] DS[8231] app[/quote]
Ironport
Hey there..
I was messing around with the ironport script and am getting the following errors:
So I tried changing it to:
(note the port)
But I still get:
Got any suggestions?
I was messing around with the ironport script and am getting the following errors:
Code: Select all
Traceback (most recent call last):
File "/usr/share/cacti/site/scripts/cacti_check_esa.py", line 53, in <module>
client = urllib2.urlopen(url)
File "/usr/lib/python2.6/urllib2.py", line 124, in urlopen
return _opener.open(url, data, timeout)
File "/usr/lib/python2.6/urllib2.py", line 383, in open
response = self._open(req, data)
File "/usr/lib/python2.6/urllib2.py", line 401, in _open
'_open', req)
File "/usr/lib/python2.6/urllib2.py", line 361, in _call_chain
result = func(*args)
File "/usr/lib/python2.6/urllib2.py", line 1130, in http_open
return self.do_open(httplib.HTTPConnection, req)
File "/usr/lib/python2.6/urllib2.py", line 1105, in do_open
raise URLError(err)
urllib2.URLError: <urlopen error [Errno 111] Connection refused>
Code: Select all
url = "https://1.1.0.100:8443/xml/status" % (host)
urls = "https://1.1.0.100:8443/xml/status" % (host)
But I still get:
Code: Select all
Traceback (most recent call last):
File "/usr/share/cacti/site/scripts/cacti_check_esa.py", line 55, in <module>
client = urllib2.urlopen(url)
NameError: name 'url' is not defined
-
- Cacti User
- Posts: 234
- Joined: Mon Dec 13, 2004 3:03 pm
We just upgraded our Ironport appliances to a new firmware. The appliances seem to be on fire now.
We get spamed about this error once every hour, from each of our appliances. The ironport people are blaming the cacti server stating that
If you're using a 5 minute poller, you might be OK. I know many (but not all) of the Data Sources used by this template are set to poll every minute in my installation, the others every 5. Due to the fact that I'd have to ditch all my data when converting from a 1 to 5 minute polled Data Source I relish the thought of doing this, but I might not have a choice.
Anyone else in the same boat?
Code: Select all
An application fault occurred: ('session/CoroSessionContainer.py login|226', "<class 'aquarium.session.CoroSessionContainer.TooManyLoginSessionException'>", '', '[util/Aquarium.py screenLoop|407] [util/InternalLibrary.py inverseExtend|328] [util/InternalLibrary.py __call__|769] [screen/Controller.py __call__|23] [util/InternalLibrary.py __call__|769] [screen/CommonController.py __call__|38] [util/InternalLibrary.py __call__|769] [screen/AppController.py __call__|130] [screen/HTTPBasicAuthController.py authenticate|61] [session/CoroSessionContainer.py login|226]')
So, hooray for appliances. I have no idea if this was happening before this "upgrade" or not due to some change in the internal monitoring and alerting system within the appliance. At any rate, from my perspective, the polling was working just fine this entire time. I'm going to have to take a hard look at how this template works to try and identify ways to reduce the number of calls to the poor little web interface.The host X.X.X.X is logging in quite rapidly as the "X" user 16 times within 3 seconds every 1 minute. Unfortunately, the web interface simply cannot handle this onslaught and the discussed errors result.
If you're using a 5 minute poller, you might be OK. I know many (but not all) of the Data Sources used by this template are set to poll every minute in my installation, the others every 5. Due to the fact that I'd have to ditch all my data when converting from a 1 to 5 minute polled Data Source I relish the thought of doing this, but I might not have a choice.
Anyone else in the same boat?
-
- Cacti User
- Posts: 234
- Joined: Mon Dec 13, 2004 3:03 pm
I found that this template, like other templates I've used in the past, creates an entire data source for every "ESA Stats" related graph you create. Normally, this may not be a problem, but there is only one Data Input method defined (IP - Check ESA) which stores 18 Output Fields. The smart way to handle this is to create the 15 graphs, but then delete all but one Data Source. Then, one at a time point all the other graphs to that single data source. This will cut down on the number of RRDs and the number of HTTP requests to your Ironport appliance.
For reference, here is the list of each Graph and which Data Source is associated with it.
This resolved the problem I mentioned above about the Ironport appliance generating an error about too many sessions.
For reference, here is the list of each Graph and which Data Source is associated with it.
Code: Select all
IronPort - Bounce Hard DNS ipESADNSHardBounceR
IronPort - Bounce Hard Expired ipESAExpiredHardBou
IronPort - Bounce Hard Filter ipESAFilterHardBoun
IronPort - Bounce Soft Events ipESASoftBounceEvts
IronPort - Connections ipESAConnIn, ipESAConnOut
IronPort - Gen Bounce Recipients ipESAGenBounceRecip
IronPort - Global Unsub Hits ipESAGlobalUnsubHit
IronPort - Messages Dropped ipESADroppedMsgs
IronPort - Messages Injected ipESAInJMsgs
IronPort - Recipients Completed ipESACompletedRecip
IronPort - Recipients Deleted ipESADeletedRecips
IronPort - Recipients Delivered ipESADeliveredRecip
IronPort - Recipients Injected ipESAInjRecips
IronPort - Recipients Other Hard Bounce ipESAOtherHardBReci
IronPort - Recipients Rejected ipESARejectRecip
-
- Posts: 2
- Joined: Sun May 23, 2010 4:21 pm
I feel pretty stupid. I bought an Ironport C10 appliance for next to nothing on eBay. Unfortunately the device arrived with a configuration on it and I don't know the password. If someone on this board knows how to perform password recovery on this device, I would sure like to know.
Failing that, hacking the box and using it as a network server is also a possibility.
Thanks!
/Eric
Failing that, hacking the box and using it as a network server is also a possibility.
Thanks!
/Eric
Please follow the steps below in case you have lost your "admin" password on your IronPort appliance.
Contact Customer Support for a temporary password. You will need the Serial Number of the device.
Once you receive the temporary password, please access the IronPort via serial connection.
Log in as user 'adminpassword'.
Enter the temporary password you received from the Customer Support Engineer and hit return.
Enter the new password that will be used for the 'admin' user.
Looks like you'll have to contact Ironport......
Contact Customer Support for a temporary password. You will need the Serial Number of the device.
Once you receive the temporary password, please access the IronPort via serial connection.
Log in as user 'adminpassword'.
Enter the temporary password you received from the Customer Support Engineer and hit return.
Enter the new password that will be used for the 'admin' user.
Looks like you'll have to contact Ironport......
Who is online
Users browsing this forum: No registered users and 0 guests