Question about setting up critical and warning alerts

npolite · December 3, 2009, 6:41pm

Hello,

I currently have Nagios setup to notify us every 5 minutes on critical for services until the issue is resolved. What I would like to do and find out is if it is possible to create an additional service that is setup for warnings in which the warning is only sent once. I’ve tried setting up two services, one for critical and one for warnings, then creating a separate service which references the two but it doesn’t seem to work. I would appreciate any help on how to get this working.

Thanks

Here is what I have setup:

define host{
name server1-host
check_command check-host-alive
max_check_attempts 3
notification_interval 5
notification_period 24x7
notification_options d,u,r
register 0
}

define service{
name server1-service
active_checks_enabled 1
passive_checks_enabled 1
parallelize_check 1
obsess_over_service 1
check_freshness 0
notifications_enabled 1
event_handler_enabled 1
flap_detection_enabled 0
process_perf_data 1
retain_status_information 1
retain_nonstatus_information 1
is_volatile 0
check_period 24x7
max_check_attempts 3
normal_check_interval 5
retry_check_interval 1
contact_groups sysadmins
notification_interval 5
notification_period 24x7
notification_options c,r
register 0
}
define service{
name server1-warning
active_checks_enabled 1
passive_checks_enabled 1
parallelize_check 1
obsess_over_service 1
check_freshness 0
notifications_enabled 1
event_handler_enabled 1
flap_detection_enabled 0
process_perf_data 1
retain_status_information 1
retain_nonstatus_information 1
is_volatile 0
check_period 24x7
max_check_attempts 1
normal_check_interval 5
retry_check_interval 1
contact_groups sysadmins
notification_interval 0
notification_period 24x7
notification_options w,r
register 0
}

#HOSTGROUP
define hostgroup{
hostgroup_name server1
alias server1
members server1.site.com
}

#HOSTS

define host{
use server1-host
contact_groups sysadmins
host_name server1.site.com
alias server1.site.com
check_command check-host-alive-ssh
}

#SERVICES

define service{
use server1-service,server1-warning
host_name server1.site.com
contact_groups sysadmins
service_description Check Disk Space
check_command check_nrpe!check_disk
}

acer123acer123 · December 3, 2009, 7:30pm

If I understand you correctly you just need to set up escalations. Here’s the document on how to do it:

nagios.sourceforge.net/docs/3_0/escalations.html

but in short you’ll want to do something like this:

Set up a single servers that will trigger on warning as well as critical alerts.
Set up an escalation to send an email when it is in a warning status. Something like this:

define serviceescalation{
	host_name                        server1.site.com
        service_description            server1-service
	contact_groups			sysadmins
	first_notification			1
	last_notification			1
	notification_interval		         5
	escalation_period			24x7
	escalation_options			w
}

Again, you will find more information in the link I gave you above but what this does is send out an alert when the service is in a WARNING status and the notification number is 1 (the first notification). Since the last notification is also set to 1 it will only send the single alert. The escalation_options is set to “w” for warning only.

Set up another escalation to send an email when it is in a critical status. Something like this:

define serviceescalation{
	host_name                        server1.site.com
        service_description            server1-service
	contact_groups			sysadmins
	first_notification			1
	last_notification			0
	notification_interval		         5
	escalation_period			24x7
	escalation_options			c
}

Notice how very little changes with this escalation? The last_notification is set to 0 so that means never stop sending until the alert is acknowledged. The escalation_options is set to “c” for critical only.

Hope that helps.

npolite · December 3, 2009, 7:58pm

Thanks for the reply. I’ve never had to use escalations before, just the service would notify the contacts. Isn’t there a way to just add a new service for warnings and send that out like in my example?

In my original example I just used the server1-service to send out critical notifications and that worked.

acer123acer123 · December 3, 2009, 8:18pm

You could set up two services - one for critical and one for warning, I guess. You’d end up with double of everything and it might make it hard to manage.

npolite · December 3, 2009, 8:23pm

Isn’t that what I have setup in my inital post? For some reason it isn’t sending out the notifications.

npolite · December 3, 2009, 8:30pm

What’s odd is that for my

use server1-service,server1-warning

Even though I have two services referenced and Nagios accepts the configuration, when I go into the configuration in the GUI I only see critical and recovery under the check disk service.

acer123acer123 · December 3, 2009, 9:39pm

This is my last post of the day (I’m leaving now).

I would really take a step back and look again at escalations. They are designed to accomplish what you are trying to do. The way that you have it set up you are forcing your two servers to run two identical services just so that you can set different notifications.

Escalations are not hard to set up and really would be worth your while to look at them.

How are you managing your Nagios configuration files? Are you using GroundWork, Centreon, or something like that or are you modifying them all by hand?