Difference between revisions of "Pandora: Configuration emails alerts"

From Pandora FMS Wiki
Jump to: navigation, search
(Postfix Setup)
(Postfix Configuration)
 
(26 intermediate revisions by 7 users not shown)
Line 1: Line 1:
= Quick email setup guide for alerts in Pandora FMS =
+
= Quick email setup guide for alerts on Pandora FMS =
  
== Email configuration with a Gmail account ==
+
== Email configuration using a Gmail account ==
  
 
In order to configure Pandora FMS to send alerts via Gmail, Pandora and Postfix must be configured this way:
 
In order to configure Pandora FMS to send alerts via Gmail, Pandora and Postfix must be configured this way:
 
   
 
   
=== Pandora's Configuration ===
+
=== Pandora Configuration ===
  
In order to properly configure your email with a Gmail account, all the fields must have the following comments in the Pandora FMS server configuration file (/etc/pandora/pandora_server.conf) except the mta_address field, which will be configured with the IP server or localhost (where the postfixserver is installed).
+
In order to properly configure your email delivery with a Gmail account, all the fields must have the following comments in the Pandora FMS server configuration file (/etc/pandora/pandora_server.conf) except the mta_address field, which will be configured with the IP server or localhost (where the postfix server is installed).
  
If Postfix is installed in the same server than Pandora FMS, the configuration in the pandora_server.conf would be like that:
+
If Postfix is installed on the same server as Pandora FMS, the configuration in the pandora_server.conf file should look like this:
  
 
  mta_address localhost  
 
  mta_address localhost  
Line 19: Line 19:
  
  
Now, I would like to show you briefly how to configure an alert in the Pandora FMS console.  
+
Let's look briefly at how to configure an alert on the Pandora FMS console.  
  
 
==== Action Setup ====
 
==== Action Setup ====
  
To set the mail recipient, use the mail action to XXX so you can add an email recipient to which all the mail alerts will be sent.
+
To set the mail recipient, use the 'mail action to XXX' so you can add an email recipient to which all the mail alerts will be sent.
  
 
<center>
 
<center>
<br>
 
 
[[Image:GMAIL1.png|800px]]
 
[[Image:GMAIL1.png|800px]]
<br>
 
 
</center>
 
</center>
  
 
==== Alert setup ====
 
==== Alert setup ====
  
In this case, the module configuration has been generated in the module configuration> Alerts, a new alert with the module as the one that you can see in the screenshot below.
+
In this case, the module configuration has been generated in the module configuration> Alerts file, a new alert with the module like the one that can be seen on the screenshot below.
  
 
<center>
 
<center>
<br>
 
 
[[Image:GMAIL2.png|800px]]
 
[[Image:GMAIL2.png|800px]]
<br>
 
 
</center>
 
</center>
  
Once the alert is fired, you can see how the alert reaches the e-mail picked in the action:  
+
Once the alert is triggered, you can see how the alert reaches the e-mail address assigned to the action:  
  
 
<center>
 
<center>
<br>
 
 
[[Image:GMAIL3.png|800px]]
 
[[Image:GMAIL3.png|800px]]
<br>
 
 
</center>
 
</center>
 +
 
<center>
 
<center>
<br>
 
 
[[Image:GMAIL4.png|800px]]
 
[[Image:GMAIL4.png|800px]]
<br>
 
 
</center>
 
</center>
  
=== Postfix Setup ===
+
=== Postfix Installation ===
 +
 
 +
The following packages must be installed in Pandora server for postfix server to work properly together with a GMAIL account.
 +
 
 +
yum install postfix mailx cyrus-sasl-plain cyrus-sasl cyrus-sasl-lib cyrus-sasl-md5 cyrus-sasl-scram cyrus-sasl-gssapi
  
1-- Edit the  /etc/postfix/main.cf file and add the following lines at the end of the file:
+
=== Postfix Configuration ===
  
 +
Once Postfix has been installed within the server and everything works properly, except for sending emails through Gmail, follow these steps:
 +
 +
1-- Check that the "less secure pass" option is enabled in your Gmail account. It can be enabled through this link.(https://myaccount.google.com/lesssecureapps)
 +
 +
2-- Edit the /etc/postfix/main.cf file and add the following lines at the end of said file:
 +
 +
myhostname = <hostname> #Add here server hostname
 
  relayhost = [smtp.gmail.com]:587
 
  relayhost = [smtp.gmail.com]:587
 
  smtp_sasl_auth_enable = yes
 
  smtp_sasl_auth_enable = yes
  smtp_sasl_password_maps = hash:/etc/postfix/sasl/passwd
+
  smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
 +
smtp_tls_policy_maps = hash:/etc/postfix/tls_policy
 
  smtp_sasl_security_options = noanonymous
 
  smtp_sasl_security_options = noanonymous
 
  smtp_use_tls = yes
 
  smtp_use_tls = yes
  smtp_tls_CAfile = /etc/postfix/cacert.pem
+
  smtp_tls_CAfile = /etc/pki/tls/cert.pem
 +
smtp_tls_security_level = encrypt
 +
 +
 
 +
3-- Create the /etc/postfix/sasl_passwd file with its corresponding Gmail address and password.
 +
 
 +
nano /etc/postfix/sasl_passwd
 +
 
 +
Add the following line with the Gmail address and password to the file:
 +
 
 +
[smtp.gmail.com]:587 [email protected]:PASSWORD
 +
 
 +
Secure it accordingly:
 +
 
 +
chmod 600 /etc/postfix/sasl_passwd
 +
chown root:root /etc/postfix/sasl_passwd
  
2-- Create the /etc/postfix/sasl/passwd file with the content below:
+
4-- Create the /etc/postfix/tls_policy file with the following information:
  
  [ACCOUNT]@gmail.com:[PASSWORD]
+
  nano /etc/postfix/tls_policy
  
Protect it accordingly through:
+
[smtp.gmail.com]:587 encrypt
  
chmod 600 /etc/postfix/sasl/passwd
+
Secure it accordingly:
  
3-- Transform /etc/postfix/sasl/passwd into a hash type indexed file through the following line:
+
chmod 600 /etc/postfix/tls_policy
 +
chown root:root /etc/postfix/tls_policy
  
postmap /etc/postfix/sasl/passwd
 
  
It will crete the /etc/postfix/sasl/passwd.db file:
+
5-- Turn /etc/postfix/sasl_passwd and /etc/postfix/tls_policy into a hash-type indexed file through this command:
  
4-- Before taking the next step, you should check that the ca-certificate package (that will have the Gmail certification) is installed. Certificates will be installed in the /etc/ssl/certs path by default. ** They will not exist if you're using the pre-built Pandora FMS ISO or VMware virtual image.  You will need to...
+
postmap /etc/postfix/sasl_passwd && postmap /etc/postfix/tls_policy
  
In order to add the Equifax certificating authority (which certifies emails from Gmail) into the certificate file that postfix uses, run the following command in a root console:
+
It will create the /etc/postfix/sasl_passwd.db and /etc/postfix/tls_policy.db files.
  
cat /etc/ssl/certs/Equifax_Secure_CA.pem > /etc/postfix/cacert.pem
 
  
5 - Finally, restart postfix to apply the changes:
+
6-- Finally, restart postfix to apply the modifications as it follows:
  
 
  /etc/init.d/postfix restart
 
  /etc/init.d/postfix restart
  
6 - You can verify the performance by opening two consoles. You should execute the following command in one of them to monitor the behavior of the mail:
+
7-- The performance can be checked by logging in two consoles. Execute the following command to monitor mail performance:
  
  tail -f /var/log/mail.log
+
  tail -f /var/log/maillog
  
You can send an email through the other one:
+
The other one will send an email:
  
  echo "Prueba correo" | mail prueba@gmail.com
+
  echo "Mail test" | mail test@gmail.com
  
If you have done everything right, something like that should appear in the other console:
+
If the preceding steps have been carried out correctly, the other console should show something like this:
  
 
  Dec 18 18:33:40 OKComputer postfix/pickup[10945]: 75D4A243BD: uid=0 from=
 
  Dec 18 18:33:40 OKComputer postfix/pickup[10945]: 75D4A243BD: uid=0 from=
Line 105: Line 124:
 
  Dec 18 18:33:44 OKComputer postfix/qmgr[10946]: 75D4A243BD: removed
 
  Dec 18 18:33:44 OKComputer postfix/qmgr[10946]: 75D4A243BD: removed
  
If the result is like the one above, Pandora will have been properly configured and linked to the Postfix server, so it will send mails as expected.
+
If this is the result, Pandora will point to the Postfix server to send emails and they will be successfully sent.
  
 
[[Category:Pandora FMS]]
 
[[Category:Pandora FMS]]

Latest revision as of 10:31, 25 June 2019

1 Quick email setup guide for alerts on Pandora FMS

1.1 Email configuration using a Gmail account

In order to configure Pandora FMS to send alerts via Gmail, Pandora and Postfix must be configured this way:

1.1.1 Pandora Configuration

In order to properly configure your email delivery with a Gmail account, all the fields must have the following comments in the Pandora FMS server configuration file (/etc/pandora/pandora_server.conf) except the mta_address field, which will be configured with the IP server or localhost (where the postfix server is installed).

If Postfix is installed on the same server as Pandora FMS, the configuration in the pandora_server.conf file should look like this:

mta_address localhost 
#mta_port 25
#mta_user [email protected]
#mta_pass mypassword
#mta_auth LOGIN
#mta_from Pandora FMS <[email protected]>


Let's look briefly at how to configure an alert on the Pandora FMS console.

1.1.1.1 Action Setup

To set the mail recipient, use the 'mail action to XXX' so you can add an email recipient to which all the mail alerts will be sent.

GMAIL1.png

1.1.1.2 Alert setup

In this case, the module configuration has been generated in the module configuration> Alerts file, a new alert with the module like the one that can be seen on the screenshot below.

GMAIL2.png

Once the alert is triggered, you can see how the alert reaches the e-mail address assigned to the action:

GMAIL3.png

GMAIL4.png

1.1.2 Postfix Installation

The following packages must be installed in Pandora server for postfix server to work properly together with a GMAIL account.

yum install postfix mailx cyrus-sasl-plain cyrus-sasl cyrus-sasl-lib cyrus-sasl-md5 cyrus-sasl-scram cyrus-sasl-gssapi

1.1.3 Postfix Configuration

Once Postfix has been installed within the server and everything works properly, except for sending emails through Gmail, follow these steps:

1-- Check that the "less secure pass" option is enabled in your Gmail account. It can be enabled through this link.(https://myaccount.google.com/lesssecureapps)

2-- Edit the /etc/postfix/main.cf file and add the following lines at the end of said file:

myhostname = <hostname> #Add here server hostname
relayhost = [smtp.gmail.com]:587
smtp_sasl_auth_enable = yes
smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
smtp_tls_policy_maps = hash:/etc/postfix/tls_policy
smtp_sasl_security_options = noanonymous
smtp_use_tls = yes
smtp_tls_CAfile = /etc/pki/tls/cert.pem
smtp_tls_security_level = encrypt

3-- Create the /etc/postfix/sasl_passwd file with its corresponding Gmail address and password.

nano /etc/postfix/sasl_passwd

Add the following line with the Gmail address and password to the file:

[smtp.gmail.com]:587 [email protected]:PASSWORD

Secure it accordingly:

chmod 600 /etc/postfix/sasl_passwd
chown root:root /etc/postfix/sasl_passwd

4-- Create the /etc/postfix/tls_policy file with the following information:

nano /etc/postfix/tls_policy
[smtp.gmail.com]:587 encrypt

Secure it accordingly:

chmod 600 /etc/postfix/tls_policy
chown root:root /etc/postfix/tls_policy


5-- Turn /etc/postfix/sasl_passwd and /etc/postfix/tls_policy into a hash-type indexed file through this command:

postmap /etc/postfix/sasl_passwd && postmap /etc/postfix/tls_policy

It will create the /etc/postfix/sasl_passwd.db and /etc/postfix/tls_policy.db files.


6-- Finally, restart postfix to apply the modifications as it follows:

/etc/init.d/postfix restart

7-- The performance can be checked by logging in two consoles. Execute the following command to monitor mail performance:

tail -f /var/log/maillog

The other one will send an email:

echo "Mail test" | mail [email protected]

If the preceding steps have been carried out correctly, the other console should show something like this:

Dec 18 18:33:40 OKComputer postfix/pickup[10945]: 75D4A243BD: uid=0 from=
Dec 18 18:33:40 OKComputer postfix/cleanup[10951]: 75D4A243BD: message-id=
Dec 18 18:33:40 OKComputer postfix/qmgr[10946]: 75D4A243BD: from=, size=403, nrcpt=1 (queue active)
Dec 18 18:33:44 OKComputer postfix/smtp[10953]: 75D4A243BD: [email protected], relay=smtp.gmail.com[74.125.93.109]:587, delay=3.7,  delays=0.15/0.14/1.8/1.6, dsn=2.0.0, status=sent (250 2.0.0 OK 1324249500 eb5sm36008464qab.10)
Dec 18 18:33:44 OKComputer postfix/qmgr[10946]: 75D4A243BD: removed

If this is the result, Pandora will point to the Postfix server to send emails and they will be successfully sent.