- Librenms Syslog-ng Not Working
- Librenms Syslog Timestamp
- Librenms Syslog.php
- Librenms Syslog Alerts
- Librenms Syslog Server
- Librenms Syslog Docker
- Librenms Syslog Filter
License Repository which helps you to configure Rsyslog for LibreNMS and your clients. The license doesn't apply to external configuration files, see comments in each files to see relative license. Copyleft (C) Nicolas Simond - 2016.
We have simple integration for Graylog, you will be able to view anylogs from within LibreNMS that have been parsed by the syslog inputfrom within Graylog itself. This includes logs from devices whicharen't in LibreNMS still, you can also see logs for a specific deviceunder the logs section for the device.
Currently, LibreNMS does not associate shortnames from Graylog withfull FQDNS. If you have your devices in LibreNMS using full FQDNs,such as hostname.example.com, be aware that rsyslogd, by default,sends the shortname only. To fix this, add
$PreserveFQDN on
- @ -78,7 +78,7 @@ Next start syslog-ng: service syslog-ng restart ``` Add the following to your LibreNMS config.php file to enable the Syslog extension.
- Configuring Rsyslog with LibreNMS Syslogfor more settings to enable email settings see my video on youtube Rsyslog on Ubu.
- Librenms Syslog Hi, Today, we're gonna see how we can configure Rsyslog with LibreNMS to collect and store the logs of our servers. It's very important to have a good log management to check them if you have any failure on a server. LibreNMS provide a module which gives you the power to collect, store and analyze those logs.
- Syslog/Eventlog Widget Issue. I went from 1.23 to 1.25 and am now having issues with the Syslog and Eventlog dashboard widgets. The syslog entries are larger than the widget so they overlap other widgets. It's consistent across multiple browsers, any idea what I can do to resolve the issue?
to your rsyslog config to send the full FQDN so device logs will beassociated correctly in LibreNMS. Also see near the bottom of thisdocument for tips on how to enable/suppress the domain part ofhostnames in syslog-messages for some platforms.
Graylog itself isn't included within LibreNMS, you will need toinstall this separately either on the same infrastructure as LibreNMSor as a totally standalone appliance.
Config is simple, here's an example based on Graylog 2.4:
Timezone
Graylog messages are stored using GMT timezone. You can displaygraylog messages in LibreNMS webui using your desired timezone bysetting the following option in config.php:
Timezone must be PHP supported timezones, available at:https://php.net/manual/en/timezones.php
Graylog Version
If you are running a version earlier than Graylog then please set
to the version number of your Grayloginstall. Earlier versions than 2.1 use the default portLibrenms Syslog-ng Not Working
12900
URI
If you have altered the default uri for your Graylog setup then youcan override the default of /api/
using
User Credentials
If you choose to use another user besides the admin user, please notethat currently you must give the user 'admin' permissions from withinGraylog, 'read' permissions alone are not sufficient.
TLS Certificate
If you have enabled TLS for the Graylog API and you are using aself-signed certificate, please make sure that the certificate istrusted by your LibreNMS host, otherwise the connection willfail. Additionally, the certificate's Common Name (CN) has to matchthe FQDN or IP address specified in
Match Any Address
If you want to match the source address of the log entries against anyIP address of a device instead of only against the primary address andthe host name to assign the log entries to a device, you can activatethis function using
Recent Devices
There are 2 configuration parameters to influence the behaviour of the'Recent Graylog' table on the overview page of thedevices.
Sets the maximum number of rows to be displayed (default: 10)
You can set which loglevels that should be displayed on the overview page. (default: 7, min:0, max: 7)
Shows only entries with a log level less than or equal to 4 (Emergency,Alert, Critical, Error, Warning).You can set a default Log Level Filter with
(applies to /graylog and /device/device=/tab=logs/section=graylog/ (min: 0, max: 7)Domain and hostname handling
Suppressing/enabling the domain part of a hostname for specific platforms
You should see if what you get in syslog/Graylog matches up with yourconfigured hosts first. If you need to modify the syslog messages fromspecific platforms, this may be of assistance:
IOS (Cisco)
or
JunOS (Juniper Networks)
PanOS (Palo Alto Networks)
or
Transports are located within LibreNMS/Alert/Transport/
and can beconfigured within the WebUI under Alerts -> Alert Transports.
Contacts will be gathered automatically and passed to the configured transports.By default the Contacts will be only gathered when the alert triggersand will ignore future changes in contacts for the incident.If you want contacts to be re-gathered before each dispatch, pleaseset 'Updates to contact email addresses not honored' to Off in the WebUI.
The contacts will always include the SysContact
defined in theDevice's SNMP configuration and also every LibreNMS user that has atleast read
-permissions on the entity that is to be alerted.
At the moment LibreNMS only supports Port or Device permissions.
You can exclude the SysContact
by toggling 'Issue alerts to sysContact'.
To include users that have Global-Read
, Administrator
orNormal-User
permissions it is required to toggle the options:
- Issue alerts to admins.
- Issue alerts to read only users
- Issue alerts to normal users.
Using a Proxy
Using a AMQP based Transport
You need to install an additional php module : bcmath
Alerta
The alerta monitoring system is a tool used to consolidate and de-duplicate alerts from multiple sources for quick ‘at-a-glance' visualisation. With just one system you can monitor alerts from many other monitoring tools on a single screen.
Example:
Config | Example |
---|---|
API Endpoint | http://alerta.example.com/api/alert |
Environment | Production |
Apy key | api key with write permission |
Alert state | critical |
Recover state | cleared |
Alertmanager
Alertmanager is an alert handling software, initially developed foralert processing sent by Prometheus.
It has built-in functionality for deduplicating, grouping and routingalerts based on configurable criteria.
LibreNMS uses alert grouping by alert rule, which can produce an arrayof alerts of similar content for an array of hosts, whereasAlertmanager can group them by alert meta, ideally producing onesingle notice in case an issue occurs.
It is possible to configure as many label values as required inAlertmanager Options section. Every label and its value should beentered as a new line.
Multiple Alertmanager URLs (comma separated) are supported. EachURL will be tried and the search will stop at the first success.
Example:
Config | Example |
---|---|
Alertmanager URL(s) | http://alertmanager1.example.com,http://alertmanager2.example.com |
Alertmanager Options: | source=librenms customlabel=value |
API
The API transport allows to reach any service provider using POST, PUT or GET URLs(Like SMS provider, etc). It can be used in multiple ways:
- The same text built from the Alert template is available in the variable
$msg
, which can then be sent as an option to the API. Be carefull thatHTTP GET requests are usually limited in length. - The API-Option fields can be directly built from the variables defined inTemplate-Syntax but without the 'alert->' prefix.For instance,
$alert->uptime
is available as$uptime
in theAPI transport - The API-Headers allows you to add the headers that the api endpoint requires.
- The API-body allow sending data in the format required by the ApI endpoint.
A few variables commonly used :
Variable | Description |
---|---|
{{ $hostname }} | Hostname |
{{ $sysName }} | SysName |
{{ $sysDescr }} | SysDescr |
{{ $os }} | OS of device (librenms defined) |
{{ $type }} | Type of device (librenms defined) |
{{ $ip }} | IP Address |
{{ $hardware }} | Hardware |
{{ $version }} | Version |
{{ $uptime }} | Uptime in seconds |
{{ $uptime_short }} | Uptime in human-readable format |
{{ $timestamp }} | Timestamp of alert |
{{ $description }} | Description of device |
{{ $title }} | Title (as built from the Alert Template) |
{{ $msg }} | Body text (as built from the Alert Template) |
Example:
The example below will use the API named sms-api of my.example.com and sendthe title of the alert to the provided number using the provided service key.Refer to your service documentation to configure it properly.
Config | Example |
---|---|
API Method | GET |
API URL | http://my.example.com/sms-api |
API Options | rcpt=0123456789 key=0987654321abcdef msg=(LNMS) {{ $title }} |
API Username | myUsername |
API Password | myPassword |
The example below will use the API named wall-display of my.example.com and sendthe title and text of the alert to a screen in the Network Operation Center.
Config | Example |
---|---|
API Method | POST |
API URL | http://my.example.com/wall-display |
API Options | title={{ $title }} msg={{ $msg }} |
The example below will use the API named component of my.example.com with id 1, body as json status value and headers send token authentication and content type required.
Config | Example |
---|---|
API Method | PUT |
API URL | http://my.example.com/comonent/1 |
API Headers | X-Token=HASH |
Content-Type=application/json | |
API Body | { 'status': 2 } |
aspSMS
aspSMS is a SMS provider that can be configured by using the generic API Transport.You need a token you can find on your personnal space.
Example:
Config | Example |
---|---|
Transport type | Api |
API Method | POST |
API URL | https://soap.aspsms.com/aspsmsx.asmx/SimpleTextSMS |
Options | UserKey=USERKEY Password=APIPASSWORD Recipient=RECIPIENT Originator=ORIGINATOR MessageText={{ $msg }} |
Boxcar
Copy your access token from the Boxcar app or from the Boxcar.iowebsite and setup the transport.
Example:
Config | Example |
---|---|
Access Token | i23f23mr23rwerw |
Canopsis
Canopsis is a hypervision tool. LibreNMS can send alerts to Canopsiswhich are then converted to canopsis events.
Example:
Config | Example |
---|---|
Hostname | www.xxx.yyy.zzz |
Port Number | 5672 |
User | admin |
Password | my_password |
Vhost | canopsis |
Cisco Spark (aka Webex Teams)
Cisco Spark (now known as Webex Teams). LibreNMS can send alerts to a CiscoSpark room. To make this possible you need to have a RoomID and a token.You can also choose to send alerts using Markdown syntax. Enabling thisoption provides for more richly formatted alerts, but be sure to adjust youralert template to account for the Markdown syntax.
For more information about Cisco Spark RoomID and token, take a look here :
Example:
Config | Example |
---|---|
API Token | ASd23r23edewda |
RoomID | 34243243251 |
Use Markdown? | x |
Clickatell
Clickatell provides a REST-API requiring an Authorization-Token and atleast one Cellphone number.
Here an example using 3 numbers, any amount of numbers is supported:
Example:
Config | Example |
---|---|
Token | dsaWd3rewdwea |
Mobile Numbers | +1234567890,+1234567891,+1234567892 |
Discord
The Discord transport will POST the alert message to your DiscordIncoming WebHook. Simple html tags are stripped from the message.
The only required value is for url, without this no call to Discordwill be made. The Options field supports the JSON/Form Params listedin the Discord Docs below.
Example:
Config | Example |
---|---|
Discord URL | https://discordapp.com/api/webhooks/4515489001665127664/82-sf4385ysuhfn34u2fhfsdePGLrg8K7cP9wl553Fg6OlZuuxJGaa1d54fe |
Options | username=myname |
Elasticsearch
You can have LibreNMS send alerts to an elasticsearch database. Eachfault will be sent as a separate document.
Librenms Syslog Timestamp
The index pattern uses strftime() formatting.
Example:
Config | Example |
---|---|
Host | 127.0.0.1 |
Port | 9200 |
Index Patter | librenms-%Y.%m.%d |
GitLab
LibreNMS will create issues for warning and critical level alertshowever only title and description are set. Uses Personal accesstokens to authenticate with GitLab and will store the token in cleartext.
Example:
Config | Example |
---|---|
Host | http://gitlab.host.tld |
Project ID | 1 |
Personal Access Token | AbCdEf12345 |
HipChat
See the HipChat API Documentation for rooms/messagefor details on acceptable values.
You may notice that the link points at the 'deprecated' v1 API. This isbecause the v2 API is still in beta.
Example:
Config | Example |
---|---|
API URL | https://api.hipchat.com/v1/rooms/message?auth_token=109jawregoaihj |
Room ID | 7654321 |
From Name | LibreNMS |
Options | color = red notify = 1 message_format = text |
At present the following options are supported: color
, notify
and message_format
.
Note: The default message format for HipChat messages is HTML. It isrecommended that you specify the text
message format to prevent unexpectedresults, such as HipChat attempting to interpret angled brackets (<
and>
).
IRC
The IRC transports only works together with the LibreNMS IRC-Bot.Configuration of the LibreNMS IRC-Bot is described here.
Example:
Config | Example |
---|---|
IRC | enabled |
JIRA
You can have LibreNMS create issues on a Jira instance for criticaland warning alerts. The Jira transport only sets summary anddescription fields. Therefore your Jira project must not have anyother mandatory field for the provided issuetype. The config fieldsthat need to set are Jira URL, Jira username, Jira password, Projectkey, and issue type. Currently http authentication is used to accessJira and Jira username and password will be stored as cleartext in theLibreNMS database.
Example:
Config | Example |
---|---|
URL | https://myjira.mysite.com |
Project Key | JIRAPROJECTKEY |
Issue Type | Myissuetype |
Jira Username | myjirauser |
Jira Password | myjirapass |
LINE Notify
Example:
Config | Example |
---|---|
Token | AbCdEf12345 |
The E-Mail transports uses the same email-configuration like the rest of LibreNMS.As a small reminder, here is it's configuration directives including defaults:
Example:
Config | Example |
---|---|
[email protected] |
Matrix
For using the Matrix transports, you have to create a room on the Matrix-server.The provided Auth_token belongs to an user, which is member of this room.The Message, sent to the matrix-room can be built from the variables defined inTemplate-Syntax but without the 'alert->' prefix.See API-Transport. The variable $msg
is contains the result of the Alert template.The Matrix-Server URL is cutted before the beginning of the _matrix/client/r0/...
API-part.
Example:
Config | Example |
---|---|
Matrix-Server URL | https://matrix.example.com/ |
Room | !ajPbbPalmVbNuQoBDK:example.com |
Auth_token: | MDAyYmxvY2F0aW9uI...z1DCn6lz_uOhtW3XRICg |
Message: | Alert: {{ $msg }} https://librenms.example.com |
Microsoft Teams
LibreNMS can send alerts to Microsoft Teams Incoming Webhooks which arethen posted to a specific channel. Microsoft recommends usingmarkdown formatting for connector cards.Administrators can opt to composethe MessageCardthemselves using JSON to get the full functionality.
Example:
Config | Example |
---|---|
WebHook URL | https://outlook.office365.com/webhook/123456789 |
Use JSON? | x |
Nagios Compatible
The nagios transport will feed a FIFO at the defined location with thesame format that nagios would. This allows you to use other alertingsystems with LibreNMS, for example Flapjack.
Example:
Config | Example |
---|---|
Nagios FIFO | /path/to/my.fifo |
OpsGenie
Using OpsGenie LibreNMS integration, LibreNMS forwards alerts toOpsGenie with detailed information. OpsGenie acts as a dispatcher forLibreNMS alerts, determines the right people to notify based onon-call schedules and notifies via email, text messages (SMS), phonecalls and iOS & Android push notifications. Then escalates alertsuntil the alert is acknowledged or closed.
Create a LibreNMSIntegration fromthe integrations page once you signup. Then copy the API key from OpsGenie to LibreNMS.
If you want to automatically ack and close alerts, leverage Maridintegration. More detail with screenshots is available inOpsGenie LibreNMS Integration page.
Example:
Config | Example |
---|---|
WebHook URL | https://url/path/to/webhook |
osTicket
LibreNMS can send alerts to osTicket API which are then converted to osTicket tickets.
Example:
Config | Example |
---|---|
API URL | http://osticket.example.com/api/http.php/tickets.json |
API Token | 123456789 |
PagerDuty
LibreNMS can make use of PagerDuty, this is done by utilizing an APIkey and Integraton Key.
API Keys can be found under 'API Access' in the PagerDuty portal.
Integration Keys can be found under 'Integration' for the particularService you have created in the PagerDuty portal.
Example:
Config | Example |
---|---|
API Key | randomsample |
Integration Key | somerandomstring |
Philips Hue
Want to spice up your noc life? LibreNMS will flash all lightsconnected to your philips hue bridge whenever an alert is triggered.
To setup, go to the you http://your-bridge-ip
/debug/clip.html
- Update the 'URL:' field to
/api
- Paste this in the 'Message Body' {'devicetype':'librenms'}
- Press the round button on your
philips Hue Bridge
- Click on
POST
- In the
Command Response
You should see output with your username. Copy this without the quotes
More Info: Philips Hue Documentation
Example:
Config | Example |
---|---|
Host | http://your-bridge-ip |
Hue User | username |
Duration | 1 Second |
PlaySMS
PlaySMS is an open source SMS-Gateway that can be used via their HTTPAPI using a Username and WebService Token. Please consult PlaySMS'sdocumentation regarding number formatting.
Here an example using 3 numbers, any amount of numbers is supported:
Example:
Config | Example |
---|---|
PlaySMS | https://localhost/index.php?app=ws |
User | user1 |
Token | MYFANCYACCESSTOKEN |
From | My Name |
Mobiles | +1234567892,+1234567890,+1234567891 |
Pushbullet
Get your Access Token from your Pushbullet's settings page and set it in your transport:
Example:
Config | Example |
---|---|
Access Token | MYFANCYACCESSTOKEN |
Pushover
If you want to change the default notificationsound for all notifications then youcan add the following in Pushover Options:
sound=falling
You also have the possibility to change sound per severity:sound_critical=falling
sound_warning=siren
sound_ok=magic
Enabling Pushover support is fairly easy, there are only two required parameters.
Firstly you need to create a new Application (called LibreNMS, forexample) in your account on the Pushover website (https://pushover.net/apps).
Now copy your API Key and obtain your User Key from the newly createdApplication and setup the transport.
Example:
Config | Example |
---|---|
Api Key | APPLICATIONAPIKEYGOESHERE |
User Key | USERKEYGOESHERE |
Pushover Options | sound_critical=falling sound_warning=siren sound_ok=magic |
Graylog messages are stored using GMT timezone. You can displaygraylog messages in LibreNMS webui using your desired timezone bysetting the following option in config.php:
Timezone must be PHP supported timezones, available at:https://php.net/manual/en/timezones.php
Graylog Version
If you are running a version earlier than Graylog then please set
to the version number of your Grayloginstall. Earlier versions than 2.1 use the default portLibrenms Syslog-ng Not Working
12900
URI
If you have altered the default uri for your Graylog setup then youcan override the default of /api/
using
User Credentials
If you choose to use another user besides the admin user, please notethat currently you must give the user 'admin' permissions from withinGraylog, 'read' permissions alone are not sufficient.
TLS Certificate
If you have enabled TLS for the Graylog API and you are using aself-signed certificate, please make sure that the certificate istrusted by your LibreNMS host, otherwise the connection willfail. Additionally, the certificate's Common Name (CN) has to matchthe FQDN or IP address specified in
Match Any Address
If you want to match the source address of the log entries against anyIP address of a device instead of only against the primary address andthe host name to assign the log entries to a device, you can activatethis function using
Recent Devices
There are 2 configuration parameters to influence the behaviour of the'Recent Graylog' table on the overview page of thedevices.
Sets the maximum number of rows to be displayed (default: 10)
You can set which loglevels that should be displayed on the overview page. (default: 7, min:0, max: 7)
Shows only entries with a log level less than or equal to 4 (Emergency,Alert, Critical, Error, Warning).You can set a default Log Level Filter with
(applies to /graylog and /device/device=/tab=logs/section=graylog/ (min: 0, max: 7)Domain and hostname handling
Suppressing/enabling the domain part of a hostname for specific platforms
You should see if what you get in syslog/Graylog matches up with yourconfigured hosts first. If you need to modify the syslog messages fromspecific platforms, this may be of assistance:
IOS (Cisco)
or
JunOS (Juniper Networks)
PanOS (Palo Alto Networks)
or
Transports are located within LibreNMS/Alert/Transport/
and can beconfigured within the WebUI under Alerts -> Alert Transports.
Contacts will be gathered automatically and passed to the configured transports.By default the Contacts will be only gathered when the alert triggersand will ignore future changes in contacts for the incident.If you want contacts to be re-gathered before each dispatch, pleaseset 'Updates to contact email addresses not honored' to Off in the WebUI.
The contacts will always include the SysContact
defined in theDevice's SNMP configuration and also every LibreNMS user that has atleast read
-permissions on the entity that is to be alerted.
At the moment LibreNMS only supports Port or Device permissions.
You can exclude the SysContact
by toggling 'Issue alerts to sysContact'.
To include users that have Global-Read
, Administrator
orNormal-User
permissions it is required to toggle the options:
- Issue alerts to admins.
- Issue alerts to read only users
- Issue alerts to normal users.
Using a Proxy
Using a AMQP based Transport
You need to install an additional php module : bcmath
Alerta
The alerta monitoring system is a tool used to consolidate and de-duplicate alerts from multiple sources for quick ‘at-a-glance' visualisation. With just one system you can monitor alerts from many other monitoring tools on a single screen.
Example:
Config | Example |
---|---|
API Endpoint | http://alerta.example.com/api/alert |
Environment | Production |
Apy key | api key with write permission |
Alert state | critical |
Recover state | cleared |
Alertmanager
Alertmanager is an alert handling software, initially developed foralert processing sent by Prometheus.
It has built-in functionality for deduplicating, grouping and routingalerts based on configurable criteria.
LibreNMS uses alert grouping by alert rule, which can produce an arrayof alerts of similar content for an array of hosts, whereasAlertmanager can group them by alert meta, ideally producing onesingle notice in case an issue occurs.
It is possible to configure as many label values as required inAlertmanager Options section. Every label and its value should beentered as a new line.
Multiple Alertmanager URLs (comma separated) are supported. EachURL will be tried and the search will stop at the first success.
Example:
Config | Example |
---|---|
Alertmanager URL(s) | http://alertmanager1.example.com,http://alertmanager2.example.com |
Alertmanager Options: | source=librenms customlabel=value |
API
The API transport allows to reach any service provider using POST, PUT or GET URLs(Like SMS provider, etc). It can be used in multiple ways:
- The same text built from the Alert template is available in the variable
$msg
, which can then be sent as an option to the API. Be carefull thatHTTP GET requests are usually limited in length. - The API-Option fields can be directly built from the variables defined inTemplate-Syntax but without the 'alert->' prefix.For instance,
$alert->uptime
is available as$uptime
in theAPI transport - The API-Headers allows you to add the headers that the api endpoint requires.
- The API-body allow sending data in the format required by the ApI endpoint.
A few variables commonly used :
Variable | Description |
---|---|
{{ $hostname }} | Hostname |
{{ $sysName }} | SysName |
{{ $sysDescr }} | SysDescr |
{{ $os }} | OS of device (librenms defined) |
{{ $type }} | Type of device (librenms defined) |
{{ $ip }} | IP Address |
{{ $hardware }} | Hardware |
{{ $version }} | Version |
{{ $uptime }} | Uptime in seconds |
{{ $uptime_short }} | Uptime in human-readable format |
{{ $timestamp }} | Timestamp of alert |
{{ $description }} | Description of device |
{{ $title }} | Title (as built from the Alert Template) |
{{ $msg }} | Body text (as built from the Alert Template) |
Example:
The example below will use the API named sms-api of my.example.com and sendthe title of the alert to the provided number using the provided service key.Refer to your service documentation to configure it properly.
Config | Example |
---|---|
API Method | GET |
API URL | http://my.example.com/sms-api |
API Options | rcpt=0123456789 key=0987654321abcdef msg=(LNMS) {{ $title }} |
API Username | myUsername |
API Password | myPassword |
The example below will use the API named wall-display of my.example.com and sendthe title and text of the alert to a screen in the Network Operation Center.
Config | Example |
---|---|
API Method | POST |
API URL | http://my.example.com/wall-display |
API Options | title={{ $title }} msg={{ $msg }} |
The example below will use the API named component of my.example.com with id 1, body as json status value and headers send token authentication and content type required.
Config | Example |
---|---|
API Method | PUT |
API URL | http://my.example.com/comonent/1 |
API Headers | X-Token=HASH |
Content-Type=application/json | |
API Body | { 'status': 2 } |
aspSMS
aspSMS is a SMS provider that can be configured by using the generic API Transport.You need a token you can find on your personnal space.
Example:
Config | Example |
---|---|
Transport type | Api |
API Method | POST |
API URL | https://soap.aspsms.com/aspsmsx.asmx/SimpleTextSMS |
Options | UserKey=USERKEY Password=APIPASSWORD Recipient=RECIPIENT Originator=ORIGINATOR MessageText={{ $msg }} |
Boxcar
Copy your access token from the Boxcar app or from the Boxcar.iowebsite and setup the transport.
Example:
Config | Example |
---|---|
Access Token | i23f23mr23rwerw |
Canopsis
Canopsis is a hypervision tool. LibreNMS can send alerts to Canopsiswhich are then converted to canopsis events.
Example:
Config | Example |
---|---|
Hostname | www.xxx.yyy.zzz |
Port Number | 5672 |
User | admin |
Password | my_password |
Vhost | canopsis |
Cisco Spark (aka Webex Teams)
Cisco Spark (now known as Webex Teams). LibreNMS can send alerts to a CiscoSpark room. To make this possible you need to have a RoomID and a token.You can also choose to send alerts using Markdown syntax. Enabling thisoption provides for more richly formatted alerts, but be sure to adjust youralert template to account for the Markdown syntax.
For more information about Cisco Spark RoomID and token, take a look here :
Example:
Config | Example |
---|---|
API Token | ASd23r23edewda |
RoomID | 34243243251 |
Use Markdown? | x |
Clickatell
Clickatell provides a REST-API requiring an Authorization-Token and atleast one Cellphone number.
Here an example using 3 numbers, any amount of numbers is supported:
Example:
Config | Example |
---|---|
Token | dsaWd3rewdwea |
Mobile Numbers | +1234567890,+1234567891,+1234567892 |
Discord
The Discord transport will POST the alert message to your DiscordIncoming WebHook. Simple html tags are stripped from the message.
The only required value is for url, without this no call to Discordwill be made. The Options field supports the JSON/Form Params listedin the Discord Docs below.
Example:
Config | Example |
---|---|
Discord URL | https://discordapp.com/api/webhooks/4515489001665127664/82-sf4385ysuhfn34u2fhfsdePGLrg8K7cP9wl553Fg6OlZuuxJGaa1d54fe |
Options | username=myname |
Elasticsearch
You can have LibreNMS send alerts to an elasticsearch database. Eachfault will be sent as a separate document.
Librenms Syslog Timestamp
The index pattern uses strftime() formatting.
Example:
Config | Example |
---|---|
Host | 127.0.0.1 |
Port | 9200 |
Index Patter | librenms-%Y.%m.%d |
GitLab
LibreNMS will create issues for warning and critical level alertshowever only title and description are set. Uses Personal accesstokens to authenticate with GitLab and will store the token in cleartext.
Example:
Config | Example |
---|---|
Host | http://gitlab.host.tld |
Project ID | 1 |
Personal Access Token | AbCdEf12345 |
HipChat
See the HipChat API Documentation for rooms/messagefor details on acceptable values.
You may notice that the link points at the 'deprecated' v1 API. This isbecause the v2 API is still in beta.
Example:
Config | Example |
---|---|
API URL | https://api.hipchat.com/v1/rooms/message?auth_token=109jawregoaihj |
Room ID | 7654321 |
From Name | LibreNMS |
Options | color = red notify = 1 message_format = text |
At present the following options are supported: color
, notify
and message_format
.
Note: The default message format for HipChat messages is HTML. It isrecommended that you specify the text
message format to prevent unexpectedresults, such as HipChat attempting to interpret angled brackets (<
and>
).
IRC
The IRC transports only works together with the LibreNMS IRC-Bot.Configuration of the LibreNMS IRC-Bot is described here.
Example:
Config | Example |
---|---|
IRC | enabled |
JIRA
You can have LibreNMS create issues on a Jira instance for criticaland warning alerts. The Jira transport only sets summary anddescription fields. Therefore your Jira project must not have anyother mandatory field for the provided issuetype. The config fieldsthat need to set are Jira URL, Jira username, Jira password, Projectkey, and issue type. Currently http authentication is used to accessJira and Jira username and password will be stored as cleartext in theLibreNMS database.
Example:
Config | Example |
---|---|
URL | https://myjira.mysite.com |
Project Key | JIRAPROJECTKEY |
Issue Type | Myissuetype |
Jira Username | myjirauser |
Jira Password | myjirapass |
LINE Notify
Example:
Config | Example |
---|---|
Token | AbCdEf12345 |
The E-Mail transports uses the same email-configuration like the rest of LibreNMS.As a small reminder, here is it's configuration directives including defaults:
Example:
Config | Example |
---|---|
[email protected] |
Matrix
For using the Matrix transports, you have to create a room on the Matrix-server.The provided Auth_token belongs to an user, which is member of this room.The Message, sent to the matrix-room can be built from the variables defined inTemplate-Syntax but without the 'alert->' prefix.See API-Transport. The variable $msg
is contains the result of the Alert template.The Matrix-Server URL is cutted before the beginning of the _matrix/client/r0/...
API-part.
Example:
Config | Example |
---|---|
Matrix-Server URL | https://matrix.example.com/ |
Room | !ajPbbPalmVbNuQoBDK:example.com |
Auth_token: | MDAyYmxvY2F0aW9uI...z1DCn6lz_uOhtW3XRICg |
Message: | Alert: {{ $msg }} https://librenms.example.com |
Microsoft Teams
LibreNMS can send alerts to Microsoft Teams Incoming Webhooks which arethen posted to a specific channel. Microsoft recommends usingmarkdown formatting for connector cards.Administrators can opt to composethe MessageCardthemselves using JSON to get the full functionality.
Example:
Config | Example |
---|---|
WebHook URL | https://outlook.office365.com/webhook/123456789 |
Use JSON? | x |
Nagios Compatible
The nagios transport will feed a FIFO at the defined location with thesame format that nagios would. This allows you to use other alertingsystems with LibreNMS, for example Flapjack.
Example:
Config | Example |
---|---|
Nagios FIFO | /path/to/my.fifo |
OpsGenie
Using OpsGenie LibreNMS integration, LibreNMS forwards alerts toOpsGenie with detailed information. OpsGenie acts as a dispatcher forLibreNMS alerts, determines the right people to notify based onon-call schedules and notifies via email, text messages (SMS), phonecalls and iOS & Android push notifications. Then escalates alertsuntil the alert is acknowledged or closed.
Create a LibreNMSIntegration fromthe integrations page once you signup. Then copy the API key from OpsGenie to LibreNMS.
If you want to automatically ack and close alerts, leverage Maridintegration. More detail with screenshots is available inOpsGenie LibreNMS Integration page.
Example:
Config | Example |
---|---|
WebHook URL | https://url/path/to/webhook |
osTicket
LibreNMS can send alerts to osTicket API which are then converted to osTicket tickets.
Example:
Config | Example |
---|---|
API URL | http://osticket.example.com/api/http.php/tickets.json |
API Token | 123456789 |
PagerDuty
LibreNMS can make use of PagerDuty, this is done by utilizing an APIkey and Integraton Key.
API Keys can be found under 'API Access' in the PagerDuty portal.
Integration Keys can be found under 'Integration' for the particularService you have created in the PagerDuty portal.
Example:
Config | Example |
---|---|
API Key | randomsample |
Integration Key | somerandomstring |
Philips Hue
Want to spice up your noc life? LibreNMS will flash all lightsconnected to your philips hue bridge whenever an alert is triggered.
To setup, go to the you http://your-bridge-ip
/debug/clip.html
- Update the 'URL:' field to
/api
- Paste this in the 'Message Body' {'devicetype':'librenms'}
- Press the round button on your
philips Hue Bridge
- Click on
POST
- In the
Command Response
You should see output with your username. Copy this without the quotes
More Info: Philips Hue Documentation
Example:
Config | Example |
---|---|
Host | http://your-bridge-ip |
Hue User | username |
Duration | 1 Second |
PlaySMS
PlaySMS is an open source SMS-Gateway that can be used via their HTTPAPI using a Username and WebService Token. Please consult PlaySMS'sdocumentation regarding number formatting.
Here an example using 3 numbers, any amount of numbers is supported:
Example:
Config | Example |
---|---|
PlaySMS | https://localhost/index.php?app=ws |
User | user1 |
Token | MYFANCYACCESSTOKEN |
From | My Name |
Mobiles | +1234567892,+1234567890,+1234567891 |
Pushbullet
Get your Access Token from your Pushbullet's settings page and set it in your transport:
Example:
Config | Example |
---|---|
Access Token | MYFANCYACCESSTOKEN |
Pushover
If you want to change the default notificationsound for all notifications then youcan add the following in Pushover Options:
sound=falling
You also have the possibility to change sound per severity:sound_critical=falling
sound_warning=siren
sound_ok=magic
Enabling Pushover support is fairly easy, there are only two required parameters.
Firstly you need to create a new Application (called LibreNMS, forexample) in your account on the Pushover website (https://pushover.net/apps).
Now copy your API Key and obtain your User Key from the newly createdApplication and setup the transport.
Example:
Config | Example |
---|---|
Api Key | APPLICATIONAPIKEYGOESHERE |
User Key | USERKEYGOESHERE |
Pushover Options | sound_critical=falling sound_warning=siren sound_ok=magic |
Rocket.chat
The Rocket.chat transport will POST the alert message to yourRocket.chat Incoming WebHook using the attachments option. Simple htmltags are stripped from the message. All options are optional, the onlyrequired value is for url, without this then no call to Rocket.chat will be made.
Example:
Config | Example |
---|---|
Webhook URL | https://rocket.url/api/v1/chat.postMessage |
Rocket.chat Options | channel=#Alerting username=myname icon_url=http://someurl/image.gif icon_emoji=:smirk: |
Sensu
The Sensu transport will POST anEvent to theAgent APIupon an alert being generated.
It will be categorised (ok, warning or critical), and if you configure thealert to send recovery notifications, Sensu will also clear the alertautomatically. No configuration is required - as long as you are running theSensu Agent on your poller with the HTTP socket enabled on tcp/3031, LibreNMSwill start generating Sensu events as soon as you create the transport.
Acknowledging alerts within LibreNMS is not directly supported, but anannotation (acknowledged
) is set, so a mutator or silence, or even thehandler could be written to look for it directly in the handler. There is alsoan annotation (generated-by
) set, to allow you to treat LibreNMS eventsdifferently from agent events.
The 'shortname' option is a simple way to reduce the length of device names inconfigs. It replaces the last 3 domain components with single letters (e.g.websrv08.dc4.eu.corp.example.net gets shortened to websrv08.dc4.eu.cen).
Limitations
- Only a single namespace is supported
- Sensu will reject rules with special characters - the Transport will attemptto fix up rule names, but it's best to stick to letters, numbers and spaces
- The transport only deals in absolutes - it ignores the got worse/got betterstates
- The agent will buffer alerts, but LibreNMS will not - if your agent isoffline, alerts will be dropped
- There is no backchannel between Sensu and LibreNMS - if you make changes inSensu to LibreNMS alerts, they'll be lost on the next event (silences will work)
Example:
Config | Example |
---|---|
Sensu Endpoint | http://localhost:3031 |
Sensu Namespace | eu-west |
Check Prefix | lnms |
Source Key | hostname |
Slack
The Slack transport will POST the alert message to your Slack IncomingWebHook using the attachments option, you are able to specify multiplewebhooks along with the relevant options to go with it. Simple htmltags are stripped from the message. All options are optional, theonly required value is for url, without this then no call to Slack will be made.
We currently support the following attachment options:
author_name
Example:
Config | Example |
---|---|
Webhook URL | https://slack.com/url/somehook |
Slack Options | author_name=Me |
SMSEagle
SMSEagle is a hardware SMS Gateway that can be used via their HTTP APIusing a Username and password.
Destination numbers are one per line, with no spaces. They can be ineither local or international dialling format.
Example:
Config | Example |
---|---|
SMSEagle Host | ip.add.re.ss |
User | smseagle_user |
Password | smseagle_user_password |
Mobiles | +3534567890 0834567891 |
SMSmode
SMSmode is a SMS provider that can be configured by using the generic API Transport.You need a token you can find on your personnal space.
Example:
Config | Example |
---|---|
Transport type | Api |
API Method | POST |
API URL | http://api.smsmode.com/http/1.6/sendSMS.do |
Options | accessToken=PUT_HERE_YOUR_TOKEN numero=PUT_HERE_DESTS_NUMBER_COMMA_SEPARATED message={{ $msg }} |
Splunk
LibreNMS can send alerts to a Splunk instance and provide all deviceand alert details.
Example output:
``Feb 21 15:21:52 nms hostname='localhost', sysName='localhost', sysDescr=', sysContact=', os='fortigate', type='firewall', ip='localhost', hardware='FGT_50E', version='v5.6.9', serial=', features=', location=', uptime='387', uptime_short=' 6m 27s', uptime_long=' 6 minutes 27 seconds', description=', notes=', alert_notes=', device_id='0', rule_id='0', proc=', status='1', status_reason=', ping_timestamp=', ping_loss='0', ping_min='25.6', ping_max='26.8', ping_avg='26.3', elapsed='14m 54s', uid='0', alert_id='0', severity='critical', name='Device up/down', timestamp='2020-02-21 15:21:33', state='0', device_device_id='0', device_inserted=', device_hostname='localhost', device_sysName='localhost', device_ip='localhost', device_overwrite_ip=', device_timeout=', device_retries=', device_snmp_disable='0', device_bgpLocalAs='0', device_sysObjectID=', device_sysDescr=', device_sysContact=', device_version='v5.6.9', device_hardware='FGT_50E', device_features='build1673', device_location_id=', device_os='fortigate', device_status='1', device_status_reason=', device_ignore='0', device_disabled='0', device_uptime='387', device_agent_uptime='0', device_last_polled='2020-02-21 15:21:33', device_last_poll_attempted=', device_last_polled_timetaken='7.9', device_last_discovered_timetaken='11.77', device_last_discovered='2020-02-21 13:16:42', device_last_ping='2020-02-21 15:21:33', device_last_ping_timetaken='26.3', device_purpose=', device_type='firewall', device_serial='FGT50EXXX', device_icon='images/os/fortinet.svg', device_poller_group='0', device_override_sysLocation='0', device_notes=', device_port_association_mode='1', device_max_depth='0', device_disable_notify='0', device_location=', device_vrf_lites='Array', device_lat=', device_lng=', - sysObjectID => ';
Each alert will be sent as a separate message.
Librenms Syslog.php
Example:
Config | Example |
---|---|
Host | 127.0.0.1 |
UDP Port | 514 |
Syslog
You can have LibreNMS emit alerts as syslogs complying with RFC 3164.
More information on RFC 3164 can be found here:https://tools.ietf.org/html/rfc3164
Example output: <26> Mar 22 00:59:03 librenms.host.net librenms[233]:[Critical] network.device.net: Port Down - port_id => 98939; ifDescr => xe-1/1/0;
Each fault will be sent as a separate syslog.
Example:
Config | Example |
---|---|
Host | 127.0.0.1 |
Port | 514 |
Facility | 3 |
Telegram
Thank you to snis for these instructions.
First you must create a telegram account and add BotFather to you list. To do this click on the following url: https://telegram.me/botfather
Generate a new bot with the command '/newbot' BotFather is then asking for a username and a normal name. After that your bot is created and you get a HTTP token. (for more options for your bot type '/help')
Add your bot to telegram with the following url:
http://telegram.me/
to use app orhttps://web.telegram.org/
to use in web, and send some text to the bot.The BotFather should have responded with a token, copy your token code and go to the following page in chrome:
https://api.telegram.org/bot/getUpdates
(this could take a while so continue to refresh until you see something similar to below)You see a json code with the message you sent to the bot. Copy the Chat id. In this example that is '-9787468' within this example:
'message':{'message_id':7,'from':'id':656556,'first_name':'Joo','last_name':'Doo','username':'JohnDoo'},'chat':{'id':-9787468,'title':'Telegram Group'},'date':1435216924,'text':'Hi'}}]}
.Now create a new 'Telegram transport' in LibreNMS (Global Settings -> Alerting Settings -> Telegram transport). Click on 'Add Telegram config' and put your chat id and token into the relevant box.
If want to use a group to receive alerts, you need to pick the Chat ID of the group chat, and not of the Bot itself.
Example:
Config | Example |
---|---|
Chat ID | 34243432 |
Token | 3ed32wwf235234 |
Format | HTML or MARKDOWN |
Twilio SMS
Twilio will send your alert via SMS. From your Twilio account youwill need your account SID, account token and your Twilio SMS phonenumber that you would like to send the alerts from. Twilio's APIs arelocated at: https://www.twilio.com/docs/api?filter-product=sms
Example:
Config | Example |
---|---|
SID | ACxxxxxxxxxxxxxxxxxxxxxxxxxxxx |
Token | 7xxxx573acxxxbc2xxx308d6xxx652d32 |
Twilio SMS Number | 8888778660 |
UKFast PSS
UKFast PSS tickets can be raised from alerts using the UKFastPSS transport. This required an API key with PSS write
permissions
Example:
Config | Example |
---|---|
API Key | ABCDefgfg12 |
Author | 5423 |
Priority | Critical |
Secure | true |
VictorOps
VictorOps provide a webHook url to make integration extremelysimple. To get the URL required login to your VictorOps account and go to:
Settings -> Integrations -> REST Endpoint -> Enable Integration.
Librenms Syslog Alerts
The URL provided will have $routing_key at the end, you need to changethis to something that is unique to the system sending the alertssuch as librenms. I.e:
https://alert.victorops.com/integrations/generic/20132414/alert/2f974ce1-08fc-4dg8-a4f4-9aee6cf35c98/librenms
Example:
Config | Example |
---|---|
Post URL | https://alert.victorops.com/integrations/generic/20132414/alert/2f974ce1-08fc-4dg8-a4f4-9aee6cf35c98/librenms |
Kayako Classic
LibreNMS can send alerts to Kayako Classic API which are thenconverted to tickets. To use this module, you need REST API featureenabled in Kayako Classic and configured email account at LibreNMS. Toenable this, do this:
Librenms Syslog Server
AdminCP -> REST API -> Settings -> Enable API (Yes)
Also you need to know the department id to provide tickets toappropriate department and a user email to provide, which is used asticket author. To get department id: navigate to appropriatedepartment name at the departments list page in Admin CP and watch thenumber at the end of url. Example:http://servicedesk.example.com/admin/Base/Department/Edit/17. DepartmentID is 17
As a requirement, you have to know API Url, API Key and API Secret toconnect to servicedesk
Example:
Config | Example |
---|---|
Kayako URL | http://servicedesk.example.com/api/ |
Kayako API Key | 8cc02f38-7465-4a0c-8730-bb3af122167b |
Kayako API Secret | Y2NhZDIxNDMtNjVkMi0wYzE0LWExYTUtZGUwMjJiZDI0ZWEzMmRhOGNiYWMtNTU2YS0yODk0LTA1MTEtN2VhN2YzYzgzZjk5 |
Kayako Department | 1 |
Signal CLI
Librenms Syslog Docker
Use the Signal Mesenger for Alerts. Run the Signal CLI with the D-Bus option.
Example:
Config | Example |
---|---|
Path | /opt/signal-cli/bin/signal-cli |
Recipient type | Group |
Recipient | dfgjsdkgljior4345 |
SMSFeedback
Librenms Syslog Filter
SMSFeedback is a SAAS service, which can be used to deliver Alerts via API, using API url, Username & Password.
They can be in international dialling format only.
Example:
Config | Example |
---|---|
User | smsfeedback_user |
Password | smsfeedback_password |
Mobiles | 71234567890 |
Sender name | CIA |