Check MK

Prerequisites:

This section explains on how to integrate and ingest alerts from Check MK monitoring tool into CloudFabrix AIOPs platform.

Check MK (derived from Nagios Core) is a monitoring tool which supports alert notifications via email, slack, pagerduty, victorops or a script executing a command. CloudFabrix AIOPs platform uses webhook notification method using a script from Check MK monitoring tool to receive and ingest the alerts or events.

Click here for Alert Sources to create a Webhook URL for Check MK alert notifications in CloudFabrix OIA application.

Note: Under Alert Mapping section, use Nagios alert mapping configuration for Check MK alerts.

Configure Check MK for Alert notifications over a Webhook:

Step 1: Download the below scripts for both 'Host' and 'Service' type of alerts

For 'Host' type alerts:

https://macaw-amer.s3.amazonaws.com/releases/OIA/scripts/webhook/cfx-host-webhook-notification.sh

For 'Service' type alerts:

https://macaw-amer.s3.amazonaws.com/releases/OIA/scripts/webhook/cfx-service-webhook-notification.sh

Step 2: Copy the 'cfx-host-webhook-notification.sh' and 'cfx-service-webhook-notification.sh' script to Check MK system into the folder '/omd/sites/<Site_Name>/local/share/check_mk/notifications'

Step 3: Login into Check MK monitoring tool's machine using SSH CLI as 'root' user and execute the below commands.

ssh root@<checkmk-ip-address>

cd /omd/sites/<Site_Name>/local/share/check_mk/notifications

chmod 755 cfx-host-webhook-notification.sh
chmod 755 cfx-service-webhook-notification.sh

Step 4: Edit the scripts 'cfx-host-webhook-notification.sh' & 'cfx-service-webhook-notification.sh' and configure the below variables. Configure the 'CFX_WEBHOOK_URL' variable with 'Webhook URL' that was created under 'Alert Sources' section in CloudFabrix OIA application.

Configure 'CFX_WEBHOOK_USERNAME' and 'CFX_WEBHOOK_PASSWORD' variables if the Webhook is configured with HTTP authentication, otherwise, leave them empty.

CFX_WEBHOOK_URL="<cfx-webhook-url>"
CFX_WEBHOOK_USERNAME="<cfx-webhook-username-Optional>"
CFX_WEBHOOK_PASSWORD="<cfx-webhook-username-Optional>"

Step 5: Login into Check MK monitoring tool UI as a user which has admin privileges to configure the alert notifications.

Step 6: Under 'Setup' menu, click on 'Users' menu to create a new user for Check MK alert notifications.

Step 7: Click on 'Add' button

Step 8: Enter username as 'cfx_notifications'. Select appropriate sites under 'Authorized sites'. Under 'Security' section, select 'Automatic secret for machine accounts' and generate a secret.

Select 'Disable password' option to disable the login to this account. Select the roles as 'Normal monitoring user'

Step 9: Commit the changes.

Step 10: Under 'Setup' menu, click on 'Notifications' menu to create configure alert notifications for both Host and Service type problems.

Step 11: Configure alert notifications for 'Host' type problems.

Click on 'Add rule' button.

Step 12: Enter the 'Decsription' as 'cfx_host_notification'.

Select 'Notification Method' as 'cfx-host-webhook-notification.sh' from the drop down menu.

Under Contact selection section, select cfx_notifications user that was created to enable the alert notification.

Select appropriate 'Sites' to enable the alert notification.

Step 13: For 'Match host event type' option, select appropriate options as shown below.

Click on Save button to save the alert notification rule.

Step 14: Configure alert notifications for 'Service' type problems.

Click on 'Add rule' button.

Enter the 'Decsription' as 'cfx_service_notification'.

Select 'Notification Method' as 'cfx-service-webhook-notification.sh' from the drop down menu.

Under Contact selection section, select cfx_notifications user that was created to enable the alert notification.

Select appropriate 'Sites' to enable the alert notification.

Step 15: For 'Match service event type' option, select appropriate options as shown below.

Click on Save button to save the alert notification rule.

Below is the Alert Filed mapping table (for information only) between Check MK alert notification fields and CloudFabrix OIA's common data model fields for Alerts.