28 March 2013

F5 BIG-IP how to configure email SMTP alerts step by step


The default alerting method is using SNMP traps, there is however a relatively simple although lengthy process to get the same alerts by email.  I am writing this with the Windows admin in mind, but it is relevant for everyone.

Tools you will need

  • Putty or other SSH terminal
  • WinSCP
  • NotePad ++

There are two seperate processes that need to be changed.

  • Configure the BIG=IP to send emails by editing the ssmtp.conf file
  • Select  the alerts to send via email by editing the alert.conf file


Step 1 Configure mail settings
You need to configure the BIG-IP with the details of your anonymous SMTP server.  The place to do this is in the ssmtp.conf file.

  • Open putty and SSH to the BIG-IP
  • Long in as Root
  • Copy the orginal file before editing with the following
  • cp /etc/ssmtp/ssmtp.conf /etc/ssmtp/ssmtp.conf.orig


  • Open WinSCP
  • Start a SCP session to the BIG-IP
  • Browse to the  /etc/ssmtp/ folder
  • copy the ssmtp.conf file to your pc


  • Edit the file with Notepad ++
  • Find and edit the line with your details
  • mailhub=smtp-mail.domain.com
  • Save the changes


  • SCP the file back onto the BIG-IP


  • In putty run the following to test the SMTP configuration
  • echo "ssmtp test mail" | mail -vs "Test email " myemail@mydomain.com

If this email is successfully sent and received you can proceed to step 2

Step 2 Configure the alerts to mail
The BIG-IP configured to send all alerts as SNMP traps.  You can select the alert and add an email notification to the SNMP trap process, so you get both.

  • Open putty and SSH to the BIG-IP
  • Long in as Root
  • Copy the orginal file before editing with the following
  • cp /etc/alertd/alert.conf /etc/alertd/alert.conf.orig
  • add write permission to the file
  • chmod 644 /etc/alertd/alert.conf


  • Open WinSCP
  • Start a SCP session to the BIG-IP
  • Browse to the  /etc/alertd/ folder
  • copy the alertd.conf file to your pc
  • Edit the file with Notepad ++

Here you need to have a look at how the various alerts are set up.  Each Alert ID is an OID.  At the end of the alerts you want to email add the following
;
email toaddress="myalertemail@domain.com"
fromaddress="BIGIP02@domain.com"
body="";
Between the OID and any other action you should have your email configuration seperated by ; so you should end up with an alert that look like this
alert BIGIP_SYSTEM_CHECK_E_CPU_TEMP_HIGH {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.4";
email toaddress="myalertemail@domain.com"
fromaddress="BIGIP02@domain.com"
body="";
lcdwarn description="CPU Temp too high." priority="3"
}

There are loads of these so you might just want to pick a few pertinenet ones at first.

  • When done making the edits
  • Save the changes
  • SCP the file back onto the BIG-IP


  • In your putty SSH session reset the file permission
  • chmod 444 /etc/alertd/alert.conf
  • Restart the the alertd process
  • bigstart restart alertd

Once all of those things are done you should have backup copies of the original files and email alerts configured.

Step 3 Test the alerts
Your Big-IP should now be able to sedn you alerts by mail should something go wring.  I reccomend testing this before just trusting it.  The easiet way i founf to test this was the reverse a pool monitor.  this would flag it as being down and generate the alert.

The emails look similar to this

From: root [mailto:BIGIP02@domain.com]
Sent: 05 March 2013 03:43 PM
To: Etienne Liebetrau
Subject: 01070638:5: Pool /ATG/pool_www-uat_HTTP member /ATG/node_www-uat1:80 monitor status down. [ was up for 23hrs:32mins:19sec ]



No comments:

Post a Comment