I have several alerts setup and they are working. The default alert text is
limited though. I want to build an alert plugin to pull some data into the
alert email itself.
For example, during an ICMP traffic > 10% ten minute average alert I'd want
to send the output of this:
nfdump -M
/opt/nfsen/profiles-data/live/core1-pao1:core2-sea2:core1-sea2:core1-sea1:core1-chi1:core1-iad1:core2-dca3:core1-dca3:core2-dca2:core1-dca2
-T -r 2011/05/25/nfcapd.201105251220 -n 50 -s ip/flows
nfdump filter:
proto ICMP
Are there any examples of alert plugins around that I can see and build upon
anywhere that anyone knows? Perhaps you already know how to this and can
help me out? I've already built a backend plugin (.pm) that looks for hosts
that are connecting to a high number of other hosts on certain ports. I
kind of know how this works but not the alert stuff yet.
--
Landon Stewart <lstew...@superb.net>
SuperbHosting.Net by Superb Internet Corp.
Toll Free (US/Canada): 888-354-6128 x 4199
Direct: 206-438-5879
Web hosting and more "Ahead of the Rest": http://www.superbhosting.net
------------------------------------------------------------------------------
vRanger cuts backup time in half-while increasing security.
With the market-leading solution for virtual backup and recovery,
you get blazing-fast, flexible, and affordable data protection.
Download your free trial now.
http://p.sf.net/sfu/quest-d2dcopy1
_______________________________________________
Nfsen-discuss mailing list
Nfsen-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfsen-discuss
