3.8. Event Notifications
3.8.1. Configuring Event Notifications in the Administration Portal
The Red Hat Virtualization Manager can notify designated users via email when specific events occur in the environment that the Red Hat Virtualization Manager manages. To use this functionality, you must set up a mail transfer agent to deliver messages. Only email notifications can be configured through the Administration Portal. SNMP traps must be configured on the Manager machine.
Procedure
- Ensure that you have access to an email server that can accept automated messages from Manager and deliver them to a distribution list.
-
Click
and select a user. - Click the user’s User Name to go to the details page.
- In the Event Notifier tab, click Manage Events.
- Use the Expand All button or the subject-specific expansion buttons to view the events.
- Select the appropriate check boxes.
Enter an email address in the Mail Recipient field.
NoteThe email address can be a text message email address (for example,
1234567890@carrierdomainname.com
) or an email group address that includes email addresses and text message email addresses.- Click .
On the Manager machine, copy
ovirt-engine-notifier.conf
to a new file called90-email-notify.conf
:# cp /usr/share/ovirt-engine/services/ovirt-engine-notifier/ovirt-engine-notifier.conf /etc/ovirt-engine/notifier/notifier.conf.d/90-email-notify.conf
-
Edit
90-email-notify.conf
, deleting everything except theEMAIL Notifications
section. Enter the correct email variables, as in the example below. This file overrides the values in the original
ovirt-engine-notifier.conf
file.#---------------------# # EMAIL Notifications # #---------------------# # The SMTP mail server address. Required. MAIL_SERVER=myemailserver.example.com # The SMTP port (usually 25 for plain SMTP, 465 for SMTP with SSL, 587 for SMTP with TLS) MAIL_PORT=25 # Required if SSL or TLS enabled to authenticate the user. Used also to specify 'from' user address if mail server # supports, when MAIL_FROM is not set. Address is in RFC822 format MAIL_USER= # Required to authenticate the user if mail server requires authentication or if SSL or TLS is enabled SENSITIVE_KEYS="${SENSITIVE_KEYS},MAIL_PASSWORD" MAIL_PASSWORD= # Indicates type of encryption (none, ssl or tls) should be used to communicate with mail server. MAIL_SMTP_ENCRYPTION=none # If set to true, sends a message in HTML format. HTML_MESSAGE_FORMAT=false # Specifies 'from' address on sent mail in RFC822 format, if supported by mail server. MAIL_FROM=rhevm2017@example.com # Specifies 'reply-to' address on sent mail in RFC822 format. MAIL_REPLY_TO= # Interval to send smtp messages per # of IDLE_INTERVAL MAIL_SEND_INTERVAL=1 # Amount of times to attempt sending an email before failing. MAIL_RETRIES=4
NoteSee
/etc/ovirt-engine/notifier/notifier.conf.d/README
for more options.Enable and restart the
ovirt-engine-notifier
service to activate the changes you have made:# systemctl daemon-reload # systemctl enable ovirt-engine-notifier.service # systemctl restart ovirt-engine-notifier.service
The specified user now receives emails based on events in the Red Hat Virtualization environment. The selected events are displayed on the Event Notifier tab for that user.
3.8.2. Canceling Event Notifications in the Administration Portal
A user has configured some unnecessary email notifications and wants them canceled.
Procedure
-
Click
. - Click the user’s User Name. This opens the details view.
- Click the Event Notifier tab to list events for which the user receives email notifications.
- Click Manage Events.
- Use the Expand All button, or the subject-specific expansion buttons, to view the events.
- Clear the appropriate check boxes to remove notification for that event.
- Click .
3.8.3. Parameters for Event Notifications in ovirt-engine-notifier.conf
The event notifier configuration file can be found in /usr/share/ovirt-engine/services/ovirt-engine-notifier/ovirt-engine-notifier.conf.
Variable Name | Default | Remarks |
---|---|---|
SENSITIVE_KEYS | none | A comma-separated list of keys that will not be logged. |
JBOSS_HOME | /opt/rh/eap7/root/usr/share/wildfly | The location of the JBoss application server used by the Manager. |
ENGINE_ETC | /etc/ovirt-engine |
The location of the |
ENGINE_LOG | /var/log/ovirt-engine |
The location of the |
ENGINE_USR | /usr/share/ovirt-engine |
The location of the |
ENGINE_JAVA_MODULEPATH | ${ENGINE_USR}/modules | The file path to which the JBoss modules are appended. |
NOTIFIER_DEBUG_ADDRESS | none | The address of a machine that can be used to perform remote debugging of the Java virtual machine that the notifier uses. |
NOTIFIER_STOP_TIME | 30 | The time, in seconds, after which the service will time out. |
NOTIFIER_STOP_INTERVAL | 1 | The time, in seconds, by which the timeout counter will be incremented. |
INTERVAL_IN_SECONDS | 120 | The interval in seconds between instances of dispatching messages to subscribers. |
IDLE_INTERVAL | 30 | The interval, in seconds, between which low-priority tasks will be performed. |
DAYS_TO_KEEP_HISTORY | 0 | This variable sets the number of days dispatched events will be preserved in the history table. If this variable is not set, events remain on the history table indefinitely. |
FAILED_QUERIES_NOTIFICATION_THRESHOLD | 30 |
The number of failed queries after which a notification email is sent. A notification email is sent after the first failure to fetch notifications, and then once every time the number of failures specified by this variable is reached. If you specify a value of |
FAILED_QUERIES_NOTIFICATION_RECIPIENTS | none |
The email addresses of the recipients to which notification emails will be sent. Email addresses must be separated by a comma. This entry has been deprecated by the |
DAYS_TO_SEND_ON_STARTUP | 0 | The number of days of old events that will be processed and sent when the notifier starts. If the value is 0 and the service stops and starts after a while, all notifications between service stop and service start time will be lost, please set this value for 1 or a greater value if you want to get notifications on events that occured between service stop and start time. |
FILTER | exclude:* |
The algorithm used to determine the triggers for and recipients of email notifications. The value for this variable comprises a combination of |
MAIL_SERVER | none | The SMTP mail server address. Required. |
MAIL_PORT | 25 |
The port used for communication. Possible values include |
MAIL_USER | none | If SSL is enabled to authenticate the user, then this variable must be set. This variable is also used to specify the "from" user address when the MAIL_FROM variable is not set. Some mail servers do not support this functionality. The address is in RFC822 format. |
SENSITIVE_KEYS | ${SENSITIVE_KEYS},MAIL_PASSWORD | Required to authenticate the user if the mail server requires authentication or if SSL or TLS is enabled. |
MAIL_PASSWORD | none | Required to authenticate the user if the mail server requires authentication or if SSL or TLS is enabled. |
MAIL_SMTP_ENCRYPTION | none |
The type of encryption to be used in communication. Possible values are |
HTML_MESSAGE_FORMAT | false |
The mail server sends messages in HTML format if this variable is set to |
MAIL_FROM | none | This variable specifies a sender address in RFC822 format, if supported by the mail server. |
MAIL_REPLY_TO | none | This variable specifies reply-to addresses in RFC822 format on sent mail, if supported by the mail server. |
MAIL_SEND_INTERVAL | 1 | The number of SMTP messages to be sent for each IDLE_INTERVAL |
MAIL_RETRIES | 4 | The number of times to attempt to send an email before failing. |
SNMP_MANAGERS | none |
The IP addresses or fully qualified domain names of machines that will act as the SNMP managers. Entries must be separated by a space and can contain a port number. For example, |
SNMP_COMMUNITY | public | (SNMP version 2 only) The SNMP community. |
SNMP_OID | 1.3.6.1.4.1.2312.13.1.1 | The default trap object identifiers for alerts. All trap types are sent, appended with event information, to the SNMP manager when this OID is defined. Note that changing the default trap prevents generated traps from complying with the Manager’s management information base. |
SNMP_VERSION | 2 |
Defines which version of SNMP to use. SNMP version 2 and version 3 traps are supported. Possible values: |
SNMP_ENGINE_ID | none | (SNMPv3) The Manager ID used for SNMPv3 traps. This ID is a unique identifier for the device that is connected through SNMP. |
SNMP_USERNAME | none | (SNMPv3) The user name used for SNMPv3 traps. |
SNMP_AUTH_PROTOCOL | none |
(SNMPv3) The SNMPv3 authorization protocol. Possible values: |
SNMP_AUTH_PASSPHRASE | none | (SNMPv3) The passphrase used when SNMP_SECURITY_LEVEL is set to AUTH_NOPRIV and AUTH_PRIV. |
SNMP_PRIVACY_PROTOCOL | none |
(SNMPv3) The SNMPv3 privacy protocol. Possible values: Important AES192 and AES256 are not defined in RFC3826, so verify that your SNMP server supports those protocols before enabling them. |
SNMP_PRIVACY_PASSPHRASE | none |
The SNMPv3 privacy passphrase, used when |
SNMP_SECURITY_LEVEL | 1 |
(SNMPv3) The SNMPv3 security level. Possible values: * |
ENGINE_INTERVAL_IN_SECONDS | 300 | The interval, in seconds, between monitoring the machine on which the Manager is installed. The interval is measured from the time the monitoring is complete. |
ENGINE_MONITOR_RETRIES | 3 | The number of times the notifier attempts to monitor the status of the machine on which the Manager is installed in a given interval after a failure. |
ENGINE_TIMEOUT_IN_SECONDS | 30 | The time, in seconds, to wait before the notifier attempts to monitor the status of the machine on which the Manager is installed in a given interval after a failure. |
IS_HTTPS_PROTOCOL | false |
This entry must be set to |
SSL_PROTOCOL | TLS | The protocol used by JBoss configuration connector when SSL is enabled. |
SSL_IGNORE_CERTIFICATE_ERRORS | false |
This value must be set to |
SSL_IGNORE_HOST_VERIFICATION | false |
This value must be set to |
REPEAT_NON_RESPONSIVE_NOTIFICATION | false | This variable specifies whether repeated failure messages will be sent to subscribers if the machine on which the Manager is installed is non-responsive. |
ENGINE_PID | /var/lib/ovirt-engine/ovirt-engine.pid | The path and file name of the PID of the Manager. |
3.8.4. Configuring the Red Hat Virtualization Manager to Send SNMP Traps
Configure your Red Hat Virtualization Manager to send Simple Network Management Protocol (SNMP) traps to one or more external SNMP managers. SNMP traps contain system event information; they are used to monitor your Red Hat Virtualization environment. The number and type of traps sent to the SNMP manager can be defined within the Red Hat Virtualization Manager.
Red Hat Virtualization supports SNMP version 2 and version 3. SNMP version 3 supports the following security levels:
- NoAuthNoPriv
- SNMP traps are sent without any authorization or privacy.
- AuthNoPriv
- SNMP traps are sent with password authorization but no privacy.
- AuthPriv
- SNMP traps are sent with password authorization and privacy.
Prerequisites
- One or more external SNMP managers are configured to receive traps.
- The IP addresses or fully qualified domain names of machines that will act as SNMP managers. Optionally, determine the port through which Manager receives trap notifications. The default is UDP port 162.
-
The SNMP community (SNMP version 2 only). Multiple SNMP managers can belong to a single community. Management systems and agents can communicate only if they are within the same community. The default community is
public
. - The trap object identifier for alerts. The Red Hat Virtualization Manager provides a default OID of 1.3.6.1.4.1.2312.13.1.1. All trap types are sent, appended with event information, to the SNMP manager when this OID is defined. Note that changing the default trap prevents generated traps from complying with the Manager’s management information base.
- An SNMP username, for SNMP version 3, security levels 1, 2, and 3.
- An SNMP passphrase, for SNMP version 3, security levels 2 and 3.
- An SNMP private passphrase, for SNMP version 3, security level 3.
The Red Hat Virtualization Manager provides management information bases at /usr/share/doc/ovirt-engine/mibs/OVIRT-MIB.txt
and /usr/share/doc/ovirt-engine/mibs/REDHAT-MIB.txt
. Load the MIBs in your SNMP manager before proceeding.
Default SNMP configuration values exist on the Manager in the events notification daemon configuration file /usr/share/ovirt-engine/services/ovirt-engine-notifier/ovirt-engine-notifier.conf
. The values outlined in the following procedure are based on the default or example values provided in this file. Do not edit this file directly, because system changes, such as upgrades, might remove any changes you make to this file. Instead, copy this file to /etc/ovirt-engine/notifier/notifier.conf.d/<integer>-snmp.conf
, where <integer>
is a number indicating the priority with which the file should run.
Procedure
On the Manager, create the SNMP configuration file with the file name
<integer>-snmp.conf
, where<integer>
is an integer that indicates the order in which files are processed. For example:# vi /etc/ovirt-engine/notifier/notifier.conf.d/20-snmp.conf
TipCopy the default SNMP settings from the events notification daemon configuration file
/usr/share/ovirt-engine/services/ovirt-engine-notifier/ovirt-engine-notifier.conf
. This file includes inline comments for all settings.Specify the SNMP manager(s), the SNMP community (SNMP version 2 only), and the OID in the format in this example:
SNMP_MANAGERS="manager1.example.com manager2.example.com:162" SNMP_COMMUNITY=public SNMP_OID=1.3.6.1.4.1.2312.13.1.1
Define whether to use SNMP version 2 (default) or 3:
SNMP_VERSION=3
Specify a value for SNMP_ENGINE_ID. For example:
SNMP_ENGINE_ID="80:00:00:00:01:02:05:05"
With SNMP version 3, specify the security level for SNMP traps:
Security level 1, NoAuthNoPriv traps:
SNMP_USERNAME=NoAuthNoPriv SNMP_SECURITY_LEVEL=1
Security level 2, AuthNoPriv traps, as user
ovirtengine
, with SNMP Auth passphraseauthpass
.SNMP_USERNAME=ovirtengine SNMP_AUTH_PROTOCOL=MD5 SNMP_AUTH_PASSPHRASE=authpass SNMP_SECURITY_LEVEL=2
Security level 3, AuthPriv traps, as user
ovirtengine
with SNMP Auth passphraseauthpass
and SNMP Priv passphraseprivpass
. For example:SNMP_USERNAME=ovirtengine SNMP_AUTH_PROTOCOL=MD5 SNMP_AUTH_PASSPHRASE=authpass SNMP_PRIVACY_PROTOCOL=AES128 SNMP_PRIVACY_PASSPHRASE=privpass SNMP_SECURITY_LEVEL=3
Define which events to send to the SNMP manager:
Example 3.16. Event examples
Send all events to the default SNMP profile:
FILTER="include:*(snmp:) ${FILTER}"
Send all events with the severity
ERROR
orALERT
to the default SNMP profile:FILTER="include:*:ERROR(snmp:) ${FILTER}"
FILTER="include:*:ALERT(snmp:) ${FILTER}"
Send events for VDC_START to the specified email address:
FILTER="include:VDC_START(snmp:mail@example.com) ${FILTER}"
Send events for everything but VDC_START to the default SNMP profile:
FILTER="exclude:VDC_START include:*(snmp:) ${FILTER}"
This the default filter defined in
ovirt-engine-notifier.conf
; if you do not disable this filter or apply overriding filters, no notifications will be sent:FILTER="exclude:*"
VDC_START
is an example of the audit log messages available. A full list of audit log messages can be found in/usr/share/doc/ovirt-engine/AuditLogMessages.properties
. Alternatively, filter results within your SNMP manager.- Save the file.
Start the
ovirt-engine-notifier
service, and ensure that this service starts on boot:# systemctl start ovirt-engine-notifier.service # systemctl enable ovirt-engine-notifier.service
Check your SNMP manager to ensure that traps are being received.
SNMP_MANAGERS
, MAIL_SERVER
, or both must be properly defined in /usr/share/ovirt-engine/services/ovirt-engine-notifier/ovirt-engine-notifier.conf
or in an override file in order for the notifier service to run.
Sample SNMP configuration file
This sample configuration file is based on settings in ovirt-engine-notifier.conf
. A dedicated SNMP configuration file, such as this one, overrides the settings in ovirt-engine-notifier.conf
.
Copy the default SNMP settings from the events notification daemon configuration file /usr/share/ovirt-engine/services/ovirt-engine-notifier/ovirt-engine-notifier.conf
to /etc/ovirt-engine/notifier/notifier.conf.d/<_integer_>-snmp.conf
, where <_integer_>
is a number indicating the priority with which the file should run. This file includes inline comments for all settings.
/etc/ovirt-engine/notifier/notifier.conf.d/20-snmp.conf
SNMP_MANAGERS="manager1.example.com manager2.example.com:162" 1 SNMP_COMMUNITY=public 2 SNMP_OID=1.3.6.1.4.1.2312.13.1.1 3 FILTER="include:*(snmp:)" 4 SNMP_VERSION=3 5 SNMP_ENGINE_ID="80:00:00:00:01:02:05:05" 6 SNMP_USERNAME=<username> 7 SNMP_AUTH_PROTOCOL=MD5 8 SNMP_AUTH_PASSPHRASE=<authpass> 9 SNMP_PRIVACY_PROTOCOL=AES128 10 SNMP_PRIVACY_PASSPHRASE=<privpass> 11 SNMP_SECURITY_LEVEL=3 12
- 1
- The IP addresses or fully qualified domain names of machines that will act as the SNMP managers. Entries must be separated by a space and can contain a port number. For example,
manager1.example.com manager2.example.com:164
- 2
- (SNMP version 2 only) Default SNMP Community String.
- 3
- SNMP Trap Object Identifier for outgoing notifications. iso(1) org(3) dod(6) internet(1) private(4) enterprises(1) redhat(2312) ovirt(13) engine(1) notifier(1)Note
Changing the default will prevent generated traps from complying with OVIRT-MIB.txt.
- 4
- The algorithm used to determine the triggers for and recipients of SNMP notifications.
- 5
- SNMP Version. SNMP version 2 and version 3 traps are supported. 2 = SNMPv2, 3 = SNMPv3.
- 6
- (SNMP version 3 only) The engine ID used for SNMP traps.
- 7
- (SNMP version 3 only) The user name used for SNMP traps.
- 8
- (SNMP version 3 only) The SNMP auth protocol. Supported values are MD5 and SHA. Required when
SNMP_SECURITY_LEVEL
is set to 2 (AUTH_NOPRIV
) or 3 (AUTH_PRIV
). - 9
- (SNMP version 3 only) The SNMP auth passphrase. Required when
SNMP_SECURITY_LEVEL
is set to 2 (AUTH_NOPRIV
) or 3 (AUTH_PRIV
). - 10
- (SNMP version 3 only) The SNMP privacy protocol. Supported values are AES128, AES192 and AES256. Be aware that AES192 and AES256 are not defined in RFC3826, so verify that your SNMP server supports those protocols before enabling them. Required when
SNMP_SECURITY_LEVEL
is set to 3 (AUTH_PRIV
). - 11
- (SNMP version 3 only) The SNMP privacy passphrase. Required when
SNMP_SECURITY_LEVEL
is set to 3 (AUTH_PRIV
). - 12
- (SNMP version 3 only) The SNMP security level. 1 =
NOAUTH_NOPRIV
, 2 =AUTH_NOPRIV
, 3 =AUTH_PRIV
.