Two groups under the same host being notified about different checks

Hello all,

This is my first post and I want to thank in advance to anyone who takes time to read this through.

What do I want to achieve:

I would like to have two user groups defined under a host object but each group should receive a notification about different checks. For example, one group does not care about swap, or number of processes but they do want to be notified if the traffic on network interfaces is reaching the threshold.

Example configuration

object Host "Host1" {
  import "stream-host"
  address = "12.23.45.123"

  vars.client_endpoint = name
  vars.os = "Linux"
  vars.has_no_swap = true
  vars.ethmon = {
    "eth0" = {
      ethmon_interface = "eth0"
      ethmon_warning   = 100
      ethmon_critical  = 150
    }
    "tun0" = {
      ethmon_interface = "tun0"
    }
  }
  vars.notification["mail"] = {
    groups = [ "icingaadmins", "group1", "group2" ]
  }

I have created group2

object UserGroup "group2" {
  display_name = "some_name"
}

And defined a user for that group

object User "user1" {
  import "generic-user"
  display_name = "Someone"
  groups = [ "group2" ]

  email = "someone@example.com"
}

I have custom notifications set

apply Notification "stream-host-notification" to Host {
    import "mail-host-notification"

    if (len(host.vars.notification.mail.users) == 0 && len(host.vars.notification.mail.groups) == 0) {
        log(LogCritical, "config", "Host '" + host.name + "' does not specify required user/user_groups configuration attributes for notification '" + name + "'.")
      }

    times.begin = 1h
    interval = 30m

    users = host.vars.notification.mail.users
    user_groups = host.vars.notification.mail.groups

    assign where host.vars.client == "STREAM" && host.vars.notification.mail && typeof(host.vars.notification.mail) == Dictionary
}

apply Notification "stream-service-notification" to Service {
    import "mail-service-notification"

    if (len(host.vars.notification.mail.users) == 0 && len(host.vars.notification.mail.groups) == 0) {
      log(LogCritical, "config", "Host '" + host.name + "' does not specify required user/user_groups configuration attributes for notification '" + name + "'.")
    }

    times.begin = 1h
    interval = 30m

    if (service.vars.notification.mail.users) {
      users = service.vars.notification.mail.users
    } else if (host.vars.notification.mail.users) {
      users = host.vars.notification.mail.users
    } else {
      /* Default user who receives everything. */
      users = [ "someone" ]
    }

    if (service.vars.notification.mail.groups) {
      user_groups = service.vars.notification.mail.groups
    } else if (host.vars.notification.mail.groups) {
      user_groups = host.vars.notification.mail.groups
    }

    assign where host.vars.client == "STREAM" && ((host.vars.notification.mail && typeof(host.vars.notification.mail) == Dictionary ) || ( service.vars.notification.mail && typeof(service.vars.notification.mail) == Dictionary))
    ignore where service.name in [ "apt", "backuppc" ]
    ignore where match("backup-of*", service.name)
}

Apologies for the noob question, I did not set this up, but now tasked to figure out how to have group2 to receive notifications about ethmon check but not about swap. Group1 should remain receiving all notifications as it is now as well as icingaadmins group. I am just not sure how to/or where exactly to make that distinction?

Would the proper way to do it be specifying the group under each service that I want this particular group to be notified about? I would then remove the group from the host object I suppose and still have the notifications being sent to the users defined for the group2?

For example would this work?

apply Service "ethmon-" for (ethmon => config in host.vars.ethmon) {
  import "generic-service"
  
  check_command = "ethmon"
  command_endpoint = host.vars.client_endpoint

  vars += config
  vars.notification.mail.groups = "group1"
}

This is a production environment so I can’t just blindly test it, therefore reaching out to receive any pointers/corrections/ideas before I do.
I tried googling this out but did not manage to find (or recognize) a similar case. I hope I have clearly represented what is it that I want to achieve, but if smth is missing, please do let me know.

Thanks!

1 Like

but now tasked to figure out how to have group2 to receive notifications about ethmon check but not about swap

Take a look at the Service objects in a question. How is swap currently setup? Are there any other hosts that have a similar setup to the one you want?

This is a production environment so I can’t just blindly test it, therefore reaching out to receive any pointers/corrections/ideas before I do.

There’s a safe way to test notifications in production. Create a test group and add yourself to the group. When you test a new notification rule, only add that test group to the rule (if you normally get alerts anyways, maybe you can have your mailadmins create a distro group with only you in it for testing so you can see who the message was to).

vars.notification.mail.groups = "group1"

This looks to be like a custom variable you guys use (I could be wrong). You can configure the service to use this like you have, but all of the magic is going to come from you Notification rules.

Set the above and see if there are any notification rules existing that use it, or use the variable to send the notifications. Looking at your configs
apply Notification "stream-service-notification" to Service { uses this, but if you look at the assign where portion of the rule, you can see under what conditions the service will apply to (looks like if the Host has a var called client that’s set to “STREAM” OR if the service notification mail var is set and the type is a dictionary?)