Email trigger fails, but recovery works ALERTS.LOG

From Aaron Quinto, 6 Years ago, written in Plain Text.
URL https://p.libren.ms/view/de3bce56
Embed
Download Paste or View Raw
  1. TRIGGER NOTIFICATION that FAILS:
  2. Start: Mon, 09 Apr 2018 03:26:02 +0000
  3. ClearStaleAlerts():
  4. SQL[SELECT `alerts`.`id` AS `alert_id`, `devices`.`hostname` AS `hostname` FROM `alerts` LEFT JOIN `devices` ON `alerts`.`device_id`=`devices`.`device_id`  RIGHT JOIN `alert_rules` ON `alerts`.`rule_id`=`alert_rules`.`id` WHERE `alerts`.`state`!=0 AND `devices`.`hostname` IS NULL]
  5. RunFollowUp():
  6. SQL[SELECT alerts.id, alerts.device_id, alerts.rule_id, alerts.state FROM alerts WHERE alerts.state != 2 && alerts.state > 0 && alerts.open = 0]
  7. RunAlerts():
  8. SQL[SELECT alerts.id, alerts.device_id, alerts.rule_id, alerts.state FROM alerts WHERE alerts.state != 2 && alerts.open = 1]
  9. SQL[SELECT alert_log.id,alert_log.rule_id,alert_log.device_id,alert_log.state,alert_log.details,alert_log.time_logged,alert_rules.rule,alert_rules.severity,alert_rules.extra,alert_rules.name FROM alert_log,alert_rules WHERE alert_log.rule_id = alert_rules.id && alert_log.device_id = '1' && alert_log.rule_id = '14' && alert_rules.disabled = 0 ORDER BY alert_log.id DESC LIMIT 1]
  10. SQL[SELECT DISTINCT a.* FROM alert_rules a  LEFT JOIN alert_device_map d ON a.id=d.rule_id  LEFT JOIN alert_group_map g ON a.id=g.rule_id  LEFT JOIN device_group_device dg ON g.group_id=dg.device_group_id  WHERE a.disabled = 0 AND ((d.device_id IS NULL AND g.group_id IS NULL) OR d.device_id='1' OR dg.device_id='1')]
  11. SQL[SELECT alerts.alerted,devices.ignore,devices.disabled FROM alerts,devices WHERE alerts.device_id = '1' && devices.device_id = alerts.device_id && alerts.rule_id = '14']
  12. SQL[SELECT `device_group_id` FROM `device_group_device` WHERE `device_id`='1']
  13. SQL[SELECT alert_schedule.schedule_id FROM alert_schedule LEFT JOIN alert_schedule_items ON alert_schedule.schedule_id=alert_schedule_items.schedule_id WHERE ( alert_schedule_items.target = '1' ) && ((alert_schedule.recurring = 0 AND (NOW() BETWEEN alert_schedule.start AND alert_schedule.end)) OR (alert_schedule.recurring = 1 AND (alert_schedule.start_recurring_dt <= date_format(NOW(), '--%d') AND (end_recurring_dt >= date_format(NOW(), '--%d') OR end_recurring_dt is NULL OR end_recurring_dt = '0000-00-00' OR end_recurring_dt = '')) AND (date_format(now(), '%H:%i:%s') BETWEEN `start_recurring_hr` AND end_recurring_hr) AND (recurring_day LIKE CONCAT('%',date_format(now(), ''),'%') OR recurring_day is null or recurring_day = ''))) LIMIT 1]
  14. SQL[UPDATE `alert_log` set `details` ='xڅT▒n▒0▒g[▒V▒:5▒▒4@▒▒hoE!▒-▒▒H▒▒▒A▒▒3Zl9hуeq▒▒▒G▒▒▒ʳ▒;▒▒ƬV▒Z▒▒V▒▒▒[▒dP▒▒▒\Z▒▒mFl+9▒▒▒D▒
  15.                                                                                                                               Q▒7$3▒▒▒+▒p<▒▒ ̖▒r▒▒▒C▒▒▒▒L▒f▒҄f▒▒䪕r▒4M▒▒?▒+▒▒▒▒▒\0▒▒{▒\\▒84▒▒gÜ▒▒▒▒▒)▒=\Z▒▒▒▒2▒8՘▒P▒▒P▒h▒q▒
  16. ▒▒)7X▒ʠE4\\▒~▒▒▒[▒▒4YQ  ǶH▒▒▒ͽ.▒▒v▒8y▒▒⥿[▒▒8▒▒▒/▒▒▒)▒Y▒▒▒5w%▒wm▒[▒▒UF׽▒c▒▒X▒p▒▒QR▒▒4▒V▒▒b37▒▒
  17.                                                                                              ▒,6▒▒▒▒̷;\'▒V▒*L▒▒%▒▒▒▒5=#\Z!;▒]Cm▒▒!▒\r▒▒▒r▒ ▒▒Vڎ▒\\Tñ5▒▒]-▒%▒\\s勓Q▒9_-▒▒9M▒tuE▒<▒rz▒)▒▒1▒=\r▒▒▒z▒coi
  18. Ԏ▒▒X▒▒▒w▒▒▒
  19.            ▒]▒▒<NOU>▒mH}\n▒]▒?▒▒▒e▒I▒u▒jdo▒/ ▒▒:▒b(▒▒▒\\\rk▒-^cy)▒e▒▒▒p[▒R▒Y▒▒▒\'(▒▒▒▒Q%I▒E▒Qk▒f▒▒~,▒' WHERE id = '1082']
  20. SQL[SELECT count(*) from `device_relationships` WHERE `child_device_id` = '1']
  21. SQL[SELECT attrib_value FROM devices_attribs WHERE attrib_type = "disable_notify" && device_id = '1']
  22. SQL[]
  23. SQL[SELECT hostname, sysName, sysDescr, hardware, version, location, purpose, notes, uptime FROM devices WHERE device_id = '1']
  24. SQL[SELECT `template`,`title`,`title_rec` FROM `alert_templates` JOIN `alert_template_map` ON `alert_template_map`.`alert_templates_id`=`alert_templates`.`id` WHERE `alert_template_map`.`alert_rule_id`='14']
  25. SQL[SELECT `template`,`title`,`title_rec` FROM `alert_templates`  WHERE `name`='Default Alert Template']
  26. Issuing Alert-UID #1082/1: ; ; mail => ERROR: You must provide at least one recipient email address.
  27. SQL[SELECT `devices`.*, `lat`, `lng` FROM `devices` LEFT JOIN locations ON `devices`.`location`=`locations`.`location` WHERE `device_id` = '1']
  28. SQL[SELECT * FROM devices_attribs WHERE `device_id` = '1']
  29. SQL[SELECT * FROM `vrf_lite_cisco` WHERE `device_id` = '1']
  30. SQL[INSERT INTO `eventlog` (`host`,`device_id`,`reference`,`type`,`datetime`,`severity`,`message`,`username`)  VALUES ('1','1','NULL','error',NOW(),'5','Could not issue warning alert for rule \'Processor usage over 50%\' to transport \'mail\' Error: You must provide at least one recipient email address.','')]
  31. ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ;
  32. SQL[UPDATE `alerts` set `alerted` ='1' WHERE rule_id = '14' && device_id = '1']
  33. SQL[UPDATE `alerts` set `open` ='0' WHERE rule_id = '14' && device_id = '1']
  34. RunAcks():
  35. SQL[SELECT alerts.id, alerts.device_id, alerts.rule_id, alerts.state FROM alerts WHERE alerts.state = 2 && alerts.open = 1]
  36. End  : Mon, 09 Apr 2018 03:26:02 +0000
  37. DEBUG!
  38. Start: Mon, 09 Apr 2018 03:27:01 +0000
  39. ClearStaleAlerts():
  40. SQL[SELECT `alerts`.`id` AS `alert_id`, `devices`.`hostname` AS `hostname` FROM `alerts` LEFT JOIN `devices` ON `alerts`.`device_id`=`devices`.`device_id`  RIGHT JOIN `alert_rules` ON `alerts`.`rule_id`=`alert_rules`.`id` WHERE `alerts`.`state`!=0 AND `devices`.`hostname` IS NULL]
  41. RunFollowUp():
  42. SQL[SELECT alerts.id, alerts.device_id, alerts.rule_id, alerts.state FROM alerts WHERE alerts.state != 2 && alerts.state > 0 && alerts.open = 0]
  43. SQL[SELECT alert_log.id,alert_log.rule_id,alert_log.device_id,alert_log.state,alert_log.details,alert_log.time_logged,alert_rules.rule,alert_rules.severity,alert_rules.extra,alert_rules.name FROM alert_log,alert_rules WHERE alert_log.rule_id = alert_rules.id && alert_log.device_id = '1' && alert_log.rule_id = '14' && alert_rules.disabled = 0 ORDER BY alert_log.id DESC LIMIT 1]
  44. SQL[SELECT DISTINCT a.* FROM alert_rules a  LEFT JOIN alert_device_map d ON a.id=d.rule_id  LEFT JOIN alert_group_map g ON a.id=g.rule_id  LEFT JOIN device_group_device dg ON g.group_id=dg.device_group_id  WHERE a.disabled = 0 AND ((d.device_id IS NULL AND g.group_id IS NULL) OR d.device_id='1' OR dg.device_id='1')]
  45. SQL[]
  46. RunAlerts():
  47. SQL[SELECT alerts.id, alerts.device_id, alerts.rule_id, alerts.state FROM alerts WHERE alerts.state != 2 && alerts.open = 1]
  48. RunAcks():
  49. SQL[SELECT alerts.id, alerts.device_id, alerts.rule_id, alerts.state FROM alerts WHERE alerts.state = 2 && alerts.open = 1]
  50.  
  51.  
  52. RECOVERY NOTIFICATION:
  53. Start: Mon, 09 Apr 2018 03:36:01 +0000
  54. ClearStaleAlerts():
  55. SQL[SELECT `alerts`.`id` AS `alert_id`, `devices`.`hostname` AS `hostname` FROM `alerts` LEFT JOIN `devices` ON `alerts`.`device_id`=`devices`.`device_id`  RIGHT JOIN `alert_rules` ON `alerts`.`rule_id`=`alert_rules`.`id` WHERE `alerts`.`state`!=0 AND `devices`.`hostname` IS NULL]
  56. RunFollowUp():
  57. SQL[SELECT alerts.id, alerts.device_id, alerts.rule_id, alerts.state FROM alerts WHERE alerts.state != 2 && alerts.state > 0 && alerts.open = 0]
  58. RunAlerts():
  59. SQL[SELECT alerts.id, alerts.device_id, alerts.rule_id, alerts.state FROM alerts WHERE alerts.state != 2 && alerts.open = 1]
  60. SQL[SELECT alert_log.id,alert_log.rule_id,alert_log.device_id,alert_log.state,alert_log.details,alert_log.time_logged,alert_rules.rule,alert_rules.severity,alert_rules.extra,alert_rules.name FROM alert_log,alert_rules WHERE alert_log.rule_id = alert_rules.id && alert_log.device_id = '1' && alert_log.rule_id = '14' && alert_rules.disabled = 0 ORDER BY alert_log.id DESC LIMIT 1]
  61. SQL[SELECT DISTINCT a.* FROM alert_rules a  LEFT JOIN alert_device_map d ON a.id=d.rule_id  LEFT JOIN alert_group_map g ON a.id=g.rule_id  LEFT JOIN device_group_device dg ON g.group_id=dg.device_group_id  WHERE a.disabled = 0 AND ((d.device_id IS NULL AND g.group_id IS NULL) OR d.device_id='1' OR dg.device_id='1')]
  62. SQL[SELECT alerts.alerted,devices.ignore,devices.disabled FROM alerts,devices WHERE alerts.device_id = '1' && devices.device_id = alerts.device_id && alerts.rule_id = '14']
  63. SQL[SELECT `device_group_id` FROM `device_group_device` WHERE `device_id`='1']
  64. SQL[SELECT alert_schedule.schedule_id FROM alert_schedule LEFT JOIN alert_schedule_items ON alert_schedule.schedule_id=alert_schedule_items.schedule_id WHERE ( alert_schedule_items.target = '1' ) && ((alert_schedule.recurring = 0 AND (NOW() BETWEEN alert_schedule.start AND alert_schedule.end)) OR (alert_schedule.recurring = 1 AND (alert_schedule.start_recurring_dt <= date_format(NOW(), '--%d') AND (end_recurring_dt >= date_format(NOW(), '--%d') OR end_recurring_dt is NULL OR end_recurring_dt = '0000-00-00' OR end_recurring_dt = '')) AND (date_format(now(), '%H:%i:%s') BETWEEN `start_recurring_hr` AND end_recurring_hr) AND (recurring_day LIKE CONCAT('%',date_format(now(), ''),'%') OR recurring_day is null or recurring_day = ''))) LIMIT 1]
  65. SQL[UPDATE `alert_log` set `details` ='xګV▒▒+I-*K▒Q▒2452621▒43▒\0[|▒' WHERE id = '1083']
  66. SQL[SELECT count(*) from `device_relationships` WHERE `child_device_id` = '1']
  67. SQL[SELECT attrib_value FROM devices_attribs WHERE attrib_type = "disable_notify" && device_id = '1']
  68. SQL[]
  69. SQL[SELECT hostname, sysName, sysDescr, hardware, version, location, purpose, notes, uptime FROM devices WHERE device_id = '1']
  70. SQL[SELECT `template`,`title`,`title_rec` FROM `alert_templates` JOIN `alert_template_map` ON `alert_template_map`.`alert_templates_id`=`alert_templates`.`id` WHERE `alert_template_map`.`alert_rule_id`='14']
  71. SQL[SELECT `template`,`title`,`title_rec` FROM `alert_templates`  WHERE `name`='Default Alert Template']
  72. SQL[SELECT alert_log.id,alert_log.time_logged,alert_log.details FROM alert_log WHERE alert_log.state != 2 && alert_log.state != 0 && alert_log.rule_id = '14' && alert_log.device_id = '1' && alert_log.id < '1083' ORDER BY id DESC LIMIT 1]
  73. SQL[UPDATE `alert_log` set `details` ='x▒\0\0\0\0' WHERE id = '1083']
  74. Issuing Alert-UID #1083/0: ; ; mail => OKSQL[SELECT `devices`.*, `lat`, `lng` FROM `devices` LEFT JOIN locations ON `devices`.`location`=`locations`.`location` WHERE `device_id` = '1']
  75. SQL[SELECT * FROM devices_attribs WHERE `device_id` = '1']
  76. SQL[SELECT * FROM `vrf_lite_cisco` WHERE `device_id` = '1']
  77. SQL[INSERT INTO `eventlog` (`host`,`device_id`,`reference`,`type`,`datetime`,`severity`,`message`,`username`)  VALUES ('1','1','NULL','alert',NOW(),'1','Issued recovery for rule \'Processor usage over 50%\' to transport \'mail\'','')]
  78. ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ; ;
  79. SQL[UPDATE `alerts` set `alerted` ='0' WHERE rule_id = '14' && device_id = '1']
  80. SQL[UPDATE `alerts` set `open` ='0' WHERE rule_id = '14' && device_id = '1']
  81. RunAcks():
  82. SQL[SELECT alerts.id, alerts.device_id, alerts.rule_id, alerts.state FROM alerts WHERE alerts.state = 2 && alerts.open = 1]
  83. End  : Mon, 09 Apr 2018 03:36:02 +0000
  84. DEBUG!
  85.  


Reply to "Email trigger fails, but recovery works ALERTS.LOG"