(apologies for the dropped sentence at the end) Why .+ instead of .*? + is one or more of the preceding. * is zero or more of the preceding. The suggested examples are intended to be less greedy about what it finds. If you know it's going to be all contiguous capital letters, [A-Z]+ is a better limited result than .* Or use \w+ equivalent to [A-Za-z0-9_]+ On Thu, Dec 13, 2012 at 1:36 PM, Gerald Young wrote:

Probably because your state isn't found in an appropriate regex. Try these:

\s*Host:\s+(.*)\s*|Notification for [\d\.]+ \((.+)\) \s*Service:\s+(.*)\s*|\s*==>\s(.+)\s<== \s*State:\s+(\S+)|State is now:\s+([A-Z]+)

Host would be some sourt

On Thu, Dec 13, 2012 at 1:05 PM, Nico Hoffmann wrote:

...

Hello List,

I have a problem with System Monitoring in OTRS 3.1.11 and multiple sources of alarms. The one source is an Icinga instance and this is working as expected. The other instance is the Hetzner system monitoring available for all root servers, that sends a little bit other notifications like Icinga/Nagios. Here is an example of a notification: ---- Subject: Notification for 5.9.55.176 (irgendwas.bacanol.de) -> smtp:OK

Body: Notification for 5.9.55.176 (irgendwas.bacanol.de):

==> SMTP <== State is now: OK (17:19h 2012.12.13) State before: ERROR (was 14 minutes) Service params: port=25 Service uptime: 99.96% Check output:

...

smtp connection works

---

My regex is like the following:

FromAddressRegExp: alarmingaddress@bacanol.de|support@hetzner.de HostRegExp: \s*Host:\s+(.*)\s*|^Notification.*\((.*)\) ServiceRegExp: \s*Service:\s+(.*)\s*|\s*==>\s+(.*)<==\s* StateRegExp: \s*State:\s+(\S+)

----

Do you have any idea why the system claims that "SystemMonitoring Mail: SystemMonitoring: Could not find host address and/or state in mail => Ignoring"?

I tried to test my regex with external sites and perl support, but OTRS seems to treat this maybe different?

Thank you and best regards,

Nico

--------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs

Yes, we could take a look at the source codehttp://source.otrs.org/viewvc.cgi/SystemMonitoring/Kernel/System/PostMaster/.... line 425 (after which comes the error message) refers to line 194, Interesting parts: 220 LINE: 221 for my $Line (@BodyLines) { 222 223 # Try to get State, Host and Service from email body 224 ELEMENT: 225 for my $Element (qw(State Host Service)) { 226 227 next ELEMENT if $AlreadyMatched{$Element}; 228 229 my $Regex = $Self->{Config}->{ $Element . 'RegExp' }; 230 231 if ( $Line =~ /$Regex/ ) { 232 233 # get the found element value 234 $Self->{$Element} = $1; 235 236 # remember that we found this element already 237$AlreadyMatched{$Element} = 1; 238 } 239 } 240 } On Fri, Dec 14, 2012 at 3:18 AM, Nico Hoffmann wrote:

Hi Gerald,

Thank you for your answer. I did test the values but unfortunately OTRS is not recognizing the settings correctly. I still get Fri Dec 14 09:02:03 2012 notice OTRS-otrs.PostMaster.pl-10 SystemMonitoring Mail: SystemMonitoring: Could not find host address and/or state in mail => Ignoring

Is there a way to dig deeper into that module for debugging?

Thank you and best regards,

Nico *

Von:* otrs-bounces@otrs.org [otrs-bounces@otrs.org]" im Auftrag von "Gerald Young [crythias@gmail.com] *Gesendet:* Donnerstag, 13. Dezember 2012 19:44 *An:* User questions and discussions about OTRS. *Betreff:* Re: [otrs] system monitoring and multiple sources of alarms - regex

(apologies for the dropped sentence at the end)

Why .+ instead of .*? + is one or more of the preceding. * is zero or more of the preceding. The suggested examples are intended to be less greedy about what it finds. If you know it's going to be all contiguous capital letters, [A-Z]+ is a better limited result than .* Or use \w+ equivalent to [A-Za-z0-9_]+

On Thu, Dec 13, 2012 at 1:36 PM, Gerald Young wrote:

...

Probably because your state isn't found in an appropriate regex. Try these:

\s*Host:\s+(.*)\s*|Notification for [\d\.]+ \((.+)\) \s*Service:\s+(.*)\s*|\s*==>\s(.+)\s<== \s*State:\s+(\S+)|State is now:\s+([A-Z]+)

Host would be some sourt

On Thu, Dec 13, 2012 at 1:05 PM, Nico Hoffmann wrote:

...

Hello List,

I have a problem with System Monitoring in OTRS 3.1.11 and multiple sources of alarms. The one source is an Icinga instance and this is working as expected. The other instance is the Hetzner system monitoring available for all root servers, that sends a little bit other notifications like Icinga/Nagios. Here is an example of a notification: ---- Subject: Notification for 5.9.55.176 (irgendwas.bacanol.de) -> smtp:OK

Body: Notification for 5.9.55.176 (irgendwas.bacanol.de):

==> SMTP <== State is now: OK (17:19h 2012.12.13) State before: ERROR (was 14 minutes) Service params: port=25 Service uptime: 99.96% Check output:

...

smtp connection works

---

My regex is like the following:

FromAddressRegExp: alarmingaddress@bacanol.de|support@hetzner.de HostRegExp: \s*Host:\s+(.*)\s*|^Notification.*\((.*)\) ServiceRegExp: \s*Service:\s+(.*)\s*|\s*==>\s+(.*)<==\s* StateRegExp: \s*State:\s+(\S+)

----

Do you have any idea why the system claims that "SystemMonitoring Mail: SystemMonitoring: Could not find host address and/or state in mail => Ignoring"?

I tried to test my regex with external sites and perl support, but OTRS seems to treat this maybe different?

Thank you and best regards,

Nico

--------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs

--------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs

Hi, I also had some trouble getting OTRS to pick up the contents of my e-mails. I think I ended up agreeing (with myself) that the otrs regexps didn't go well with some numeric states (that was my issue at the time), or some of the rest of the content of my e-mails. My "solution" was, instead of trying to get OTRS to do what I wanted, I made my monitoring system deliver what OTRS "wanted". The argument was that I was responsible for both OTRS and the monitoring system, why should I only make changes in OTRS? So now my monitoring solution, in addition to its regular e-mail output, also has the following OTRS specific lines in the bottom of the e-mails: OTRSHost: <hostname or IP address> OTRSService: OTRSState: OTRSNumState: OTRSStaticState: DOWN / UP And I catch that in OTRS with the following settings: NewTicketRegExp: CRITICAL|DOWN CloseTicketRegExp: OK|UP HostRegExp: \s*OTRSHost:\s+(.*)\s* ServiceRegExp: \s*OTRSService:\s+(.*)\s* StateRegExp: \s*OTRSStaticState:\s+(\S+) (why that last regexp is different, I actually don't know) Just for inspiration, have a great weekend. :) -- /Sune T. From: otrs-bounces@otrs.org [mailto:otrs-bounces@otrs.org] On Behalf Of Nico Hoffmann Sent: 14. december 2012 18:44 To: User questions and discussions about OTRS. Subject: Re: [otrs] system monitoring and multiple sources of alarms - regex Hi again, is there a quick and easy way to test the settings maybe in debug mode or verbose mode? I still do not get the error solved... Thank you for any help!! Nico Am 14.12.2012 um 14:18 schrieb Gerald Young mailto:crythias@gmail.com>: Yes, we could take a look at the source codehttp://source.otrs.org/viewvc.cgi/SystemMonitoring/Kernel/System/PostMaster/.... line 425 (after which comes the error message) refers to line 194, Interesting parts: 220 LINE: 221 for my $Line (@BodyLines) { 222 223 # Try to get State, Host and Service from email body 224 ELEMENT: 225 for my $Element (qw(State Host Service)) { 226 227 next ELEMENT if $AlreadyMatched{$Element}; 228 229 my $Regex = $Self->{Config}->{ $Element . 'RegExp' }; 230 231 if ( $Line =~ /$Regex/ ) { 232 233 # get the found element value 234 $Self->{$Element} = $1; 235 236 # remember that we found this element already 237 $AlreadyMatched{$Element} = 1; 238 } 239 } 240 } On Fri, Dec 14, 2012 at 3:18 AM, Nico Hoffmann mailto:nh@bacanol.de> wrote: Hi Gerald, Thank you for your answer. I did test the values but unfortunately OTRS is not recognizing the settings correctly. I still get Fri Dec 14 09:02:03 2012 notice OTRS-otrs.PostMaster.pl-10 SystemMonitoring Mail: SystemMonitoring: Could not find host address and/or state in mail => Ignoring Is there a way to dig deeper into that module for debugging? Thank you and best regards, Nico Von: otrs-bounces@otrs.orgmailto:otrs-bounces@otrs.org [otrs-bounces@otrs.orgmailto:otrs-bounces@otrs.org]" im Auftrag von "Gerald Young [crythias@gmail.commailto:crythias@gmail.com] Gesendet: Donnerstag, 13. Dezember 2012 19:44 An: User questions and discussions about OTRS. Betreff: Re: [otrs] system monitoring and multiple sources of alarms - regex (apologies for the dropped sentence at the end) Why .+ instead of .*? + is one or more of the preceding. * is zero or more of the preceding. The suggested examples are intended to be less greedy about what it finds. If you know it's going to be all contiguous capital letters, [A-Z]+ is a better limited result than .* Or use \w+ equivalent to [A-Za-z0-9_]+ On Thu, Dec 13, 2012 at 1:36 PM, Gerald Young mailto:crythias@gmail.com> wrote: Probably because your state isn't found in an appropriate regex. Try these: \s*Host:\s+(.*)\s*|Notification for [\d\.]+ \((.+)\) \s*Service:\s+(.*)\s*|\s*==>\s(.+)\s<== \s*State:\s+(\S+)|State is now:\s+([A-Z]+) Host would be some sourt On Thu, Dec 13, 2012 at 1:05 PM, Nico Hoffmann mailto:nh@bacanol.de> wrote: Hello List, I have a problem with System Monitoring in OTRS 3.1.11 and multiple sources of alarms. The one source is an Icinga instance and this is working as expected. The other instance is the Hetzner system monitoring available for all root servers, that sends a little bit other notifications like Icinga/Nagios. Here is an example of a notification: ---- Subject: Notification for 5.9.55.176 (irgendwas.bacanol.dehttp://irgendwas.bacanol.de/) -> smtp:OK Body: Notification for 5.9.55.176 (irgendwas.bacanol.dehttp://irgendwas.bacanol.de/): ==> SMTP <== State is now: OK (17:19h 2012.12.13) State before: ERROR (was 14 minutes) Service params: port=25 Service uptime: 99.96% Check output:

smtp connection works

My regex is like the following: FromAddressRegExp: alarmingaddress@bacanol.demailto:alarmingaddress@bacanol.de|support@hetzner.demailto:support@hetzner.de HostRegExp: \s*Host:\s+(.*)\s*|^Notification.*\((.*)\) ServiceRegExp: \s*Service:\s+(.*)\s*|\s*==>\s+(.*)<==\s* StateRegExp: \s*State:\s+(\S+) ---- Do you have any idea why the system claims that "SystemMonitoring Mail: SystemMonitoring: Could not find host address and/or state in mail => Ignoring"? I tried to test my regex with external sites and perl support, but OTRS seems to treat this maybe different? Thank you and best regards, Nico --------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs --------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs --------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs

how about using the unsubscribe link visibile in every list email?

just saying unsubscribe in subject and body seemed not to work or the moderator is just an ignorant ass.

tried at least 2 times now to unsubscribe via email, damn it.

--------------------------------------------------------------------- OTRS mailing list: otrs - Webpage: http://otrs.org/ Archive: http://lists.otrs.org/pipermail/otrs To unsubscribe: http://lists.otrs.org/cgi-bin/listinfo/otrs !!!!!!!!!!!!!!!!!!!!

right there above this line.