Nagios alerts via SMS with gnokii (tutorial)

Like many IT professionals, I use nagios to monitor many systems and services. Some of these are security related (the SIEM system just registered an incident), while others can span both operational and security disciplines (the web server is down…why is the web server down?).

While all of the geeks I work with are able to get email alerts 24/7 through the magic of smart phones, there were still potential gaps in this method of notification. What if the email server is down? How about if the active sync server, firewall, internet connection, or core switching is down?

Getting alerts via SMS seemed like a great solution to this problem. My initial route to this functionality was using the cell provider’s email-to-SMS gateway. This provided alerts that went out if the mail or active sync servers were down, but didn’t really address a failure at the firewall, internet connection or switching infrastructure.

Some people I bounced ideas off of suggested using a cellular modem (a.k.a. air card). This did seem possible, but getting the system to dial out when needed seemed overly complex. A Verizon MiFi was also suggested. While that lacked the complexity, I was worried that the always-on connection could function as a back-door into the network. What I really wanted was a way to send SMS messages directly via the cell network.

Since I have an android phone with root access, I was hoping to find a way to use Android’s native debugging system (adb) to create a text message using the adb shell and a simple shell script. I failed to find a way to do this. I’d still like to figure out a way to make this happen, so please leave a comment if you have solved this puzzle!

Giving up on the Android route, a little googling led me to gnokii. gnokii is designed to have some pretty wide-ranging functionality, but all I wanted it for was the ability to send an SMS message via an attached cell phone. I went down several blind alleys before I got a working system set up, but I did finally get it running. I happy to say it works exactly as I had hoped. Hopefully this little tutorial will help you to avoid some of the trouble I ran into.

System background

I am running nagios 3.2.1 on CentOS 5.5, kernel 2.6.18.

Your version of nagios shouldn’t be too important as setting up commands and contacts should be the same unless you are running a very old version. You could even use this with some other system calling gnokii, as long as you know how to make that system launch an external program or script.

If your Linux distribution doesn’t use udev and doesn’t have gnokii in its repository, you may have to improvise. Also, older kernels may have problems with some newer phones.

Select a Phone

The first step is to get a phone that will work with gnokii. This is not the most straightforward task. First off, I recommend that you only look at older GSM-type phones. In the US, GSM generally means T-Mobile or AT&T, and by older I mean Motorola RAZR-vintage or older.

The gnokii page has a list of Nokia phones that are known to work, along with sometimes vague information about some phones from other manufacturers. Many phones are listed as having issues with certain commands or functionality. It pretty much comes down to trying out what phones you may have available and hoping they work. This is how I found out that all four Verizon phones I had were useless for this project.

Fortunately, one of my fellow IT contacts had an older Cingular (now AT&T) RAZR V3. This phone was particularly convenient as it has a mini-USB plug on the side instead of using a proprietary cable. It looks like you can have your pick of RAZR V3s for under $50 on eBay, so if you can’t get any of your existing phones to work, this should be a reasonable route to getting one that does work. I suggest one of the hot pink models to call attention to your awesome SMS alerting system.

You’ll also need a cable to connect your phone via USB and a working SIM that works with your phone of choice. Hopefully you can figure those out on your own.

Set up USB

I couldn’t get the phone to power on from totally dead with just the power from the USB port, so I charged it with a charger until it would stay powered on for a few minutes. Once I connected the phone while it was powered on, the CentOS system recognized it and assigned it as /dev/ttyACM0. I didn’t have to jump through any hoops at all to get it recognized. The phone also started charging off of the USB power as well.

If you don’t know what device your system assigned to your phone, use lsusb and dmesg to figure it out. You should also note the vendor and device codes from the output of lsusb. It will be in the form of ID xxxx:xxxx where the “xxxx” before the colon is the vendor ID and the “xxxx” after the colon is the device ID. In my case, the relevant line from lsusb read:

Bus 003 Device 002: ID 22b8:4902 Motorola PCS Triplet GSM Phone (AT)

The only change I had to make to the hardware configuration was to allow non-root users to connect to the device. I later found that gnokii could only communicate with the phone when run as a root-level user. I fixed this by adding a udev rule to change the permission on the device. I created a file in the /etc/udev/rules.d directory called 51-moto-phone.rules. It contained a single line reading:
SYSFS{idVendor}==”22b8″, SYSFS{idProduct}==”4902″, MODE=”666″. Fewer processes running as root is a good thing.

The vendor ID and product ID are from the lsusb output you noted above. This makes the phone world read/writable. I restarted my system at this point, but you probably could just force udev to reload the rules.

Install gnokii

I had already set up the RPMForge alternate repository on my system when I did my initial nagios install, so I simply ran “yum install gnokii” to get the package installed. At least one piece of this whole ordeal was easy!

If you are on a different distro, you may have to find a compatible repository for your flavor. It looks like Ubuntu, Debian and Suse all include gnokii in the standard repositories. If you can’t find it in a compatible repository, you can always compile it from source.

The gnokii configuration is pretty simple. There is a default config file at /etc/gnokiirc. There are a fair bit of options in there, but I only changed three lines. I set “model = AT”, “connection = serial”, and “port = /dev/ttyACM0”. The port will obviously need to change to match whatever port your system assigned to your phone. The model and connection may need to be different if you are using a Nokia phone, but it looks like most non-Nokia and even some of the newer Nokia phones work with the AT/serial combo. Check out the gnokii site for more info.

At this point, you should be able to test out your setup. Run:

gnokii --config /etc/gnokiirc --identify

You should get a boatload of output to the screen as gnokii talks to your phone, ending with something that looks like this:

IMEI         : IMEIxxxxxxxxxxxxxxx
Manufacturer : Motorola CE, Copyright 2004
Model        : GSM900","GSM1800","GSM1900","GS
Product name : GSM900","GSM1800","GSM1900","GS
Revision     : R374_G_0E.41.C3R_B
Serial device: closing device

Note that I used the –config option to specify the path to the config file. By default, gnokii will look for a config file called .gnokiirc in the current user’s /home directory. Since the account that nagios is running under never makes a console login and therefore has no /home directory, I chose to manually specify the config file and use the default location.

If you get an error or gnokii otherwise fails to identify your phone, something is probably broken. I can’t give you much more advice than double-check your configuration and then try a different phone.

If gnokii was able to identify your phone, try sending a text message. gnokii takes input from stdin, so run:

echo "Hello" | gnokii --config /etc/gnokiirc --sendsms +19585550123

Replace the example phone number above with an actual cell phone number of a phone you’d like to send a text to. Note that you need the +1 in front of the phone number for a US phone number as gnokii needs the country code included. Substitute your country code as needed.

If your SMS arrives, congratulations! You’re 90% of the way there and the hard part is over. If it didn’t work, but gnokii was able to identify your phone earlier, it may be that your configuration is correct but your phone isn’t compatible. gnokii may provide a more or less useful error. This is where I crashed out with all of the Verizon phones I was trying. Not much to do here other than try a different phone.

Configure nagios

You could probably do this dozens of ways, but here is how I chose to set it up.

I created two new commands, “notify-host-by-sms” and “notify-service-by-sms”, mirroring the default “notify-host-by-email” and “notify-service-by-email” commands. The command_line for each of the new commands is:

echo "Nagios: $NOTIFICATIONTYPE$ $SERVICEDESC$ (etc, etc)" | /user/bin/gnokii --config /etc/gnokiirc --sendsms +1$CONTACTPAGER$

Then I created a second contact for myself, with my cell number (without the country code, I included the country code in the notification command above) listed as the pager number and “notify-host-by-sms” and “notify-service-by-sms” as the host and service notification commands.

At this point, nagios should be able to send you an SMS message in addition to an email for any alerts that come up. I also used the escalations feature of nagios to limit the number of SMS messages I might get about an incident, but that is up to you.

Conclusion

Not only is having this system providing me with some extra piece of mind, I have started thinking about other scenarios where it could be put to good use. How about a network with a security policy that won’t allow email relaying or outbound SMTP for the monitoring system? Or a network that needs to be monitored, but simply has no internet connectivity? You could also substitute nagios for any other system that might send out alerts or other information that needs to be transmitted independently of an internet connection. Let your imagination run wild!

Advertisements
  1. October 3, 2010 at 3:03 AM

    Hi Michael,

    Good and comprehensive description. I’ll link if from gnokii wiki if you don’t mind. Few minor comments:

    “I created a file in the /etc/udev/rules.d directory called 51-moto-phone.rules”
    In fact it doesn’t need to be world rw. You just need to ensure that the user that runs gnokii has rw access. You can refer to:
    http://wiki.gnokii.org/index.php/DKU2
    http://git.savannah.gnu.org/cgit/gnokii.git/tree/Docs/sample/45-nokiadku2.rules
    on how to create more specific rules.

    “Note that I used the –config option to specify the path to the config file. By default, gnokii will look for a config file called .gnokiirc in the current user’s /home directory.”
    It has a bit changed in a new version but still /etc/gnokiirc is in the searchable list. That means if you don’t have $HOME/.gnokiirc it will still be found. So no need for this option.

    “Note that you need the +1 in front of the phone number for a US phone number as gnokii needs the country code included.”
    It should be fine with whatever you can use in the phone. I mean it should work without the prefix as well.

    • October 5, 2010 at 7:53 AM

      Thanks for stopping by and reading. Please feel free to link from the gnokii site, and thanks for the added information. The only point I may disagree with you on is the use of the +1 as part of the phone number. I found that I was unable to send messages without it. It could be a quirk of my particular phone or provider, but it was definitely needed in my case.

  2. gaurav
    September 12, 2012 at 10:03 AM

    awesome stuff dude,,,keep it up 🙂

  3. quang
    March 21, 2013 at 10:49 AM

    thank you very much!!

  4. wietse
    September 25, 2013 at 2:53 AM

    great tutorial! thx!

  5. DZPM_IT
    December 11, 2015 at 6:42 PM

    Thanks a million im using to send sms notifications in Zabbix 2.4

  1. October 1, 2010 at 9:47 AM

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: