CheckMK integration for Splunk On-Call 🔗
Requirements 🔗
Checkmk versions supported: Checkmk Raw, Checkmk Enterprise
Splunk On-Call version required: Starter, Growth, Enterprise
注釈
The Splunk On-Call plugin for CheckMK is only compatible with the legacy Nagios Core CheckMK. The plugin is not compatible with the new CheckMK Micro Core (CMC).
Configure Splunk On-Call 🔗
Go to Integrations then Generic REST endpoint.
Copy the REST endpoint URL to your clipboard.
Obtain your organization ID and key 🔗
You also need your Splunk On-Call organization ID and keys to complete your CheckMK configuration.
To obtain your organization ID, go to Splunk On-Call timeline. Your organization ID is the end of the URL. For example, if the URL is
https://portal.victorops.com/client/buttercup-games
then the organization ID isbuttercup-games
.You can find your organization key by selecting the Nagios integration in Splunk On-Call. From the timeline select Integrations then Nagios/Nagios XI.
Configure CheckMK 🔗
Create a notification in CheckMK.
For the Notification Method, select VictorOps.
Select REST Endpoint URL selected in the drop-down menu.
Enter the REST endpoint URL you copied previously from Splunk On-Call in the VictorOPS REST URL field.
See https://docs.checkmk.com/latest/en/notifications_splunkoncall.html for more information on integrating and testing.
Legacy CheckMK (Nagios Core) plugin installation 🔗
Install the plugin 🔗
Depending on your system you might need to use sudo with these commands.
Run the following command:
wget https://github.com/victorops/monitoring_tool_releases/releases/download/victorops-nagios-1.4.20/victorops-nagios_1.4.20_all.deb
Run the following command:
dpkg -i <path_to_file>
If you don’t want to use dpkg you can also run the following:
sudo apt install <path_to_file>
Run the following command:
wget https://github.com/victorops/monitoring_tool_releases/releases/download/victorops-nagios-1.4.20/victorops-nagios-1.4.20-1.noarch.rpm
Run the following command
rpm -i <path_to_file>
Configure CheckMK 🔗
Run the following command with your site name to create copies of Nagios and environment configuration files and create symlinks to them in the site Nagios directory:
/opt/victorops/nagios_plugin/omd_check_mk/install.sh <yoursitename>
Run this command to edit the configuration files:
vi /opt/victorops/nagios_plugin/conf/env.<yoursitename>.sh
Update the file, setting the values you previously obtained for your organization ID and organization key. You can also specify a fail-safe email and monitor name.
If your localhost is not configured as 「localhost」 in your Nagios instance, you need to edit /opt/victorops/nagios_plugin/nagios_conf/victorops..cfg to change the service hostname on ~line 52. Run the following command to edit the configuration file:
vi /opt/victorops/nagios_plugin/nagios_conf/victorops.mysite.cfg
Verify the Nagios configuration
/omd/sites/;/bin/nagios -v /omd/sites//tmp/nagios/nagios.cfg
Restart your omd instance. The Splunk On-Call services show on your Nagios host dashboard. Splunk On-Call services also appear on the Checkmk service status for the host. You can look for logs in /var/log/victorops.
Next, you need to configure the contact settings from in CheckMK. Select Users.
Select New User.
Configure the user. An email is required even though no emails are sent. Disable logins for this user and add the user to a contact group.
Turn on notifications for the user and configure the notification method for VictorOps and Call with the following parameters as shown in the following image:
Disable flapping and downtime events for hosts and services, as follows. Splunk On-Call doesn’t represent these states.
Send a test notification using custom notifications in either CheckMK or Nagios. The Splunk On-Call forwarder service doesn’t notify through the usual mechanisms, though, so avoid sending production notifications with that service.