DX Infrastructure Manager

Expand all | Collapse all

Probe to capture structured mails

  • 1.  Probe to capture structured mails

    Posted 10-19-2018 06:50 AM

    Hi,

    we are looking for a solution in nimsoft to capture structured mails and convert them into a nimsoft alarm.

     

    Are there any idea's how to do or can this be investigated by the development team of CA?

     

    greetings



  • 2.  Re: Probe to capture structured mails

    Posted 10-19-2018 11:04 AM

    An Idea was created requesting this functionality:

    Receive email to generate alarm 



  • 3.  Re: Probe to capture structured mails

    Posted 10-22-2018 04:26 AM

    In attachment an old pop reader probe written in Perl that did still work last year (last time I tested it)

    (like it's written in Perl you can add any structure in reading the subjectline)

    Attachment(s)



  • 4.  Re: Probe to capture structured mails

    Posted 10-29-2018 11:17 AM

    Hi,

    I was happy to read your comment on this.

    thanks for you answer... but as i installed a newer version of perl (latest available) the probe does not work.

    Do you have anywere the requested perl version installed on you server? as we have all 2012 servers with 64-bit.

     

    have a nice day



  • 5.  Re: Probe to capture structured mails

    Posted 10-30-2018 03:56 AM

    - download the Perl from: Dropbox - uim_perl - Simplify your life  (this is Strawberry Perl strawberry-perl-5.14.2.1-64bit.msi    + UIM perl integration + some extra packages for other utilities posted on communities))

    - add the following directories in your path

          - C:\strawberry64\perl\bin

          - C:\strawberry64\perl\site\bin

          - C:\strawberry64\c\bin

    (To run Perl with UIM sdk calls this version is required)

    Or you can download the above version from: http://strawberryperl.com/releases.html and install it on your server and install afterwards the UIM Perl SDK.



  • 6.  Re: Probe to capture structured mails

    Posted 10-30-2018 06:49 AM
      |   view attached

    Hi chrlu03,

     

    Thanks for the installations files…

     

    Finally I could start the probe, but not with the activate command, but in a cmd-prompt.

    There he’s saying that he doesn’t find the file.

    Oct 30 10:57:26:641  Controller: Probe 'email2alarm' FAILED to start (command = perl.exe email2alarm.pl) error = (2) The system cannot find the file specified.

     

    So I tired to start with following command and the probe starts…

    D:\Program Files (x86)\Nimsoft\probes\gateway\email2alarm>perl.exe "D:\Program Files (x86)\Nimsoft\probes\gateway\email2alarm\email2alarm.pl"

     

    We are trying to connect to a outlook.office365.com address… but it doesn’t work…

    Is it because we cannot give port and Encryption in the probe other then default values?

     

     

    Oct 30 11:05:30:204 email2alarm: SREQUEST: probe_checkin ->127.0.0.1/48000

    Oct 30 11:05:30:204 email2alarm: RREPLY: status=OK(0) <-127.0.0.1/48000  h=37 d=426

    Oct 30 11:05:30:204 email2alarm: sockClose:0000000002BCF680:127.0.0.1/54200

    Oct 30 11:05:30:204 email2alarm: SREQUEST: _close ->127.0.0.1/48000

    Oct 30 11:05:30:204 email2alarm: sslClientSetup - mode=0 cipher=DEFAULT

    Oct 30 11:05:30:204 email2alarm: nimSessionServer - port = 0

    Oct 30 11:05:30:205 email2alarm: sockServer:0000000002BCF270:0.0.0.0/54201

    Oct 30 11:05:30:205 email2alarm: SREQUEST: port_register ->127.0.0.1/48000

    Oct 30 11:05:30:205 email2alarm: RREPLY: status=OK(0) <-127.0.0.1/48000  h=37 d=0

    Oct 30 11:05:30:205 email2alarm: sockClose:0000000002BD0E10:127.0.0.1/54202

    Oct 30 11:05:30:205 email2alarm: SREQUEST: _close ->127.0.0.1/48000

    Oct 30 11:05:30:205 email2alarm: Nimbus::Session::server - ok on port 54201

    Oct 30 11:05:30:205 email2alarm: Session::server - returned 0

    Oct 30 11:07:35:256 email2alarm: Pop3 connect failed or the login failed (User: elsie.de.bosscher@securex.be) on outlook.office365.com

    Oct 30 11:07:35:256 email2alarm: RREQUEST: _status <-172.19.176.77/54244  h=267 d=0

    Oct 30 11:07:35:256 email2alarm: SREPLY: status = 0(OK) ->172.19.176.77/54244

    Oct 30 11:07:35:256 email2alarm: RREQUEST: _close <-172.19.176.77/54244  h=266 d=0

    Oct 30 11:07:35:256 email2alarm: sockClose:0000000002BD10E0:172.19.176.77/54201

     

     

     

    Elsie De Bosscher

    System Engineer | It Operations

    T +32 9 235 62 16 | M +32 474 98 57 37

    elsie.de.bosscher@securex.be<mailto:elsie.de.bosscher@securex.be> | www.securex.be<http://www.securex.be/>

    <https://twitter.com/Securex_BE>[linkedin]<https://www.facebook.com/securex.be>[linkedin]<https://www.linkedin.com/company/securex>[youtube]<https://www.youtube.com/user/securex>

     



  • 7.  Re: Probe to capture structured mails

    Posted 03-26-2019 08:49 AM

    Did anyone ever get this working in a 64 bit environment?



  • 8.  Re: Probe to capture structured mails

    Posted 03-28-2019 08:25 AM

    Chrlu03 did you ever get this email2alarm working in 64 bit environemnt. I have been working with it, and I have gotten it to work "kind-of".

     

    elsie.de.bosscher I have gotten a little past where you were.  So the probe does not start from the IM. When I activate it from the IM it goes red. However if I leave the probe in error state and go to the server and run the email2alarm.pl from a command prompt the probe will go green. It gets a port but not a PID. However in the log I see that it gets a PID.

     

    Then I send an email to the inbox it is supposed to be watching, and I see the probe start to do some things and it does not error, I also see it delete the email out of the inbox once its done with it. However it seems I never receive an alarm to the alarm console from the email. That is as far as I am so far, if anyone else has gotten further or has any other info on how to achieve this please let me know. I will post as I get further.



  • 9.  Re: Probe to capture structured mails

    Posted 03-28-2019 08:28 AM

    Also I looked in the document and maybe I missed it but is outlook installed on the robot that runs the probe required?



  • 10.  Re: Probe to capture structured mails

    Posted 03-29-2019 06:08 AM
      |   view attached

    - you don't need outlook installed

    - in attachment my version that runs on a w2008r2 server, you can copy this Perl source to Nimsoft\probes\gateway\email2alarm. This version has some changes:

         * commented the line: $pop->delete($msgnum); (to avoid the emails to be deleted in test environment) Once it runs ok you need to uncomment it, else you will receive each interval an alarm for the same mail.

         * added an alarm when the probe is started

         * changed the alarm format

    - the alarms are only generated when the Perl is running as a probe

    - if the probe is turning red it's probably because you don't have the Perl path in the probe definition, like:

    I hope this helps a little bit

    Attachment(s)

    zip
    email2alarm.pl.zip   1K 1 version


  • 11.  Re: Probe to capture structured mails

    Posted 03-29-2019 10:31 AM

    Chrlu03 I got it working with your changes, one question I do have, below is the section that "Gets the email and alarms on the subject line. Is it possible to add the body of the email to the message of the alarm also? That way the information that is sent over in the body of the email is in the message of the alarm?

     

    ###########################################
    # doGetPopEmail
    # Get Pop Email and Alarm on Subject Line
    ###########################################
    sub doGetPopEmail {
     my $pop = Net::POP3->new($popserver);
     if (not $pop or not $pop->login($username,$password)) {
      nimLog(0, "Pop3 connect failed or the login failed (User: $username) on $popserver");
      return "null";
     }
     my $msgnums = $pop->list; # hashref of msgnum => size
     foreach my $msgnum (keys %$msgnums) {
      my $msg = $pop->get($msgnum);
      nimLog(0, "Message Recieved"); #print("Message received.\n");
      $endemail = 0;
                    $from = "";
      foreach my $line (@$msg) {
       if ( $line=~ /^From: (.*)/ ) {
        $from = $1;
        nimLog(1, "Message from $1"); #print "Message from: $1\n";
       }
       if ( $line=~ /^Subject: (.*)/ ) {
        nimAlarm(NIML_INFO,"$pgm - $1");
        nimLog(1, "Subject: $1"); #print $1;
        $endemail = 1;
       }
       if ( $endemail ) {
        # Exit Foreach Loop as we have found the first Subject line
        last;
       }
      }
      $pop->delete($msgnum);
      nimLog(3, "@$msg"); #print @$msg;
     }
     $pop->quit;
    }



  • 12.  Re: Probe to capture structured mails

    Posted 03-30-2019 07:00 AM

    This probe was created to get the from: and subject:.  If you want other parts of the mail you need an extra print in the beginning of the loop so that you can see (in the log file) how the body is represented so you can create an extra if logic.



  • 13.  Re: Probe to capture structured mails

    Posted 03-28-2019 08:46 AM

    Hi all,

     

    i did never reach to the end of capturing the emails.

    the request was set on hold at our side. so i did not do further investigations, sorry.

     

    but i did never reachted the moment that the probe picks up a mail. so i think you are already further than me.

     

    Greetings,

    elsie