An Introduction toNagios Incident Manager

Andy Brist

abrist@nagios.com

Today’s Agenda

• What is Nagios Incident Manager?• Features and Benefits• API

– Integration with Nagios XI– Integration with Nagios Core

• How to Get Started• Questions

What is Nagios IM?

• Ticketing and Incident Communication– Web-based– Allows users to track and solve problems quickly on an

infrastructure wide basis.

Features

• Clean Presentation, Efficient UI• Incident Tracking• Robust Reporting• Multi-tenancy• Fully integrated with Nagios XI Alerts and

Notifications• Automated Ticket Management for XI Incidents• Extendable API for Ease of Integration with Other

Solutions

Incident Tracking

• All comments persistent and recorded• History of acknowledgments, comments, and actions

taken.• Allows management to watch the status of tickets

without needing access to monitoring UI nor needing to contact the tech support staff directly

Presentation and UI

• Provides a summary of current problems and recent acknowledgements.

• Search incidents• Create new incidents• Easily navigate to

other tabs

Clean and Efficient UI

Presentation and UI

• Specialized Filters for Sorting Views

Reporting

Generate Reports

Advanced Reporting

General Statistics Report

Advanced Reporting

Mean Time to Resolution Report (MTTR)

Advanced Reporting

First Response Times Report

Advanced Reporting

Closed Incidents Report

Features and Functionality

• Multi-Tenant Capabilities

Integration with Nagios XI

Integration with Nagios XI

Integration with Nagios XI

API

• Extendable• Third Party Integration

More About the API

● API Documentation accessible from help

● Callback driven – fast and reliable

● Supports GET/POST methods

● Full IM configuration accessible through API

● Responses formatted in XML for easy integration

Integration with Nagios Core

Event handler script example:#/bin/bash

HOSTADDRESS="$1"

HOSTNAME="$2"

HOSTSTATE="$3"

HOSTSTATETYPE="$4"

HOSTOUTPUT="$5"

LONGHOSTOUTPUT="$6"

HOSTPROBLEMID="$7"

NAGIOSIM_APIKEY="$8"

INCIDENT_TYPE="$9"

NAGIOSIM_URL="${10}"

curl --data-urlencode "api_key=$NAGIOSIM_APIKEY" --data-urlencode "title=$HOSTNAME is in a $HOSTSTATETYPE $HOSTSTATE state" --data-urlencode "summary=$HOSTOUTPUT $LONGHOSTOUTPUT" --data-urlencode "type=$INCIDENT_TYPE" $NAGIOSIM_URL

Integration with Nagios Core

Command example:

$USER1$/open_incident.sh "$HOSTADDRESS$" "$HOSTNAME$" \

"$HOSTSTATE$" "$HOSTSTATETYPE$" "$HOSTOUTPUT$" \

"$HOSTLONGOUTPUT$" "$HOSTPROBLEMID$" \

"e4dba0b610a66b47cc6241faf9541c0c" "nagiosxi-incident" \

"http://192.168.4.193/nagiosim/index.php/api/incidents/add"

Integration with Third Party Products

• Supports GET/POST APIs• Supports Email APIs• Useful when deploying Nagios Core/XI in

environments with a preexisting ticketing solution

• Can be leveraged to provide "glue" for environments with many ticketing/notification systems

Conclusion

Nagios Incident Manager• Lightweight & Easy to Use• Extremely Customizable & Flexible• Track & Resolve Incidents Fast• Advanced Reporting Capabilities• Extendable API

How to Get Started

Free 60 Day Trial• Fully functional, no limitations• Quickstarts• Reduced purchase price if bundled with XI• Jumpstart Sessions (Limited time offer –

Conference Only!)

Support Forums• support.nagios.com

Questions?

Thank You!

The End

Andy Brist

abrist@nagios.com