Following on from the basics of SNMP I did previously, this article now adds the next set of SNMP extension scripts, config, and Cacti templates to monitor a Postfix mail server.

Update: Also see my recent article about basic Postfix configuration  which works with these templates.

Postfix Stats

Postfix produces a minimum of statistics it's self, but as is common in Unix, it does produce comprehensive logs of activity which provides plenty of material for generating statistics from.

There are already a load of logfile analysers around, but for the purposes of this monitoring, I decided the best thing was to write my own and then it would be easy to make it work exactly how I wanted for producing stats.

The script parses two log files given on the command line (this allows it to deal with log file rotations). The third argument is the store for the stats which includes the point in the file it has already processed to. It loads this, adds the additional stats and then replaces the file with the latest data.

Download:  Perl script to analyse Postfix log files for SNMP

I place this script (make it executable first: chmod +x postfix-loganalyser) in /etc/snmp

One feature I have built into this script is that it ouputs any lines that it does not completely understand. Cron will email this back to the administrator. This means that over time the script can be enhanced to extract more information from the logs. If you want to ignore this then just send all the output to /dev/null in the cron job.

Getting Postfix stats over SNMP

Like discussed previously, Postfix logfiles require root privilege to access, and snmpd runs as a low privilege user. What I do is have a CRON job that reads this data and stores it in files for snmpd to access via extension scripts.

If you are using the same config I described previously, then simply add the lines to your /etc/snmp/local-snmp-cronjob file to make it look something like this (may have other content for other tasks):

From the there, I have a load of small scripts for each aspect of the stats I monitor. One thing to consider when writing these scripts is to ensure that if more parameters are added to them, they are all added to the ends of the scripts to ensure that the order of the data given to snmpd does not change.

Downloads:

• Postfix milter statistics SNMP extension script
• Postfix local statistics SNMP extension script
• Postfix pickup statistics SNMP extension script
• Postfix queue statistics SNMP extension script
• Postfix smtp connection statistics SNMP extension script
• Postfix smtp status statistics SNMP extension script
• Postfix smtp TLS statistics SNMP extension script
• Postfix smtp warning statistics SNMP extension script
• Postfix smtpd connection statistics SNMP extension script
• Postfix smtpd noqueue statistics SNMP extension script
• Postfix smtpd noqueue recipient rejection statistics SNMP extension script
• Postfix smtpd noqueue relay rejection statistics SNMP extension script
• Postfix smtpd noqueue sender rejection statistics SNMP extension script
• Postfix smtpd queued statistics SNMP extension script
• Postfix smtpd TLS statistics SNMP extension script
• Postfix smtpd warning statistics SNMP extension script

I place these scripts (make them executable first: chmod +x postfix-stats-*) in /etc/snmp

In /etc/snmp/snmpd.conf add the following lines (or others if you want to monitor them):

Once you have added all this in you can test these scripts by running them from the command line, and via SNMP by appending the appropriate SNMP OID to the "snmpwalk" commands shown previously.

Cacti Templates

I have generated some basic Cacti Templates for these Postfix stats.

Download: Cacti Templates for Postfix statistics over SNMP

Simply import this template, and add the graphs you want to the appropriate device graphs in Cacti. It should just work if your SNMP is working correctly for that device (ensure other SNMP parameters are working for that device).

Graph Screen Shots

.... for a very quiet mail server

Update:

One person had pointed out that there has been some problems on some versions of Cacti with importing the templates. The template was generated with version 0.8.7b (from Debain Lenny).

The problem manifests it's self as "Cacti version does not exist" error, and appears to be cured by adding in this version, although in my version the file is actually global_arrays.php

The relevant array from my global_arrays.php / config_array.php:

$hash_version_codes = array(
    "0.8.4"  => "0000",
    "0.8.5"  => "0001",
    "0.8.5a" => "0002",
    "0.8.6"  => "0003",
    "0.8.6a" => "0004",
    "0.8.6b" => "0005",
    "0.8.6c" => "0006",
    "0.8.6d" => "0007",
    "0.8.6e" => "0008",
    "0.8.6f" => "0009",
    "0.8.6g" => "0010",
    "0.8.6h" => "0011",
    "0.8.6i" => "0012",
    "0.8.6j" => "0013",
    "0.8.7"  => "0014",
    "0.8.7a" => "0015",
    "0.8.7b" => "0016"
    );

Update 19/6/2010:

Another updated version - this again improves scripts and templates, adding monitoring for the ClamAV Milter and smtpd Certificate Verification Failures. Also you can now download all the neccesary scripts and templates in tar ball: 20100619-postfix-cacti-update.tar.bz2