I am trying to set up riemann (for monitoring) with email alerts. I have used the following section in my riemann.config file but after reloading the config, I get the error copied below. Any thoughts on troubleshooting this will be greatly appreciated.
Riemann.config
(streams
(where (and (service #"^riemann netty execution-handler")
(state "critical"))
(email "user#somewhere.com")))
Error:
java.lang.RuntimeException: Unable to resolve symbol: email in this context, compiling:(/home/user/test/riemann-0.2.4/etc/riemann.config:40:9)
I forgot to add the mailer section in the config - update to follow.
The attempt to send the email is successful - I am getting a different error now which I will post as a separate question (riemann email exception with SMTP).
You are missing the (let ...) expression that defines email as a mailer.
See example HERE
Related
I have one web page name sth like that: 'https://bus/api/check'. When I run this web, it returns data normally. But when I create web source module, it shows me as below
An error occurred during URL invocation.
ORA-29024: Certificate validation failure
I search on GG about that problem. I try to solve my problem follow this web:
https://apex.oracle.com/pls/apex/germancommunities/apexcommunity/tipp/6121/index-en.html
It is very clear. I created new wallet named https_wallet and added certificate successfully. However, I check by select statement on DB, with code:
select APEX_WEB_SERVICE.make_rest_request(p_url => ''https://bus/api/check',p_http_method => 'GET',p_wallet_path => 'file:C:/temp/wallet/https_wallet',p_wallet_pwd => 'pass_word') from dual;
It shows HTTPS request failed and security violation.Futhermore, while link api web get certificate from Amazon, I try same step on another web on Google, it is ok.I don't know why that reason. Can anyone help me to solve my those problem. I do not have much experience in create web source module.
Did you tried adding the user, password (basic or oauth2). or changing the method to POST.
Another idea could be test using postman and check first if the endpoint (url) its correct.
I am currently trying to secure our backup server and it's interface as it currently does not have any kind of (extra) security other than a strong password. The backup server is based on CentOS 7.x.
Log file location:
/var/log/backup
Log file names:
backuplog-2019310.log
backuplog-2019309.log
backuplog-2019308.log
backuplog-2019307.log
False logins are logged like:
[2019-11-06T13:13:33+01:00] [Audit] Web login failure for account 'admin': Invalid authentication (Address=200.100.150.50:28534)
[2019-11-06T13:13:34+01:00] [Audit] Web login failure for account 'test': Invalid authentication (Address=120.30.40.20:28534)
[2019-11-06T13:13:35+01:00] [Audit] Web login failure for account 'info': Invalid authentication (Address=85.80.75.70:28534)
[2019-11-06T13:13:35+01:00] [Audit] Web login failure for account 'user': Invalid authentication (Address=25.125.155.190:28534)
In /etc/fail2ban/jail.local:
[backup]
enabled = true
filter = backup
logpath = /var/log/backup/backuplog-*.log
port = 80,443
The use of the asterisk in there is allowed, right?
So far I understand it correctly, I hope.
However I am experiencing issues with creating a correct filter for this custom fail2ban ban rule (= filter).
Example of /etc/fail2ban/filter.d/backup.conf:
[Definition]
failregex = [[]Web login failure for account []] .* Invalid authentication
ignoreregex =
But it's not working. So I am guessing my failregex is incorrect? Maybe someone can advice me the correct failregex to apply to make it work?
I am receiving the following error messages when starting up fail2ban:
ERROR NOK: ("No 'host' group in '[[]Web login failure for account []] .* Invalid authentication'",)
So I am guessing the failregex is incorrect?
//update 1 - STILL ISSUES + ADDITIONAL QUESTION
Fooled around a bit more. This is the updated failregex:
failregex = [][] Web login failure for account .* <HOST>
Now I am not getting the "ERROR NOK" anymore, however it's still not working. This is the fail2ban log:
2019-11-06 14:44:39,111 fail2ban.filter [20978]: WARNING Unable to find a corresponding IP address for authentication: [Errno -2] Name or service not known
2019-11-06 14:44:41,706 fail2ban.filter [20978]: WARNING Unable to find a corresponding IP address for authentication: [Errno -2] Name or service not known
2019-11-06 14:44:42,082 fail2ban.filter [20978]: WARNING Unable to find a corresponding IP address for authentication: [Errno -2] Name or service not known
2019-11-06 14:44:42,623 fail2ban.filter [20978]: WARNING Unable to find a corresponding IP address for authentication: [Errno -2] Name or service not known
So what am I doing wrong here?
Also, coming to think of it, I think using "/var/log/backup/backuplog-*.log" is not that great. Especially when more and more log files are created. Right?
Is there a way to target the current or latest log file e.g. backuplog-2019310.log?
Thanks in advance.
In the meantime I will fool around a bit more.
//update 2 - MAIN ISSUE SOLVED!!
I guess I solved it by using the following failregex:
failregex = Invalid authentication \(Address=<HOST>
Will see if I can make it somewhat better obviously. But it's a great start for me.
So maybe someone can help me with the issue in regards to the log file as mentioned above. For easier reading I will ask it here again:
Also, coming to think of it, I think using
"/var/log/backup/backuplog-*.log" is not that great. Especially when
more and more log files are created. Right?
Is there a way to target the current or latest log file e.g.
backuplog-2019310.log?
Maybe someone has a solution for this?
Thank you in advance.
As for regex, it is always better to use anchored RE's, so either at end:
failregex = Invalid authentication \(Address=<HOST>\)\s*$
or at begin:
failregex = ^\[\] \[Audit\] Web login failure for account '[^']+': Invalid authentication \(Address=<HOST>
And disable usedns for this jail if no hostnames in log are expected (or use <ADDR> instead of <HOST> if f2b >= v.0.10).
As for current (latest) log file, simply create a symlink in postrotate (see https://stackoverflow.com/a/58430149/7161854).
I'm trying to set up an email to go to my custom domain name, which I will call "mydomainname". Currently I can send emails to "contact#mydomainname.com" and receive no error from sending the email, but the received email does not show up in my bucket or spam folder.
I've been following instructions on this github and this tutorial .
I don't understand what the github instructions mean for the instruction that states
"Modify the values in the config object at the top of index.js to specify the S3 bucket and object prefix for locating emails stored by SES. Also provide
the email forwarding mapping from original destinations to new destination."
I've tried to guess at what that means by changing the index.js file to the as shown here
I suspect there is an error in the code above,
As well, I receive the following error for the JSON in my lambda-basic-execution
And the error that I receive
.
.
.
I've included the following screenshots for reference
This is my recipient rule
This shows some information on the settings of my lambda page
The error you show is just a warning for the resource not existing, you should still be able to create the policy for the same.
See if you actually did create the policy and test it again.
Also make sure there are no invalid or duplicate rules which may be causing the issue
In my application I am using ColdFusion 10. I am not able to send any mail using the cfmail tag.
When I log into the administrator and click on the Undelivered Mail button, it is throwing the following error:
Error retrieving markup for element mailBody : Client verification failure. [Enable debugging by adding 'cfdebug' to your URL parameters to see more information]
Error invoking CFC /CFIDE/administrator/mail/undeliveredmail.cfc : Client verification failure. [Enable debugging by adding 'cfdebug' to your URL parameters to see more information]
Can anyone tell me what is wrong?
It sounds like you have a bad CF installation. The admin should not be throwing errors, this looks like a permissions issue at first glance.
Have you tried setting all the params within the cfmail tag (eg, mailserver, username, pwd) instead of using the values set in CFadmin?
Do you get an error when you create a single CFM page with just a CFMAIL tag in it?
You need to ensure your CF install is up to date with all the hotfixes and that they are installed correctly.
see http://forums.adobe.com/thread/884947
or post the error message you are getting when you use your CFMAIL tag
When I go to the Mail option in CF10 and click the "View Undelivered Mail" button I am getting following errors:
Error retrieving markup for element mailBody : Client verification
failure. [Enable debugging by adding 'cfdebug' to your URL parameters
to see more information]
Error invoking CFC /CFIDE/administrator/mail/undeliveredmail.cfc :
Client verification failure. [Enable debugging by adding 'cfdebug' to
your URL parameters to see more information]
Does anyone have any idea why am I not able to see Undelivered mail?
Try deleting any ColdFusion related cookies in your browser, such as CFID, CFTOKEN, CFAUTHORIZATION_cfadmin and CFADMIN_LASTPAGE_ADMIN, and then restart your browser.
Look for an 0-byte file named something like "Mail4117192657238440155.cfmail" in your /Applications/ColdFusion10/cfusion/Mail/Undelivr folder and delete it. That fixed the problem for me.