Checkmk is a popular platform for monitoring IT infrastructure. ntopng has been integrated in Checkmk some time ago, enabling users to provide traffic visibility in additional to classic bytes/packets metrics. As ntopng is able to produce traffic alerts that, we have decided to extend ntopng in order to export alert information towards Checkmk event console where alerts are received.This guide will walk you through configuring ntopng and Checkmk to enable this functionality.
In order to do so, within ntopng, it’s necessary to configure a new Endpoints as well as a new Recipients. Navigate to Alerts -> Notifications, add a new Endpoint as shown below. In the Host field, specify the IP address of the host where the Checkmk instance is running.
After adding the Endpoint, add a new Recipient, as you can see in the following image. You are free to customize the information to be sent based on your requirements.
Now we also need to add configuration Checkmk side. First of all, go to Setup > General > Global settings > Edit global setting, to modify the service levels setting. This setting allows you to assign an importance to every event based on the organization that sends it and provides an additional parameter to filter events. We have decided to use this identifier to show the alert family. Map the numerical ID with the Description as follows for a comprehensive result.
Another crucial passage is to add an event rule for the event console. To do so, navigate to Setup > Events > Event Console rule packs. First of all, click on Add rule pack to create a rule pack, then edit click on Edit the rules in this pack. We can now add a new rule. The rule ID is required; other parameters can be customized based on your preferences. For example, you can filter alerts containing certain words or specific service levels (e.g., flow alerts).
After applied the changes you have made, you should now start receiving notifications from ntopng in the Event Console (Monitor > Event Console > Events).The following image shows what to expect in the Checkmk event console.
For a more specific view of the problem, click on the event ID to reach the event details screen.
For detailed documentation on how the event console works in Checkmk, refer to the Checkmk Event Console Documentation.
Enjoy !