Forum Discussion

Phu's avatar
Phu
Icon for Nimbostratus rankNimbostratus
Nov 28, 2020

BIG-IP can't send emails Alert when match SNMP trap condition defined in user_alert.conf file

My BigIP device is running on version v16.0.1.

I setup /etc/ssmtp/ssmtp.conf file with below option:

  • TLS_CA_FILE=/etc/pki/tls/certs/ca-bundle.crt
  • root=XXXX@gmail.com
  • mailhub=smtp.gmail.com:587
  • AuthUser=XXXX
  • AuthPass=XYXYX
  • UseSTARTTLS=Yes
  • UseTLS=Yes
  • hostname=bigipA.gmail.com

Testing ssmtp running well: printf "Subject: Test email for K13180\n\nssmtp test mail" | ssmtp -v YYYYYY@gmail.com

 

I defined user_alert.conf as below - https://support.f5.com/csp/article/K15288

  • alert CERTIFICATE_EXPIRED "Certificate (.*) expired" {
  • snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.300";
  • email toaddress="user@mydomain.com"
  • body="Certificate Expired on <BIG-IP>"
  • }
  •  
  • alert CERTIFICATE_WILL_EXPIRE "Certificate (.*) will expire" {
  • snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.301";
  • email toaddress="user@mydomain.com"
  • body="Certificate will Expire on <BIG-IP>"
  • }

Testing the email notification:

#tmsh create sys crypto key SOL15288testcert gen-certificate lifetime 10 common-name SOL15288testcert.com

#tmsh run sys crypto check-cert

 

I don't receive any email for this testing. I don't know why it's not run.

 

Can anyone help me?!!!

 

Thanks so much.

application delivery
LTM
TMSH
  • crodriguez's avatar
    crodriguez
    Ret. Employee
    Nov 28, 2020

    In reading K15288, the steps for configuring the BIG-IP system to use an SMTP server when using BIG-IP v11.5.0 or later (which v16 is) do not call for modifying /etc/ssmtp/ssmtp.conf but rather ask you to use TMSH command instead, specifically:

    (tmos)# modify /sys outbound-smtp mailhub <mail_server>:<port>

    For example, to configure the system to send email messages to host mail.mydomain.com using port 587, you would type the following command:

    (tmos)# modify sys outbound-smtp mailhub mail.mydomain.com:587

    The instructions for modifying the /etc/ssmtp/ssmtp.conf file apply only to BIG-IP versions 11.0.0 through 11.4.1.

    Can you try the TMSH solution and see if that works, please?

  • Phu's avatar
    Phu
    Icon for Nimbostratus rankNimbostratus
    Nov 29, 2020

    Hi Crodriguez,

     

    I try to setup both ssmtp.config and TMSH modify sys outbound-smtp mailhub methods.

    sys outbound-smtp {

      from-line-override enabled

      mailhub smtp.mydomain.com:587

      rewrite-domain bigipA.mydomain.com

    }

     

    The testing also failure.

    But I realize that when I modify mailhub by TMSH, the mailhub option in ssmtp.config also change accordingly.