Ticket Escalation & pagers?

So we’re using RT 3.0.0 with great success. One thing we’d like to do
however is have RT send an email to the on-call person when a new ticket
is created. That person would have 15 minutes to reply, and if not, the
system would then page their backup. Again, 15 minutes, and then it
pages the manager until they respond.

Right now, there are two problems:

  1. Escalation
  2. Our skytel two-way pagers don’t maintain the subject line, or other
    headers and so it has no means of determining which ticket the person is
    replying to. (The subject line is contained in the body)

Has anyone done anything like this? I haven’t been able to figure out
how to write scrips or how the RT priority thing works. Any
pointers/suggestions/sample code would be really appreciated, even if it
doesn’t directly integrate with RT (including commerical software which
does pager escalation.)

Thanks.

Aaron Turner aturner@netscreen.com work: 408-543-4025
Sr. Security Engineer fax: 408-543-4078
NetScreen Technologies, Inc
All emails by me are PGP signed; a bad signature indicates a forgery.

  1. Our skytel two-way pagers don’t maintain the subject line, or other
    headers and so it has no means of determining which ticket the person is
    replying to. (The subject line is contained in the body)

You should be able to recognize and reformat messages from your sky-tels before the rest of the RT processing is invoked (i.e., find the ticket # in the body and move it to the subject line).

Yeah, i guess it would be pretty easy to setup a procmail rule + perl
script to rewrite the Subject line.

I’m still confused how I can do escalations though. Suggestions?

Aaron Turner aturner@netscreen.com work: 408-543-4025
Sr. Security Engineer fax: 408-543-4078
NetScreen Technologies, Inc
All emails by me are PGP signed; a bad signature indicates a forgery.

So we’re using RT 3.0.0 with great success. One thing we’d like to do
however is have RT send an email to the on-call person when a new ticket
is created. That person would have 15 minutes to reply, and if not, the
system would then page their backup. Again, 15 minutes, and then it
pages the manager until they respond.

Right now, there are two problems:

  1. Escalation
  2. Our skytel two-way pagers don’t maintain the subject line, or other
    headers and so it has no means of determining which ticket the person is
    replying to. (The subject line is contained in the body)

Has anyone done anything like this? I haven’t been able to figure out
how to write scrips or how the RT priority thing works. Any
pointers/suggestions/sample code would be really appreciated, even if it
doesn’t directly integrate with RT (including commerical software which
does pager escalation.)

See http://lists.fsck.com/pipermail/rt-users/2003-January/011705.html.

I did this for RT2.0. It uses the RT API and cron, so it should be
reasonably easy to adapt for RT3.0.

Travis
Travis Campbell - Unix Systems Administrator = travis@mpdtxmail.amd.com
5900 E. Ben White Blvd, Austin, TX 78741 = travis.campbell@amd.com
TEL: (512) 602-1888 PAG: (512) 604-0341 = webmaster@mpdtxmail.amd.com
"Does anything work as expected?" Yes. An axe through the CPU.

See http://lists.fsck.com/pipermail/rt-users/2003-January/011705.html.

I did this for RT2.0. It uses the RT API and cron, so it should be
reasonably easy to adapt for RT3.0.

Almost forgot. Checkout the followup I made to that original post,
http://lists.fsck.com/pipermail/rt-users/2003-January/011706.html.

It has a correction to some of the instructions.

Travis
Travis Campbell - Unix Systems Administrator = travis@mpdtxmail.amd.com
5900 E. Ben White Blvd, Austin, TX 78741 = travis.campbell@amd.com
TEL: (512) 602-1888 PAG: (512) 604-0341 = webmaster@mpdtxmail.amd.com
"Does anything work as expected?" Yes. An axe through the CPU.

At 11:22 17.07.2003 -0700, Aaron Turner wrote:

  1. Our skytel two-way pagers don’t maintain the subject line, or other
    headers and so it has no means of determining which ticket the person is
    replying to. (The subject line is contained in the body)

Has anyone done anything like this? I haven’t been able to figure out

I think there is a solution for rt2 in place already:

http://cert.uni-stuttgart.de/projects/rt/

That is a modified mailgate, that detects the Ticket, the mail belongs to,
from the receipientaddress of the mail rather than from the subjectline.

Best regards,
Nils

Both RT2 and RT3 ship with a mailgate that is capable of taking the
ticket id from $ENV{‘EXTENSION’} (ie ticket+23@domain.com).
With RT3, it’s even properly documented in the mailgate’s perldoc.

It should be trivial to customize the message template’s return address
to use an apropraite ticketid.

-jOn Fri, Jul 18, 2003 at 08:09:19AM +0200, Nils Ketelsen wrote:

At 11:22 17.07.2003 -0700, Aaron Turner wrote:

  1. Our skytel two-way pagers don’t maintain the subject line, or other
    headers and so it has no means of determining which ticket the person is
    replying to. (The subject line is contained in the body)

Has anyone done anything like this? I haven’t been able to figure out

I think there is a solution for rt2 in place already:

http://cert.uni-stuttgart.de/projects/rt/

That is a modified mailgate, that detects the Ticket, the mail belongs to,
from the receipientaddress of the mail rather than from the subjectline.

Best regards,
Nils


rt-users mailing list
rt-users@lists.fsck.com
http://lists.fsck.com/mailman/listinfo/rt-users

Have you read the FAQ? The RT FAQ Manager lives at http://fsck.com/rtfm

http://www.bestpractical.com/rt – Trouble Ticketing. Free.

I’m running RT 3.0.1 on Solaris 8 with mysql 4.0.12. I created a scrip
that now appears to have lost it’s custom action preperation code and
custom action cleanup code. How can I check to see if the code is really
missing from the database?

Thanks,
Michael

I’m using RT 2.0.15.
I have keywords for a queue such as:
Support
Support/Internal
Support/Internal/Sales
Support/Internal/Shipping
Support/Internal/^Other
Support/External
Support/External/Web
Support/External/Phone

If I do a search for all tickets in that queue for
Support/Internal, I only get those tickets
"Support/Internal", and not the
"Support/Internal/Sales" or
"Support/Internal/Shipping".
If this is normal behavior, how can I create a query
such that I get anything under and including
"Support/Internal" ?

If I attempt to search “Support/Internal”, then refine
and add “Support/Internal/Sales”, and refine again to
add “Support/Internal/Shipping”, I get everything in
the queue displayed (as if I didn’t select any
keywords).

Any help/clarity would be appreciated.
Thanks!

Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!
http://sbc.yahoo.com

Does an ERD (Entity Relationship Diagram), exist which
shows the relationship between the database tables?
Also, I’m looking for the database "schema"
describing the tables and the fields in them.

I’m using RT 2.0.15 with
mysql Ver 11.18 Distrib 3.23.54

Thanks!

Do you Yahoo!?
SBC Yahoo! DSL - Now only $29.95 per month!
http://sbc.yahoo.com

I sometimes see messages as follows:

Mail Delivery Subsystem wrote:

The original message was received at Tue, 22 Jul
2003 19:04:22 +0300
from rtbox.mydomain.com [10.26.10.26]

----- The following addresses had permanent fatal
errors -----
user.name@domain.com
(reason: 553 5.1.8
apache@rtbox.mydomain.com… Domain of sender
address apache@rtbox.mydomain.com does not exist)

----- Transcript of session follows -----
… while talking to lte2.domain.com.:

MAIL From:apache@rtbox.mydomain.com SIZE=3108
<<< 553 5.1.8 apache@rtbox.mydomain.com… Domain
of sender address apache@rtbox.mydomain.com does not
exist
501 5.6.0 Data format error

My RT seems to work fine, and mail flows correctly
from outside to inside, and inside to outside, but the
above type messages I don’t understand. I’m not sure
if the recipients are receiving the messages during
the above issue.

Any ideas?

Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software

Joseph Spenner wrote:

… while talking to lte2.domain.com.:

MAIL From:apache@rtbox.mydomain.com SIZE=3108
<<< 553 5.1.8 apache@rtbox.mydomain.com… Domain
of sender address apache@rtbox.mydomain.com does not
exist

The domain “rtbox.mydomain.com” does not exist (in DNS.)

My RT seems to work fine, and mail flows correctly
from outside to inside, and inside to outside, but the
above type messages I don’t understand. I’m not sure
if the recipients are receiving the messages during
the above issue.

They’re not. 553 is a permanent failure code.
Phil Homewood, Systems Janitor, http://www.SnapGear.com
pdh@snapgear.com Ph: +61 7 3435 2810 Fx: +61 7 3891 3630
SnapGear - Custom Embedded Solutions and Security Appliances

It appears to only be an issue if the destination
sendmail has more strict security where it tries to do
a DNS lookup prior to accepting the message. From the
rt box itself, if I simply send an email using my
local sendmail, the behavior is identical to that
through RT: I can mail myself at yahoo fine (although
the return address will be an unresolvable host) but
sending to the addresses mentioned earlier will result
in a bounce.
So, in order to satisfy the more secure sendmails, I
must have a DNS entry to answer the lookup. Since my
RT box itself doesn’t have a real IP, i’d need to put
something bogus in my DNS for that host, like
127.0.0.1. Or have my Internet sendmail box take care
of the internal host and rewrite it from
rtbox.mydomain.com to mydomain.com.

Is this correct?— Phil Homewood pdh@snapgear.com wrote:

Joseph Spenner wrote:

… while talking to lte2.domain.com.:

MAIL From:apache@rtbox.mydomain.com
SIZE=3108

<<< 553 5.1.8 apache@rtbox.mydomain.com
Domain
of sender address apache@rtbox.mydomain.com does
not
exist

The domain “rtbox.mydomain.com” does not exist (in
DNS.)

My RT seems to work fine, and mail flows correctly
from outside to inside, and inside to outside, but
the
above type messages I don’t understand. I’m not
sure
if the recipients are receiving the messages
during
the above issue.

They’re not. 553 is a permanent failure code.

Phil Homewood, Systems Janitor,
http://www.SnapGear.com
pdh@snapgear.com Ph: +61 7 3435 2810 Fx: +61 7 3891
3630
SnapGear - Custom Embedded Solutions and Security
Appliances


rt-users mailing list
rt-users@lists.fsck.com
http://lists.fsck.com/mailman/listinfo/rt-users

Have you read the FAQ? The RT FAQ Manager lives at
http://fsck.com/rtfm

Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software

You need to reconfigure ‘sendmail’ so that the domain it sends mail from is one that is resolvable from the receiving sendmail’s DNS. I believe that is the ‘Dj’ line in ‘sendmail.cf’.

Gregory L. Hering
4807 Bradford Drive
Huntsville, AL 35805
(256) 722-6420

Here’s a copy of a message I sent to Mac Managers mailing list … it
looks like it applies to your situation:

The Problem (short version)
Sending email (ultimately via sendmail) works when running as a normal
user or sudo’d admin/root user, but doesn’t work when running via the
real root user (e.g., when run via cron). The failure resulted from the
email being sent from user@system.domain.com rather than from
user@domain.com, as it was written … but this only occurred when
sending via real root user. The failure was always a returned outgoing
email with:

reason: 553 system.domain.com does not exist

which is true because “system” is behind a firewall and is not
DNS-resolvable.

The Solution
No one identified the problem, but one person (thanks Joseph) did suggest
sending email directly via sendmail (I’d provided a small /bin/mail-based
script to illustrate the problem). While that was not a solution, it did
make it easier to troubleshoot, since it was a more direct interaction.

After all too many hours of reading, trying, failing, repeating as
required, I discovered that the solution is rather simple (thus
qualifying it as “normal UNIX configuration”):

I have a very basic sendmail setup (see
http://www.macdevcenter.com/pub/a/mac/2002/09/10/sendmail.html) and only
had to add the following to my sendmail config file, myconfig.mc in my
case (i.e., the ???.mc file used to build the sendmail.cf file, using the
m4 processor):

FEATURE(domaintable',hash -o /etc/mail/domaintable’)dnl

…then I created the file /etc/mail/domaintable and added the entry:

system.domain.com domain.com

…then I stopped sendmail, rebuilt the sendmail artifacts, and restarted
sendmail, using the script listed below. After that, things seem to be
working correctly.

[the good thing about UNIX is that you can do almost anything with it …
if you have enough time]

Side Note:
I’d tried many other features that, according to the sendmail
documentation, would appear to work in this situation. Among the things
I tried were various incarnations of masquerading features. I suspect
this is why it worked for all but the real root user. It’s interesting
to note that there’s a line of documentation that indicates that this
stuff doesn’t apply to the “exposed users,” a term for which I couldn’t
find a clear definition, but seemed to map to the “trusted users.” I
even tried eliminating the trusted users, but root always seemed to be
mysteriously inserted as a trusted user. I’m guessing that this is the
reason that none of the other approaches worked (and I think I tried all
other things before trying the domaintable … yes, I know Murphy quite
well).

I hope this helps save someone else some time.

The script I use to rebuild sendmail:
#!/bin/sh

if NOT using (in myconfig.mc):

define(confDONT_BLAME_SENDMAIL',GroupWritableDirPathSafe’)dnl

then do this (and don’t use Apple’s “Fix Disk Permissions”):

chmod go-w / /etc /etc/mail /var /var/spool /var/spool/mqueue

do this once:

sudo niutil -create . /locations/sendmail

sudo niutil -createprop . /locations/sendmail sendmail.cf

/etc/mail/sendmail.cf

get the template config file once

sudo cp -p /usr/share/sendmail/conf/cf/generic-darwin.mc

/etc/mail/myconfig.mc

then make all changes to /etc/mail/myconfig.mc

prior to running this script, get Admin/root capabilities

sudo -s

stop sendmail

echo “Stopping mail services”
/usr/bin/killall sendmail
sleep 3

whenever changes are made, regenerate databases and sendmail config file:

for MAP in access domaintable genericstable mailertable virtusertable
do
if test /etc/mail/${MAP} -nt /etc/mail/${MAP}.db
then
echo “Regenerating ${MAP}.db”
/usr/sbin/makemap hash /etc/mail/${MAP} < /etc/mail/${MAP}
sleep 1
fi
done

if test /etc/mail/aliases -nt /etc/mail/aliases.db
then
echo “Regenerating aliases.db”
/usr/bin/newaliases
sleep 1
fi

if test /etc/mail/myconfig.mc -nt /etc/mail/sendmail.cf
then
echo “Regenerating sendmail.cf
/usr/bin/m4 /usr/share/sendmail/conf/m4/cf.m4 /etc/mail/myconfig.mc >
/tmp/sendmail.cf
sleep 1
/bin/mv /etc/mail/sendmail.cf /etc/mail/sendmail.cf.previous
/bin/mv /tmp/sendmail.cf /etc/mail/sendmail.cf
fi

start sendmail

/System/Library/StartupItems/Sendmail/Sendmail start
sleep 3

bderm@derman.com