E-mail and scripting quesiton..

RouterOS Scripting
1

I’ve created a simple script in the /ip dhcp-server alerts submenu to notify me when it detects rogue DHCP servers. Is there anyway to have that same script include the MAC-Addresses and networks in the email?

Here’s the current script:

/tool e-mail send to="bill@domain.com" subject=([/system identity get name] . " found rouge DHCP server")

What I’m uncertain on is how do I pull that information from the router? The DHCP Alert automatically creates an entry in the log, if I could just pull that out from the log and send it in the body of the email that would be great.

As always any and all help is appreciated,

Bill

2

Unfortunately, MT seems to be missing the ‘/ip dhcp-server alert get’ command, which would be needed to do it exactly as you describe, but…

You can do something very similar using the logger directly, no script needed:

/ system logging action add name="DhcpAlert" target=email email-to="foo@bar.com"
/ system logging add topics=dhcp,critical,error action=DhcpAlert disabled=no

With extra effort, a more advanced setup could be constructed using remote scripting (expect, or similar, triggered by a syslog event), but I don’t think it would really be worth it.

–Eric

3

There are multiple ways how you can
get it without using ‘get’:

  1. using ‘/system logging action add target=email’;
  2. using $interface, $mac-address and $address variables in dhcp-alert

We will add this in the list of things to do.

John

4

Is it correct? :

/tool e-mail send from=test@gmail.com to=test@gmail.com tls=yes subject=DHCP-alert body=" $address $interface $mac-address "

It isn’t work :frowning:

[greek@12345Router] > /tool e-mail send from=test@gmail.com to=test@gmail.com
tls=yes subject=DHCP-alert body=" $address $interface $mac-address "
expected end of command (line 1 column 97)

And from “On Alert:” it is not workin too :frowning:

5

by tully
There are multiple ways how you can
get it without using ‘get’:

  1. using ‘/system logging action add target=email’;
  2. using $interface, $mac-address and $address variables in dhcp-alert

We will add this in the list of things to do.

Can you please elaborate for all of us that are not as familiar with Mikrotik scripting syntax. I know their are others that are having this same issue. I can’t find any scripts that show this working.
http://forum.mikrotik.com/t/dhcp-alert-email-with-mac-address/36720/1

6

Everything works in ROS 6.4 but variable $mac-address is invalid - In e-mail I had blank value.

7

Anybody know how to insert $mac-address in email body?

8

If the variable is at all defined,

$"mac-address"

is the way to access it.

9

That’s work. Thanks.

10

Thanks a lot! It’s works!

11

Just to add a little contribution. I tried following, and it worked too …
Sends Email Alert of ROGUE DHCP using GMAIL ID

:local CurrentTime [/system clock get time];
:local hostname [/system identity get name]
:global date [/system clock get date]
:local int "$interface"
:local addr "$address"
:local mac $"mac-address"
 
/tool e-mail send server=173.194.69.109 port=587 start-tls=yes YOUR_GMAIL_ID@gmail.com password=YOURPASSWORD to=aacable@hotmail.com subject=DHCP-Detected body=("ROGUE DHCP Server have been detected on $hostname at $date  - time $CurrentTime  - Interface= $int  - IP Address=$addr - MAC-Address= $mac  !! GO HUNT & KILL :D")

To set GMAIL account
/tool e-mail set address=74.125.45.109 from=gmailid@gmail.com password=mypassword port=587 starttls=no user=gmailid

To view Email activity in LOG for troubleshooting purposes … enable email logs
/system logging add topics=e-mail action=memory

http://aacable.wordpress.com/2014/02/06/detect-rogue-dhcp-alert-via-email/

12

Hello Limer write down your full working script please.
Thanks in advance


13

No problem.

‘on alert’ section:

/tool e-mail send to="admin@example.com" subject=("DHCP Alert on ".[/system identity get name]) body=" $address $interface $server $"mac-address"";
14

It’s works verry good.
Thanks Limer