Symptoms:
This article shows us how you could use the $extract function in the Smarts SAM Notif adapter.
We need to be able to parse e-mail text for specific content:
How do you extra this text from a SMTP email? This would be the text extracted between these two words. " mexxx.com.mail> " And " uplink." on the following SMTP trap/text.
NOTE:( the below has been edited for privacy)
extra==__mimepart__56448f009eceb__5e2a453b3f4275219d5_20Date_:_20Thu,_2012_ 20Nov_202015_2005_:07_:12_20-0800_20Content-Type_:_20text/plain;_20charsetUTF-8_20_20Content-Transfer-Encoding_:_207bit_20Content-Disposition_:_20inline_20Content-ID_:_20<56448f00a10bb__5e2a453b3f4275220ee@sdg169 EmailSubject:Alert for HFD-MX60W-01 - Uplink status changed -- Email Body:----==_mimepart_56448f009eceb_5e2a453b3f4275219d5 Date: Thu, 12 Nov 2015 05:07:12 -0800 Content-Type: text/plain; charsetUTF-8 Content-Transfer-Encoding: 7bit Content-Disposition: inline Content-ID: <
[email protected]> The security appliance in the HFD-xxx-01 network switched to using its primary uplink, configured to be uplink Internet 1, after a period in which the link was unavailable. There has been a total of 1 failover event detected: At 08:06 AM EST on Nov 12, the security appliance switched to using Internet 1 as its uplink. See the alerting security appliance at https://n74.mexxx.com/HFD-MX60W-01/...age/nodes/show- Cisco Meraki This email was automatically generated; please do not reply. You can change your alert delivery settings athttps://n74.meraki.com/HFD-MX60W-01/...nfigure/alerts ----==_mimepart_56448f009eceb_5e2a453b3f4275219d5 Date: Thu, 12 Nov 2015 05:07:12 -0800 Content-Type: text/html; charsetUTF-8 Content-Transfer-Encoding: 7bit Content-Disposition: inline Content-ID: <
[email protected]> <meta http-equivContent-Type contenttext/html; charset=utf-8 ><img srchttps://dashboard.mexxx.com/images/cisco-meraki.png border0 stylewidth:175px altCisco Systems, Inc. ><!-- </img> --><br><br> <p> The security appliance in the <a stylecolor: #1d770b; hrefhttps://n74.mexxx.com/HFD-MX60W-01/n/Tiu40ckb/manage/nodes/list >HFD-MX60W-01</a> network switched to using its primary uplink, configured to be uplink Internet 1, after a period in which the link was unavailable. </p> There has been 1 failover event detected:<br><br> At 08:06 AM EST on Nov 12, the security appliance switched to using Internet 1 as its uplink. <br> <br> <p> - Cisco Mexxx </p> <br> <br> <br> <p> This email was automatically generated; please do not reply.<br> You can change the <a stylecolor: #1d770b; hrefhttps://n74.mexxx.com/HFD-MX60W-01/n/Tiu40ckb/manage/configure/alerts >alert delivery settings</a> for this network. </p> ----==_mimepart_56448f009eceb_5e2a453b3f4275219d5-