[Xymon] Monitoring that iptables and SELinux are running / enabled

Jeremy Laidman jlaidman at rebel-it.com.au
Mon Apr 15 07:45:32 CEST 2013


On 12 April 2013 21:56, SebA <spah at syntec.co.uk> wrote:

> FYI, the md5 is different for me though:
> $ xymondigest md5 /selinux/enforce
> md5:c4ca4238a0b923820dcc509a6f75849b
>

Yes, I was checking for the file to contain "0" rather than "1".   If the
MD5 of the file matched the MD5 hash of "0", then it would go red,
otherwise (default) green.  But I think I've mis-read the "checksum" part
of the analysis.cfg man page, and got the logic back-to-front.

Presumably I could allow xymon user to run /sbin/iptables-save with sudo
> though as I did.


Yes, I'd have done this, so that another script isn't required.

 I guess that's a bit trickier...
>

How so?

Glad it's working for you.

Cheers
Jeremy
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20130415/b5c76c49/attachment.html>


More information about the Xymon mailing list