[Xymon] regex problems

Root, Paul T Paul.Root at CenturyLink.com
Fri Mar 7 19:54:12 CET 2014


My brain isn't processing today.

I've had 1 Windows machine infecting my network for a while now, and finally decided that I should have it give more than ping fail. So I brought up BBWin this morning.
That was fine, but I immediately get ports and procs in red ,because I'm looking for the non-existent ssh daemon.

So I'm trying to get rid of those in analysis.cfg:

HOST=* EXHOST=%(iad|apa|stn)(380esx|win).*
        PORT "LOCAL=%([.:]22)$" state=LISTEN TRACK=sshd TEXT=SSHD

HOST=* EXHOST=%(iad|apa|stn)(380esx|ccmp|ccmt|win).*
        PROC sshd 1 70 yellow
        PROC sshd 1 100 red TRACK=sshd "TEXT=ssh daemon (sshd)"

These lines work fine for the rest of the machines referenced.
They match   iad380esx1 through iad380esx8, as well as apa and stn the same way. The second also matchs iadccmp1 and iadccmt1.

But they don't want to match iadwin1

What am I doing wrong?

Paul Root
Lead Engineer
CenturyLink Network Reliability Operations Center

600 Stinson Blvd, N.E.
Flr 2N
Minneapolis, MN 55413
Direct: (651)312-5207
Paul.Root at centurylink.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20140307/00820b03/attachment.html>


More information about the Xymon mailing list