[Xymon] regex problems
Root, Paul T
Paul.Root at CenturyLink.com
Fri Mar 7 19:56:49 CET 2014
Boy you guys are good! :)
No more than a minute after I sent this, they came clear.
From: Xymon [mailto:xymon-bounces at xymon.com] On Behalf Of Root, Paul T
Sent: Friday, March 07, 2014 12:54 PM
To: 'xymon at xymon.com'
Subject: [Xymon] regex problems
My brain isn't processing today.
I've had 1 Windows machine infecting my network for a while now, and finally decided that I should have it give more than ping fail. So I brought up BBWin this morning.
That was fine, but I immediately get ports and procs in red ,because I'm looking for the non-existent ssh daemon.
So I'm trying to get rid of those in analysis.cfg:
HOST=* EXHOST=%(iad|apa|stn)(380esx|win).*
PORT "LOCAL=%([.:]22)$" state=LISTEN TRACK=sshd TEXT=SSHD
HOST=* EXHOST=%(iad|apa|stn)(380esx|ccmp|ccmt|win).*
PROC sshd 1 70 yellow
PROC sshd 1 100 red TRACK=sshd "TEXT=ssh daemon (sshd)"
These lines work fine for the rest of the machines referenced.
They match iad380esx1 through iad380esx8, as well as apa and stn the same way. The second also matchs iadccmp1 and iadccmt1.
But they don't want to match iadwin1
What am I doing wrong?
Paul Root
Lead Engineer
CenturyLink Network Reliability Operations Center
600 Stinson Blvd, N.E.
Flr 2N
Minneapolis, MN 55413
Direct: (651)312-5207
Paul.Root at centurylink.com<mailto:Paul.Root at centurylink.com>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20140307/62a4db39/attachment.html>
More information about the Xymon
mailing list