[Xymon] "acceptonly" behavior
jlaidman at rebel-it.com.au
Fri Nov 20 00:05:05 CET 2015
On 18 November 2015 at 04:41, John Thurston <john.thurston at alaska.gov>
> I could go for inclusion on the host's "info" page, but would really
> dislike it being treated like a "ghost". Having the xymond test column
> flapping yellow because some unauthorized workstation (a ghost) is sending
> me messages is bad enough. Having it bounce yellow because a host is
> sending messages I have specifically excluded would be awful.
Fair enough. As long as there's some place for a confused sysadmin to look
for reasons why status messages are not showing up. Could be in a log file.
> I am certainly not _opposed_ to a "!" syntax. For my business need,
> "acceptonly" with an inclusion list is perfectly adequate. My need is to
> prevent noise. If I blackball specific tests, the noise can just be moved
> to a test with a new name. Yes, in some cases it could make the acceptonly
> tag a little long-winded. But if I can use it on the .default. line, I
> won't have to type it very often.
In another discussion, mention was made to the NOPROPRED tag, which has a
useful format that would seem to work well for this also, and obviously the
parsing code already exists. Examples to demonstrate:
0.0.0.0 .default. # ACCEPTONLY:-memory
192.168.0.1 host1.example.com # ACCEPTONLY:+memory,-disk
192.168.0.2 host2.example.com # ACCEPTONLY:cpu,disk,memory
0.0.0.0 .default. # ACCEPTONLY:*
192.168.0.3 host3.example.com # ACCEPTONLY:-disk
Now, a question. Should this matching apply to:
* only messages from the IP address from hosts.cfg?
* to any message not from the Xymon server?
* to any message including from the Xymon server, eg if I exclude "conn"
messages, should they be dropped?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Xymon