create an alert for all linux servers

Ian Diddams didds3 at
Thu Aug 30 14:20:27 CEST 2018

Ive an alert for msgs (var/log/messages entries) that I desire to have paged in office hours only
Thing is its only linux clients that need this check., not windows clients.

So if I set a stadard style alerts.cfg entry 

HOST=* SERVICE=msgs TIME=w:0800:1830 COLOR=red MAIL monitor at
of course if any windows msgs go red (constantly... zzzz) then they will page also, which is not the required outcome.

There is the option I see of something like

GROUP=SSSD_MSGS TIME=w:0800:1830 COLOR=red               MAIL monitor at
analysis.cfgdefault section
LOG %/var/log/messages "%TEST"  COLOR=red GROUP=SSSD_MSGS    [ search string here of course being TEST ]

but that does exactly the same thing.

So - aside from adding that LOG line to umpteen individual analysis.cfg entries for each linux server, or a single section listing all the linux servers ...  is there a way to curtail this check to only linux servers (or more likely a bunch of hostnames of course).  Somewhere it seems we'd have to manulayy maintain the correct "list" of hostnames to be caught - Im just trying to minimise the overhead.

I had considered using a yellow alert to alert the LOG check...  but other "things" also issue yellow alerts and we don;t want to trigger them either.

I can;t see a way out of this?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Xymon mailing list