create an alert for all linux servers
didds3 at yahoo.co.uk
Thu Aug 30 14:20:27 CEST 2018
Ive an alert for msgs (var/log/messages entries) that I desire to have paged in office hours only
Thing is its only linux clients that need this check., not windows clients.
So if I set a stadard style alerts.cfg entry
HOST=* SERVICE=msgs TIME=w:0800:1830 COLOR=red MAIL monitor at us.com
of course if any windows msgs go red (constantly... zzzz) then they will page also, which is not the required outcome.
There is the option I see of something like
GROUP=SSSD_MSGS TIME=w:0800:1830 COLOR=red MAIL monitor at us.com
LOG %/var/log/messages "%TEST" COLOR=red GROUP=SSSD_MSGS [ search string here of course being TEST ]
but that does exactly the same thing.
So - aside from adding that LOG line to umpteen individual analysis.cfg entries for each linux server, or a single section listing all the linux servers ... is there a way to curtail this check to only linux servers (or more likely a bunch of hostnames of course). Somewhere it seems we'd have to manulayy maintain the correct "list" of hostnames to be caught - Im just trying to minimise the overhead.
I had considered using a yellow alert to alert the LOG check... but other "things" also issue yellow alerts and we don;t want to trigger them either.
I can;t see a way out of this?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Xymon