create an alert for all linux servers

Ian Diddams didds3 at yahoo.co.uk
Thu Aug 30 14:20:27 CEST 2018


Ive an alert for msgs (var/log/messages entries) that I desire to have paged in office hours only
Thing is its only linux clients that need this check., not windows clients.

So if I set a stadard style alerts.cfg entry 

HOST=* SERVICE=msgs TIME=w:0800:1830 COLOR=red MAIL monitor at us.com
of course if any windows msgs go red (constantly... zzzz) then they will page also, which is not the required outcome.

There is the option I see of something like

alerts.cfg:
GROUP=SSSD_MSGS TIME=w:0800:1830 COLOR=red               MAIL monitor at us.com
analysis.cfgdefault section
LOG %/var/log/messages "%TEST"  COLOR=red GROUP=SSSD_MSGS    [ search string here of course being TEST ]

but that does exactly the same thing.

So - aside from adding that LOG line to umpteen individual analysis.cfg entries for each linux server, or a single section listing all the linux servers ...  is there a way to curtail this check to only linux servers (or more likely a bunch of hostnames of course).  Somewhere it seems we'd have to manulayy maintain the correct "list" of hostnames to be caught - Im just trying to minimise the overhead.

I had considered using a yellow alert to alert the LOG check...  but other "things" also issue yellow alerts and we don;t want to trigger them either.

I can;t see a way out of this?
didds







-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20180830/8c373f10/attachment.html>


More information about the Xymon mailing list