create an alert for all linux servers

Ian Diddams didds3 at yahoo.co.uk
Fri Aug 31 10:00:14 CEST 2018


Yeah - I could see that as an option, cheers Phil...

Some body else pointed me at using DISPLAYGROUPS and the defined groups in the xymon hosts.cfg, which would seem to be the answer.  But I can;t get it working and I find tyhe "offivcial" docuementation really unhelpful (obviously my issue as everybody eolse can translate it into working configurations).

As an example
hosts.cfg
page diddstest DIDDSTEST#group-compress <H3><I>DIDDSTEST</I></H3>group <H3><I>DIDDSTEST</I></H3>192.168.52.83   testbox
alerts.cfg
DISPLAYGROUP=DIDDSTESTmsgs TIME=w:0800:1830  COLOR=red               MAIL  didds at us.com
I( have the analysis.cfg etc all set up such that I can trigger a red alert for system testbox for msgs fine.  But I never get an email of said alerts as per the alerts.cfg attempt.  I can check the maillog on testbox and the email isn;t sent (ie it hasn;'t got blpocked or whatever elsewhere - its just never sent  ie never triggered.)

If tried the displaygroup group name in both upper and lower case.

what am I doing wrong?







   On Friday, 31 August 2018, 04:18:09 BST, Phil Crooker <Phil.Crooker at orix.com.au> wrote:  
 
 
Have two separate HOST stanzas - one for linux hosts and one for windows.





HOST=linuxhost.whatever.com,linuxhost2.whatever.com  [[conditions]]

     MAIL whoever at whatever.com




HOST=winhost.whatever.com,winhost2.whatever.com [[conditions]]

     MAIL whoever at .....




Of course you can use host groups, regular expressions, etc.






From: Ian Diddams <didds3 at yahoo.co.uk>
Sent: Thursday, August 30, 2018 9:50 PM
To: Xymon Mailing List
Subject: create an alert for all linux servers Ive an alert for msgs (var/log/messages entries) that I desire to have paged in office hours only
Thing is its only linux clients that need this check., not windows clients.

So if I set a stadard style alerts.cfg entry 

HOST=* SERVICE=msgs TIME=w:0800:1830 COLOR=red MAIL monitor at us.com
of course if any windows msgs go red (constantly... zzzz) then they will page also, which is not the required outcome.

There is the option I see of something like

alerts.cfg:
GROUP=SSSD_MSGS TIME=w:0800:1830 COLOR=red               MAIL monitor at us.com
analysis.cfgdefault section
LOG %/var/log/messages "%TEST"  COLOR=red GROUP=SSSD_MSGS    [ search string here of course being TEST ]

but that does exactly the same thing.

So - aside from adding that LOG line to umpteen individual analysis.cfg entries for each linux server, or a single section listing all the linux servers ...  is there a way to curtail this check to only linux servers (or more likely a bunch of hostnames of course).  Somewhere it seems we'd have to manulayy maintain the correct "list" of hostnames to be caught - Im just trying to minimise the overhead.

I had considered using a yellow alert to alert the LOG check...  but other "things" also issue yellow alerts and we don;t want to trigger them either.

I can;t see a way out of this?
didds







 
 
 
|    


Please consider the environment before printing this e-mail


 
This message from ORIX Australia may contain confidential and/or privileged information. If you are not the intended recipient, any use, disclosure or copying of this message (or of any attachments to it) is not authorised. If you have received this message in error, please notify the sender immediately and delete the message and any attachments from your system. Please inform the sender if you do not wish to receive further communications by email.
 
ORIX has a Privacy Policy which outlines what kinds of personal information we collect and hold, how we may collect and handle it, and your rights regarding personal information. Please let us know if you would like a copy. The Privacy Policy and a Collection Statement are also available on our website.
 
We do not accept liability for any loss or damage caused by any computer viruses or defects that may be transmitted with this message. We recommend you carry out your own checks for viruses or defects.
   |

  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20180831/ce1200ad/attachment.html>


More information about the Xymon mailing list