create an alert for all linux servers
didds3 at yahoo.co.uk
Fri Aug 31 10:00:14 CEST 2018
Yeah - I could see that as an option, cheers Phil...
Some body else pointed me at using DISPLAYGROUPS and the defined groups in the xymon hosts.cfg, which would seem to be the answer. But I can;t get it working and I find tyhe "offivcial" docuementation really unhelpful (obviously my issue as everybody eolse can translate it into working configurations).
As an example
page diddstest DIDDSTEST#group-compress <H3><I>DIDDSTEST</I></H3>group <H3><I>DIDDSTEST</I></H3>192.168.52.83 testbox
DISPLAYGROUP=DIDDSTESTmsgs TIME=w:0800:1830 COLOR=red MAIL didds at us.com
I( have the analysis.cfg etc all set up such that I can trigger a red alert for system testbox for msgs fine. But I never get an email of said alerts as per the alerts.cfg attempt. I can check the maillog on testbox and the email isn;t sent (ie it hasn;'t got blpocked or whatever elsewhere - its just never sent ie never triggered.)
If tried the displaygroup group name in both upper and lower case.
what am I doing wrong?
On Friday, 31 August 2018, 04:18:09 BST, Phil Crooker <Phil.Crooker at orix.com.au> wrote:
Have two separate HOST stanzas - one for linux hosts and one for windows.
MAIL whoever at whatever.com
MAIL whoever at .....
Of course you can use host groups, regular expressions, etc.
From: Ian Diddams <didds3 at yahoo.co.uk>
Sent: Thursday, August 30, 2018 9:50 PM
To: Xymon Mailing List
Subject: create an alert for all linux servers Ive an alert for msgs (var/log/messages entries) that I desire to have paged in office hours only
Thing is its only linux clients that need this check., not windows clients.
So if I set a stadard style alerts.cfg entry
HOST=* SERVICE=msgs TIME=w:0800:1830 COLOR=red MAIL monitor at us.com
of course if any windows msgs go red (constantly... zzzz) then they will page also, which is not the required outcome.
There is the option I see of something like
GROUP=SSSD_MSGS TIME=w:0800:1830 COLOR=red MAIL monitor at us.com
LOG %/var/log/messages "%TEST" COLOR=red GROUP=SSSD_MSGS [ search string here of course being TEST ]
but that does exactly the same thing.
So - aside from adding that LOG line to umpteen individual analysis.cfg entries for each linux server, or a single section listing all the linux servers ... is there a way to curtail this check to only linux servers (or more likely a bunch of hostnames of course). Somewhere it seems we'd have to manulayy maintain the correct "list" of hostnames to be caught - Im just trying to minimise the overhead.
I had considered using a yellow alert to alert the LOG check... but other "things" also issue yellow alerts and we don;t want to trigger them either.
I can;t see a way out of this?
Please consider the environment before printing this e-mail
This message from ORIX Australia may contain confidential and/or privileged information. If you are not the intended recipient, any use, disclosure or copying of this message (or of any attachments to it) is not authorised. If you have received this message in error, please notify the sender immediately and delete the message and any attachments from your system. Please inform the sender if you do not wish to receive further communications by email.
We do not accept liability for any loss or damage caused by any computer viruses or defects that may be transmitted with this message. We recommend you carry out your own checks for viruses or defects.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Xymon