Xymon Mailing List Archive search

client file check

list Thomas R. Brand
Tue, 7 Jul 2009 13:29:42 -0400
Message-Id: <user-b880548f5797@xymon.invalid>

-----Original Message-----
From: Scot Kreienkamp [mailto:user-462cf0b6d846@xymon.invalid]
Sent: Tuesday, July 07, 2009 10:19 AM
To: user-ae9b8668bcde@xymon.invalid
Subject: RE: [hobbit] client file check

That doesn't work.  It doesn't like the backticks in client-local.cfg.
Now my clients say no files checked.

Thanks,

Scot Kreienkamp
La-Z-Boy Inc.
user-462cf0b6d846@xymon.invalid
XXX-XXX-XXXX ext XXXX

-----Original Message-----
From: Brand, Thomas R. [mailto:user-10a840458972@xymon.invalid]
Sent: Monday, July 06, 2009 4:31 PM
To: user-ae9b8668bcde@xymon.invalid
Subject: RE: [hobbit] client file check


-----Original Message-----
From: dOCtoR MADneSs [mailto:user-d54077869176@xymon.invalid]

You could try something like this :
in local-client.cfg add a section for this host :
[my_host]
file:`sudo ls /your/file`
and in hobbit-clients.cfg add a line in your host section :
HOST=my_host
FILE /your/file YOUR_SWITCHES

anyone disagree with it ?
Somewhat of a security risk; when using sudo, I recommend using
full path to the executable:
sudo /bin/ls /your/file

and in your /etc/sudoers file:

# Hobbit may run /bin/ls but flags are not allowed
hobbit   ALL = NOPASSWD: /bin/ls [!-]*


t09trbrxs# su - hobbit
hobbit at t09trbrxs:~> sudo /bin/ls /root/.ssh/authorized_keys
/root/.ssh/authorized_keys
hobbit at t09trbrxs:~> sudo /bin/ls --color=always
/root/.ssh/authorized_keys
hobbit's password:
hobbit at t09trbrxs:~>

Did you add a corresponding rule in hobbit-clients.cfg ?

Example rule from my hobbit-clients.cfg file:
# Check for core dump files; see "client-local.cfg" file
FILE "%.*(core|hs_err_pid.*log).*" yellow NOEXIST

This matches the below check in client-local.cfg
file:`find / -maxdepth 1 -name "*core*" -mmin -360 2>/dev/null`

So, if the client finds a core file in the root directory
(/some_core_file) it reports it to the server; on the server the FILE
rule says
"set the 'files' column to YELLOW if a *core* file is found'
which causes the web page to show:

Files status at Tue Jul 7 10:20:08 PDT 2009

! /core.20090707.050107.2457.dmp
File exists


Then you need to set an appropriate ALERT in hobbit-alerts.cfg:
HOST=testbox SERVICE=files
   MAIL  user-f1c346e7357f@xymon.invalid COLOR=YELLOW