Yeah - I could see that as an option, cheers Phil...
Some body else pointed me at using DISPLAYGROUPS and the defined groups in the xymon hosts.cfg, which would seem to be the answer. But I can;t get it working and I find tyhe "offivcial" docuementation really unhelpful (obviously my issue as everybody eolse can translate it into working configurations).
As an example
hosts.cfg
page diddstest DIDDSTEST#group-compress <H3><I>DIDDSTEST</I></H3>group <H3><I>DIDDSTEST</I></H3>192.168.52.83 testbox
alerts.cfg
DISPLAYGROUP=DIDDSTESTmsgs TIME=w:0800:1830 COLOR=red MAIL user-3350629f9f33@xymon.invalid
I( have the analysis.cfg etc all set up such that I can trigger a red alert for system testbox for msgs fine. But I never get an email of said alerts as per the alerts.cfg attempt. I can check the maillog on testbox and the email isn;t sent (ie it hasn;'t got blpocked or whatever elsewhere - its just never sent ie never triggered.)
If tried the displaygroup group name in both upper and lower case.
what am I doing wrong?
▸ quoted from Phil Crooker
On Friday, 31 August 2018, 04:18:09 BST, Phil Crooker <user-e8e31cd73303@xymon.invalid> wrote:
Have two separate HOST stanzas - one for linux hosts and one for windows.
HOST=linuxhost.whatever.com,linuxhost2.whatever.com [[conditions]]
MAIL user-ef5b3ed21e29@xymon.invalid
HOST=winhost.whatever.com,winhost2.whatever.com [[conditions]]
MAIL whoever at .....
Of course you can use host groups, regular expressions, etc.
From: Ian Diddams <user-7fbf34ed5219@xymon.invalid>
Sent: Thursday, August 30, 2018 9:50 PM
To: Xymon Mailing List
Subject: create an alert for all linux servers Ive an alert for msgs (var/log/messages entries) that I desire to have paged in office hours only
Thing is its only linux clients that need this check., not windows clients.
So if I set a stadard style alerts.cfg entry
HOST=* SERVICE=msgs TIME=w:0800:1830 COLOR=red MAIL user-f08d0f38759b@xymon.invalid
of course if any windows msgs go red (constantly... zzzz) then they will page also, which is not the required outcome.
There is the option I see of something like
alerts.cfg:
GROUP=SSSD_MSGS TIME=w:0800:1830 COLOR=red MAIL user-f08d0f38759b@xymon.invalid
analysis.cfgdefault section
LOG %/var/log/messages "%TEST" COLOR=red GROUP=SSSD_MSGS [ search string here of course being TEST ]
but that does exactly the same thing.
So - aside from adding that LOG line to umpteen individual analysis.cfg entries for each linux server, or a single section listing all the linux servers ... is there a way to curtail this check to only linux servers (or more likely a bunch of hostnames of course). Somewhere it seems we'd have to manulayy maintain the correct "list" of hostnames to be caught - Im just trying to minimise the overhead.
I had considered using a yellow alert to alert the LOG check... but other "things" also issue yellow alerts and we don;t want to trigger them either.
I can;t see a way out of this?
didds
|
Please consider the environment before printing this e-mail
This message from ORIX Australia may contain confidential and/or privileged information. If you are not the intended recipient, any use, disclosure or copying of this message (or of any attachments to it) is not authorised. If you have received this message in error, please notify the sender immediately and delete the message and any attachments from your system. Please inform the sender if you do not wish to receive further communications by email.
ORIX has a Privacy Policy which outlines what kinds of personal information we collect and hold, how we may collect and handle it, and your rights regarding personal information. Please let us know if you would like a copy. The Privacy Policy and a Collection Statement are also available on our website.
We do not accept liability for any loss or damage caused by any computer viruses or defects that may be transmitted with this message. We recommend you carry out your own checks for viruses or defects.
|