xymon File has MD5 hash (No MD5 data) - should be
list Ciprian Parfon
Hello I came to you again, with hope that someone bumped into this problem and could give me some help. I have configured XYmon to check some files with MD5 but it doesn't work as expected. My Xymon server is 4.3.10. On the server I edited 'client-local.cfg' like so [dev] file:/etc/passwd:4736b427730af4ae0d5e11c098be4ff6 file:/etc/shadow:aadf4e9f14a8cceab31d635f9ea5fdb8 Also, I have in analisys.cfg the following entry: HOST=%dev* FILE /etc/passwd MD5=4736b427730af4ae0d5e11c098be4ff6 COLOR=red FILE /etc/shadow MD5=aadf4e9f14a8cceab31d635f9ea5fdb8 COLOR=red On the client: # cat tmp/logfetch.dev.cfg file:/etc/passwd:4736b427730af4ae0d5e11c098be4ff6 file:/etc/shadow:aadf4e9f14a8cceab31d635f9ea5fdb8 The client has all the rights to run 'md5sum' and I also disabled selinux. Any thoughts ? -- Ciprian Parfon System & Network Engineer +40 721879113 user-429c6153ee89@xymon.invalid
list Henrik Størner
▸
Den 2014-02-04 10:44, Ciprian Parfon skrev:
Hello I came to you again, with hope that someone bumped into this problem and could give me some help. I have configured XYmon to check some files with MD5 but it doesn't work as expected. My Xymon server is 4.3.10. On the server I edited 'client-local.cfg' like so [dev] file:/etc/passwd:4736b427730af4ae0d5e11c098be4ff6 file:/etc/shadow:aadf4e9f14a8cceab31d635f9ea5fdb8
You don't include the hash in client-local.cfg - you just tell the client what kind of hash it should calculate. So this should be [dev] file:/etc/passwd:md5 file:/etc/shadow:md5
▸
Also, I have in analisys.cfg the following entry: HOST=%dev* FILE /etc/passwd MD5=4736b427730af4ae0d5e11c098be4ff6 COLOR=red FILE /etc/shadow MD5=aadf4e9f14a8cceab31d635f9ea5fdb8 COLOR=red
Your pattern match will find a host name "dev", but it will in fact match any host that has "de" in the hostname. '*' is not a wilcard, it is a counter meaning "0 or more of the preceding character" - 'v' in this case - and you haven't anchored the 'de'. You probably want HOST=%^dev Regards, Henrik
list Ciprian Parfon
Hello Henrik I took your advice and modified client-local.cfg and replaced the hashes with 'md5'. Unfortunatelly it still doesn't work. In my browser when I click on "client data" I see this (in the files section): [file:/etc/shadow] type:100000 (file) mode:0 (----------) linkcount:1 owner:0 (root) group:0 (root) size:2229 clock:1391509248 (2014/02/04-10:20:48) atime:1369319982 (2013/05/23-14:39:42) ctime:1369849694 (2013/05/29-17:48:14) mtime:1369849694 (2013/05/29-17:48:14) [file:/etc/passwd] type:100000 (file) mode:644 (-rw-r--r--) linkcount:1 owner:0 (root) group:0 (root) size:2025 clock:1391509248 (2014/02/04-10:20:48) atime:1376392921 (2013/08/13-11:22:01) ctime:1376392921 (2013/08/13-11:22:01) mtime:1376392921 (2013/08/13-11:22:01) There isn't any md5 hash in there. :|
▸
On 02/04/2014 12:04 PM, user-ce4a2c883f75@xymon.invalid wrote:Den 2014-02-04 10:44, Ciprian Parfon skrev:Hello I came to you again, with hope that someone bumped into this problem and could give me some help. I have configured XYmon to check some files with MD5 but it doesn't work as expected. My Xymon server is 4.3.10. On the server I edited 'client-local.cfg' like so [dev] file:/etc/passwd:4736b427730af4ae0d5e11c098be4ff6 file:/etc/shadow:aadf4e9f14a8cceab31d635f9ea5fdb8You don't include the hash in client-local.cfg - you just tell the client what kind of hash it should calculate. So this should be [dev] file:/etc/passwd:md5 file:/etc/shadow:md5Also, I have in analisys.cfg the following entry: HOST=%dev* FILE /etc/passwd MD5=4736b427730af4ae0d5e11c098be4ff6 COLOR=red FILE /etc/shadow MD5=aadf4e9f14a8cceab31d635f9ea5fdb8 COLOR=redYour pattern match will find a host name "dev", but it will in fact match any host that has "de" in the hostname. '*' is not a wilcard, it is a counter meaning "0 or more of the preceding character" - 'v' in this case - and you haven't anchored the 'de'. You probably want HOST=%^dev Regards, Henrik
-- Ciprian Parfon System & Network Engineer +40 721879113 user-429c6153ee89@xymon.invalid
list Ciprian Parfon
Ermm .. sry, about this. Seems they appeared after all. :) Thanks Henrik.
▸
On 02/04/2014 12:29 PM, Ciprian Parfon wrote:Hello Henrik I took your advice and modified client-local.cfg and replaced the hashes with 'md5'. Unfortunatelly it still doesn't work. In my browser when I click on "client data" I see this (in the files section): [file:/etc/shadow] type:100000 (file) mode:0 (----------) linkcount:1 owner:0 (root) group:0 (root) size:2229 clock:1391509248 (2014/02/04-10:20:48) atime:1369319982 (2013/05/23-14:39:42) ctime:1369849694 (2013/05/29-17:48:14) mtime:1369849694 (2013/05/29-17:48:14) [file:/etc/passwd] type:100000 (file) mode:644 (-rw-r--r--) linkcount:1 owner:0 (root) group:0 (root) size:2025 clock:1391509248 (2014/02/04-10:20:48) atime:1376392921 (2013/08/13-11:22:01) ctime:1376392921 (2013/08/13-11:22:01) mtime:1376392921 (2013/08/13-11:22:01) There isn't any md5 hash in there. :| On 02/04/2014 12:04 PM, user-ce4a2c883f75@xymon.invalid wrote:Den 2014-02-04 10:44, Ciprian Parfon skrev:Hello I came to you again, with hope that someone bumped into this problem and could give me some help. I have configured XYmon to check some files with MD5 but it doesn't work as expected. My Xymon server is 4.3.10. On the server I edited 'client-local.cfg' like so [dev] file:/etc/passwd:4736b427730af4ae0d5e11c098be4ff6 file:/etc/shadow:aadf4e9f14a8cceab31d635f9ea5fdb8You don't include the hash in client-local.cfg - you just tell the client what kind of hash it should calculate. So this should be [dev] file:/etc/passwd:md5 file:/etc/shadow:md5Also, I have in analisys.cfg the following entry: HOST=%dev* FILE /etc/passwd MD5=4736b427730af4ae0d5e11c098be4ff6 COLOR=red FILE /etc/shadow MD5=aadf4e9f14a8cceab31d635f9ea5fdb8 COLOR=redYour pattern match will find a host name "dev", but it will in fact match any host that has "de" in the hostname. '*' is not a wilcard, it is a counter meaning "0 or more of the preceding character" - 'v' in this case - and you haven't anchored the 'de'. You probably want HOST=%^dev Regards, Henrik-- Ciprian Parfon System & Network Engineer +40 721879113 user-429c6153ee89@xymon.invalid
-- Ciprian Parfon System & Network Engineer +40 721879113 user-429c6153ee89@xymon.invalid
list Henrik Størner
▸
Den 2014-02-04 11:29, Ciprian Parfon skrev:
Hello Henrik I took your advice and modified client-local.cfg and replaced the hashes with 'md5'. Unfortunatelly it still doesn't work.
Have patience. Changes to client-local.cfg may take up to 25 minutes to show up: xymond only reloads the configuration every 15 minutes (unless you do a 'kill -HUP'), then the client has to do one loop which picks up the new configuration but doesn't use it yet, and then the next loop of the client will make the change show up. Regards, Henrik