Testing a directory mod date on a *nix platform would be a piece of cake.
I did say this was for a folder that resides on a windows server.
Thanks, John
John Rothlisberger IT Strategy, Infrastructure & Security - Technology Growth Platform TGP for Business Process Outsourcing Accenture 312.693.3136 office
-----Original Message----- From: Jeremy Laidman [mailto:jlaidman at rebel-it.com.au] Sent: Wednesday, January 18, 2012 12:46 AM To: Rothlisberger, John R. Cc: xymon at xymon.com Subject: Re: [Xymon] testing folder modified date on winderz?
On Wed, Jan 18, 2012 at 6:38 AM, <john.r.rothlisberger at accenture.com> wrote:
No, when I use the FILE spec on a directory/folder it says "File is missing" along with an "Error: Access denied".
I use file on a directory and it works for me. However, I specify the directory using backticks, along with the directories contents, but I don't know how that would change anything. What I'm doing is checking if someone changed the group ownership for entries (files or subdirectories) in the directory "/var/named/", so that different users in the same group can edit the files. My client-local.cfg has:
[myhost] file:
/bin/ls -a /var/named/ | sed '/^\.$/d;/^\.\.$/d;/^lost+found$/d;s|^|/var/named/|':2048This gives me lots of entries in my client data, each one showing the perms, ownership, size, and so on. One of them is:
[file:/var/named/master] type:40000 (directory) mode:2775 (drwxrwsr-x) linkcount:3 owner:65535 (d619539) group:44 (named) size:4096 clock:1326866742 (2012/01/18-17:05:42) atime:1326866742 (2012/01/18-17:05:42) ctime:1326783927 (2012/01/17-18:05:27) mtime:1326783927 (2012/01/17-18:05:27)
Then in my analysis.cfg I have this:
HOST=%^myhost FILE %/var/named/(\.[^\.]*|[^\.].*) yellow groupid=named
which detects when the group name is incorrect on any dirent not starting with "..", and sets "file" to yellow. I just tested this and it works.
Cheers Jeremy
Subject to local law, communications with Accenture and its affiliates including telephone calls and emails (including content), may be monitored by our systems for the purposes of security and the assessment of internal compliance with Accenture policy.
www.accenture.com