Hi,
I am trying to alert when a log on a windows client is not being updated regularly. I have this being returned in the Client Data :-
[logfile:D:\XXXX\Logs\YYYY\latest-D.log] type:0x00020 (file) mode:777 (not implemented) linkcount:1 owner:0 (not implemented) group:0 (not implemented) size:4978660 atime:1413190800 (2014/10/13-09:00:00) ctime:1413190800 (2014/10/13-09:00:00) mtime:1413193801 (2014/10/13-09:50:01)
and when I put (FILE "%.*latest-D.log" YELLOW mtime<900) in analysis.cfg, Xymon shows the file to be 138 years old :-
File was modified 4294963716 seconds ago - should be <900
This is Xymon 4.3.13 and BBWin 0.13 but I see references to very old files as long ago as 2009 (http://sourceforge.net/p/bbwin/discussion/460874/thread/b65f157b/) so I guess this issue has been around for a long time.
My first thought is that when compared to Client Data from a Unix client, there is no
clock:1412960833 (2014/10/10-17:07:13)
line, but in check_file() in xymond/client_config.c, this appears to be covered:-
if (clock == 0) clock = getcurrenttime(NULL);
ctimedif = clock - ctime;
atimedif = clock - atime;
mtimedif = clock - mtime;where clock is unsigned int, should that be time_t ?
Andy