-----Original Message----- From: Scot Kreienkamp [mailto:SKreien at la-z-boy.com] Sent: Tuesday, July 07, 2009 10:19 AM To: hobbit at hswn.dk Subject: RE: [hobbit] client file check
That doesn't work. It doesn't like the backticks in client-local.cfg. Now my clients say no files checked.
Thanks,
Scot Kreienkamp La-Z-Boy Inc. skreien at la-z-boy.com 734-242-1444 ext 6379
-----Original Message----- From: Brand, Thomas R. [mailto:TRBrand at cvs.com] Sent: Monday, July 06, 2009 4:31 PM To: hobbit at hswn.dk Subject: RE: [hobbit] client file check
-----Original Message----- From: dOCtoR MADneSs [mailto:doctor at makelofine.org]
You could try something like this : in local-client.cfg add a section for this host : [my_host] file:
sudo ls /your/fileand in hobbit-clients.cfg add a line in your host section : HOST=my_host FILE /your/file YOUR_SWITCHESanyone disagree with it ?
Somewhat of a security risk; when using sudo, I recommend using full path to the executable: sudo /bin/ls /your/file
and in your /etc/sudoers file:
Hobbit may run /bin/ls but flags are not allowed
hobbit ALL = NOPASSWD: /bin/ls [!-]*
t09trbrxs# su - hobbit hobbit at t09trbrxs:~> sudo /bin/ls /root/.ssh/authorized_keys /root/.ssh/authorized_keys hobbit at t09trbrxs:~> sudo /bin/ls --color=always /root/.ssh/authorized_keys hobbit's password: hobbit at t09trbrxs:~>
Did you add a corresponding rule in hobbit-clients.cfg ?
Example rule from my hobbit-clients.cfg file:
Check for core dump files; see "client-local.cfg" file
FILE "%.*(core|hs_err_pid.*log).*" yellow NOEXIST
This matches the below check in client-local.cfg
file:find / -maxdepth 1 -name "*core*" -mmin -360 2>/dev/null
So, if the client finds a core file in the root directory (/some_core_file) it reports it to the server; on the server the FILE rule says "set the 'files' column to YELLOW if a *core* file is found' which causes the web page to show:
Files status at Tue Jul 7 10:20:08 PDT 2009
! /core.20090707.050107.2457.dmp File exists
Then you need to set an appropriate ALERT in hobbit-alerts.cfg: HOST=testbox SERVICE=files MAIL yourEmail at yourmail.com COLOR=YELLOW