I got this in my analysis.cfg
HOST=host01 PORT LOCAL=%.: STATE=LISTEN min=2 "TEXT=SSH listener" PORT LOCAL=%.: STATE=ESTABLISHED min=0 max=10 color=yellow TRACK=ssh "TEXT=SSH logins"
DEFAULT # These are added defaults # These are the built-in defaults. UP 1h LOAD 30.0 40.0 MEMPHYS 100 101 MEMSWAP 70 80 MEMACT 90 97 LOG /var/adm/messages "%WARNING|ERROR" COLOR=red #LOG /var/adm/messages "%NOTICE" COLOR=yellow PROC sendmail PROC inetd PROC cron CLOCK 10
But the PROC test is still white for host01 saying PROC is not defined. But if I add PROC like this HOST=host01 PORT LOCAL=%.: STATE=LISTEN min=2 "TEXT=SSH listener" PORT LOCAL=%.: STATE=ESTABLISHED min=0 max=10 color=yellow TRACK=ssh "TEXT=SSH logins" PROC xntp
Then it goes green and show PROC for xntp as expected but even the default ones sendmail, inetd,and cron Looking in the history it seems that it goes back and forth between green and white displaying default procs as OK even in the white history. The it doesn't show the text PROCS are not defined as it did when I looked at it before adding the HOST section.
Really funny, Why do I need to add the HOST entry to get the DEFAULT PROCs working?
Running 4.3.5 on Solaris 10, clients and server.
Roland