I added "--loadhostsfromxymond" to xymond_alert and that made no difference.
These are just directory includes in the hosts.cfg file.
FWIW, these clients can also NOT be found using the find host script from the browser - this is annoying for the time being but what if all of our hosts were with directory includes?
Thanks, John
-----Original Message----- From: Japheth Cleaver <cleaver at terabithia.org> Sent: Wednesday, September 4, 2019 2:58 PM To: Rothlisberger, John R. <john.r.rothlisberger at accenture.com>; xymon at xymon.com Subject: [External] Re: Errors after upgrade to 4.3.29
This message is from an EXTERNAL SENDER - be CAUTIOUS, particularly with links and attachments.
Hi,
This warning (used to be just a debug message) was added in a few
versions ago (https://urldefense.proofpoint.com/v2/url?u=https-3A__sourceforge.net_p_xymon... ) to call out
when rules were presented for a host not visible yet. It could be a sign
that xymond is not following the 'include' files and thus not presenting
it to xymond_alert.
Are these regular directory includes or 'netinclude's?
Also, can you try adding the --loadhostsfromxymond option to your
xymond_alert CMD line and see if the warnings go away?
HTH,
-jc
On 9/4/2019 9:03 AM, Rothlisberger, John R. wrote:
Ubuntu 16.04LTS
Hosts.cfg entry:
directory /home/xymon/server/etc/include_ssl/a/
File /home/Xymon/server/etc/include_ssl/a/abcdef.acc.com contains:
0.0.0.0abcdef.acc.com # noconn NOPROPYELLOW:* NOPROPPURPLE:*
NOCOLUMNS:http,info,trends ssldays=30:15 https://urldefense.proofpoint.com/v2/url?u=https-3A__abcdef.acc.com&d=DwID-g...
0.0.1.0
I am seeing these errors in my alert.log - these particular clients
(URL's actually as they are for sslcert tests reside in an include
directory):
Checking criteria for host 'abcdef.acc.com', which is not yet defined;
some alerts may not immediately fire
The errors are popping for every file that is in the include_directory.
These errors were not present in 4.3.21 - 4.3.28. Ideas?
Thanks,
John
Upcoming PTO:
John Rothlisberger
IT Strategy, Infrastructure & Security - Technology Growth Platform
TGP for Business Process Outsourcing
Accenture
312.693.3136 office**
This message is for the designated recipient only and may contain
privileged, proprietary, or otherwise confidential information. If you
have received it in error, please notify the sender immediately and
delete the original. Any other use of the e-mail by you is prohibited.
Where allowed by local law, electronic communications with Accenture and
its affiliates, including e-mail and instant messaging (including
content), may be scanned by our systems for the purposes of information
security and assessment of internal compliance with Accenture policy.
Your privacy is important to us. Accenture uses your personal data only
in compliance with data protection laws. For further information on how
Accenture processes your personal data, please see our privacy statement
This message is for the designated recipient only and may contain privileged, proprietary, or otherwise confidential information. If you have received it in error, please notify the sender immediately and delete the original. Any other use of the e-mail by you is prohibited. Where allowed by local law, electronic communications with Accenture and its affiliates, including e-mail and instant messaging (including content), may be scanned by our systems for the purposes of information security and assessment of internal compliance with Accenture policy. Your privacy is important to us. Accenture uses your personal data only in compliance with data protection laws. For further information on how Accenture processes your personal data, please see our privacy statement at https://www.accenture.com/us-en/privacy-policy.
www.accenture.com