On 18 November 2015 at 04:41, John Thurston <john.thurston at alaska.gov> wrote:
I could go for inclusion on the host's "info" page, but would really dislike it being treated like a "ghost". Having the xymond test column flapping yellow because some unauthorized workstation (a ghost) is sending me messages is bad enough. Having it bounce yellow because a host is sending messages I have specifically excluded would be awful.
Fair enough. As long as there's some place for a confused sysadmin to look for reasons why status messages are not showing up. Could be in a log file.
I am certainly not _opposed_ to a "!" syntax. For my business need, "acceptonly" with an inclusion list is perfectly adequate. My need is to prevent noise. If I blackball specific tests, the noise can just be moved to a test with a new name. Yes, in some cases it could make the acceptonly tag a little long-winded. But if I can use it on the .default. line, I won't have to type it very often.
In another discussion, mention was made to the NOPROPRED tag, which has a useful format that would seem to work well for this also, and obviously the parsing code already exists. Examples to demonstrate:
0.0.0.0 .default. # ACCEPTONLY:-memory 192.168.0.1 host1.example.com # ACCEPTONLY:+memory,-disk 192.168.0.2 host2.example.com # ACCEPTONLY:cpu,disk,memory 0.0.0.0 .default. # ACCEPTONLY:* 192.168.0.3 host3.example.com # ACCEPTONLY:-disk
Now, a question. Should this matching apply to:
- only messages from the IP address from hosts.cfg?
- to any message not from the Xymon server?
- to any message including from the Xymon server, eg if I exclude "conn" messages, should they be dropped?
J