I am just starting out with Xymon and have many questions. The current issue is that I want to suppress the sslcert test on some of my hosts.
I have tried adding nosslcert to the host line after the testip keyword. I have tried to drop the test using the ./.xymon 120.0.0.1 "drop HOSTNAME sslcert" command
Nothing is working.
Ted
This electronic message contains information generated by the USDA solely for the intended recipients. Any unauthorized interception of this message or the use or disclosure of the information it contains may violate the law and subject the violator to civil or criminal penalties. If you believe you have received this message in error, please notify the sender and delete the email immediately.
On 2/28/2014 11:55 AM, Wilcox, Theodore A -FS wrote:
I am just starting out with Xymon and have many questions. The current issue is that I want to suppress the sslcert test on some of my hosts.
I have tried adding nosslcert to the host line after the testip keyword.
The sslcert test result comes from other tests using ssl like "https" I suspect the 'nosslcert' directive needs to be on the same line as whichever host is requesting the 'https' test.
Can you paste a few lines of your hosts.cfg for us?
I have tried to drop the test using the ./.xymon 120.0.0.1 "drop HOSTNAME sslcert" command
When you do this, are you using a HOSTNAME which exactly matches the hostname defined in your hosts.cfg?
What color is the sslcert test and how old is the result?
-- Do things because you should, not just because you can.
John Thurston 907-465-8591 John.Thurston at alaska.gov Enterprise Technology Services Department of Administration State of Alaska
I put the nosslcert command on the same line as the host. When I use the drop the test, I am using the hostname as it is in the hosts file. The http test column is red and has been red since we started the program.
The line in question is pasted below, I have redacted the hostname and IP address.
###.###.##.### Hostname # testip https https://hostname16316/ibm/console/logon.jsp nosslcert
Ted
-----Original Message----- From: Xymon [mailto:xymon-bounces at xymon.com] On Behalf Of John Thurston Sent: Friday, February 28, 2014 2:40 PM To: xymon at xymon.com Subject: Re: [Xymon] nosslcert
On 2/28/2014 11:55 AM, Wilcox, Theodore A -FS wrote:
I am just starting out with Xymon and have many questions. The current issue is that I want to suppress the sslcert test on some of my hosts.
I have tried adding nosslcert to the host line after the testip keyword.
The sslcert test result comes from other tests using ssl like "https" I suspect the 'nosslcert' directive needs to be on the same line as whichever host is requesting the 'https' test.
Can you paste a few lines of your hosts.cfg for us?
I have tried to drop the test using the ./.xymon 120.0.0.1 "drop HOSTNAME sslcert" command
When you do this, are you using a HOSTNAME which exactly matches the hostname defined in your hosts.cfg?
What color is the sslcert test and how old is the result?
-- Do things because you should, not just because you can.
John Thurston 907-465-8591 John.Thurston at alaska.gov Enterprise Technology Services Department of Administration State of Alaska
Xymon mailing list Xymon at xymon.com http://lists.xymon.com/mailman/listinfo/xymon
This electronic message contains information generated by the USDA solely for the intended recipients. Any unauthorized interception of this message or the use or disclosure of the information it contains may violate the law and subject the violator to civil or criminal penalties. If you believe you have received this message in error, please notify the sender and delete the email immediately.
On 2/28/2014 12:46 PM, Wilcox, Theodore A -FS wrote:
I put the nosslcert command on the same line as the host. When I use the drop the test, I am using the hostname as it is in the hosts file. The http test column is red and has been red since we started the program.
If you have https://foo.bar... you don't need the simple https check on the host. The complex one will handle it. This might be affecting the sslcert result, but I doubt it.
How old is the sslcert red? If you click on the red ball, it will have a date and time as well as 'Status unchanged" and source IP at the bottom.
-- Do things because you should, not just because you can.
John Thurston 907-465-8591 John.Thurston at alaska.gov Enterprise Technology Services Department of Administration State of Alaska
On 02/28/14 15:55, Wilcox, Theodore A -FS wrote:
I am just starting out with Xymon and have many questions. The current issue is that I want to suppress the sslcert test on some of my hosts.
I have tried adding nosslcert to the host line after the testip keyword.
I have tried to drop the test using the ./.xymon 120.0.0.1 “drop HOSTNAME sslcert” command
Maybe it is just a typo in your email, but 120.0.0.1 will not work.
127.0.0.1 of course is what you're after. And of course just localhost will also work.
Hope this helps!
-- Bill Arlofski Reverse Polarity, LLC http://www.revpol.com -- Not responsible for anything below this line --
I did use 127. Thanks.
-----Original Message----- From: Xymon [mailto:xymon-bounces at xymon.com] On Behalf Of Bill Arlofski Sent: Friday, February 28, 2014 3:15 PM To: xymon at xymon.com Subject: Re: [Xymon] nosslcert
On 02/28/14 15:55, Wilcox, Theodore A -FS wrote:
I am just starting out with Xymon and have many questions. The current issue is that I want to suppress the sslcert test on some of my hosts.
I have tried adding nosslcert to the host line after the testip keyword.
I have tried to drop the test using the ./.xymon 120.0.0.1 "drop HOSTNAME sslcert" command
Maybe it is just a typo in your email, but 120.0.0.1 will not work.
127.0.0.1 of course is what you're after. And of course just localhost will also work.
Hope this helps!
-- Bill Arlofski Reverse Polarity, LLC http://www.revpol.com -- Not responsible for anything below this line --
Xymon mailing list Xymon at xymon.com http://lists.xymon.com/mailman/listinfo/xymon
This electronic message contains information generated by the USDA solely for the intended recipients. Any unauthorized interception of this message or the use or disclosure of the information it contains may violate the law and subject the violator to civil or criminal penalties. If you believe you have received this message in error, please notify the sender and delete the email immediately.
I am trying to turn off the ssl cert check on selected hosts' http test. Can anyone assist me with this?
Ted
This electronic message contains information generated by the USDA solely for the intended recipients. Any unauthorized interception of this message or the use or disclosure of the information it contains may violate the law and subject the violator to civil or criminal penalties. If you believe you have received this message in error, please notify the sender and delete the email immediately.
On 3/4/2014 9:40 AM, Wilcox, Theodore A -FS wrote:
I am trying to turn off the ssl cert check on selected hosts' http test. Can anyone assist me with this?
Have you appended the string 'nosslcert' to the end of the host's line in hosts.cfg? To prevent the sslcert column from going purple, you will also need to "drop" the test results for that host/test combination.
-- Do things because you should, not just because you can.
John Thurston 907-465-8591 John.Thurston at alaska.gov Enterprise Technology Services Department of Administration State of Alaska
participants (3)
-
john.thurston@alaska.gov
-
tawilcox@fs.fed.us
-
waa-hobbitml@revpol.com