Has anyone been successful at something like this?
I am monitoring a process where there should be at least 1 running but no more than 1. These processes are running on a windows server (BBWin 0.12) and reporting back to my Xymon server (4.3.0) on Ubuntu (10.04).
Easy (analysis.cfg): HOST=reallycoolserver PROC galaxy_hitch_guide.exe 1 1 red
Ok, so on occasion some special people will run an additional process manually and this happens often and is acceptable. So, I would like the alert above to have an initial duration of say 240 prior to alerting.
Easy (alerts.cfg): HOST=reallycoolserver MAIL me at here.com DURATION>240 REPEAT=30 FORMAT=TEXT STOP
So, this seems all well and good except in 2 other cases:
If another monitored process on reallycoolserver fails, it will also be delayed 240 minutes.If an unacceptable condition with coolthing.exe such as 20 of them running.
So, I thought that GROUPS would be the way to go:
Analysis.cfg: HOST=reallycoolserver PROC galaxy_hitch_guide.exe 1 20 red GROUP=fish
HOST=reallycoolserver PROC galaxy_hitch_guide.exe 1 1 red GROUP=pints
Alerts.cfg: HOST=reallycoolserver GROUP=fish MAIL me at here.com DURATION>5 REPEAT=10 FORMAT=TEXT GROUP=fish STOP
HOST=reallycoolserver GROUP=pints MAIL me at here.com DURATION>240 REPEAT=10 FORMAT=TEXT GROUP=pints STOP
I have tried to arrange these in a variety of ways:
A single HOST entry in analysis.cfg with the same proc defined twice as above. The color will change correctly but the alerts do not behave right.A group only entry in alerts.cfgUsing EXGROUP following the HOST entry to exclude one of the groupsUsing EXGROUP following the MAIL entry to exclude one of the groups
Any ideas? Thanks, John
John Rothlisberger IT Strategy, Infrastructure & Security - Technology Growth Platform TGP for Business Process Outsourcing Accenture 312.693.3136 office
Subject to local law, communications with Accenture and its affiliates including telephone calls and emails (including content), may be monitored by our systems for the purposes of security and the assessment of internal compliance with Accenture policy.
www.accenture.com
participants (1)
-
john.r.rothlisbergerï¼ accenture.com