xymon File has MD5 hash (No MD5 data) - should be
Hello
I came to you again, with hope that someone bumped into this problem and could give me some help.
I have configured XYmon to check some files with MD5 but it doesn't work as expected. My Xymon server is 4.3.10. On the server I edited 'client-local.cfg' like so
[dev] file:/etc/passwd:4736b427730af4ae0d5e11c098be4ff6 file:/etc/shadow:aadf4e9f14a8cceab31d635f9ea5fdb8
Also, I have in analisys.cfg the following entry:
HOST=%dev* FILE /etc/passwd MD5=4736b427730af4ae0d5e11c098be4ff6 COLOR=red FILE /etc/shadow MD5=aadf4e9f14a8cceab31d635f9ea5fdb8 COLOR=red
On the client:
cat tmp/logfetch.dev.cfg
file:/etc/passwd:4736b427730af4ae0d5e11c098be4ff6 file:/etc/shadow:aadf4e9f14a8cceab31d635f9ea5fdb8
The client has all the rights to run 'md5sum' and I also disabled selinux.
Any thoughts ?
-- Ciprian Parfon System & Network Engineer +40 721879113 ciprian.parfon at gmail.com
Den 2014-02-04 10:44, Ciprian Parfon skrev:
Hello
I came to you again, with hope that someone bumped into this problem and could give me some help.
I have configured XYmon to check some files with MD5 but it doesn't work as expected. My Xymon server is 4.3.10. On the server I edited 'client-local.cfg' like so
[dev] file:/etc/passwd:4736b427730af4ae0d5e11c098be4ff6 file:/etc/shadow:aadf4e9f14a8cceab31d635f9ea5fdb8
You don't include the hash in client-local.cfg - you just tell the client what kind of hash it should calculate. So this should be
[dev] file:/etc/passwd:md5 file:/etc/shadow:md5
Also, I have in analisys.cfg the following entry:
HOST=%dev* FILE /etc/passwd MD5=4736b427730af4ae0d5e11c098be4ff6 COLOR=red FILE /etc/shadow MD5=aadf4e9f14a8cceab31d635f9ea5fdb8 COLOR=red
Your pattern match will find a host name "dev", but it will in fact match any host that has "de" in the hostname. '*' is not a wilcard, it is a counter meaning "0 or more of the preceding character" - 'v' in this case - and you haven't anchored the 'de'.
You probably want HOST=%^dev
Regards, Henrik
Hello Henrik
I took your advice and modified client-local.cfg and replaced the hashes with 'md5'. Unfortunatelly it still doesn't work. In my browser when I click on "client data" I see this (in the files section):
[file:/etc/shadow] type:100000 (file) mode:0 (----------) linkcount:1 owner:0 (root) group:0 (root) size:2229 clock:1391509248 (2014/02/04-10:20:48) atime:1369319982 (2013/05/23-14:39:42) ctime:1369849694 (2013/05/29-17:48:14) mtime:1369849694 (2013/05/29-17:48:14)
[file:/etc/passwd] type:100000 (file) mode:644 (-rw-r--r--) linkcount:1 owner:0 (root) group:0 (root) size:2025 clock:1391509248 (2014/02/04-10:20:48) atime:1376392921 (2013/08/13-11:22:01) ctime:1376392921 (2013/08/13-11:22:01) mtime:1376392921 (2013/08/13-11:22:01)
There isn't any md5 hash in there. :|
On 02/04/2014 12:04 PM, henrik at hswn.dk wrote:
Den 2014-02-04 10:44, Ciprian Parfon skrev:
Hello
I came to you again, with hope that someone bumped into this problem and could give me some help.
I have configured XYmon to check some files with MD5 but it doesn't work as expected. My Xymon server is 4.3.10. On the server I edited 'client-local.cfg' like so
[dev] file:/etc/passwd:4736b427730af4ae0d5e11c098be4ff6 file:/etc/shadow:aadf4e9f14a8cceab31d635f9ea5fdb8
You don't include the hash in client-local.cfg - you just tell the client what kind of hash it should calculate. So this should be
[dev] file:/etc/passwd:md5 file:/etc/shadow:md5
Also, I have in analisys.cfg the following entry:
HOST=%dev* FILE /etc/passwd MD5=4736b427730af4ae0d5e11c098be4ff6 COLOR=red FILE /etc/shadow MD5=aadf4e9f14a8cceab31d635f9ea5fdb8 COLOR=red
Your pattern match will find a host name "dev", but it will in fact match any host that has "de" in the hostname. '*' is not a wilcard, it is a counter meaning "0 or more of the preceding character" - 'v' in this case - and you haven't anchored the 'de'.
You probably want HOST=%^dev
Regards, Henrik
Xymon mailing list Xymon at xymon.com http://lists.xymon.com/mailman/listinfo/xymon
-- Ciprian Parfon System & Network Engineer +40 721879113 ciprian.parfon at gmail.com
Ermm .. sry, about this. Seems they appeared after all. :)
Thanks Henrik.
On 02/04/2014 12:29 PM, Ciprian Parfon wrote:
Hello Henrik
I took your advice and modified client-local.cfg and replaced the hashes with 'md5'. Unfortunatelly it still doesn't work. In my browser when I click on "client data" I see this (in the files section):
[file:/etc/shadow] type:100000 (file) mode:0 (----------) linkcount:1 owner:0 (root) group:0 (root) size:2229 clock:1391509248 (2014/02/04-10:20:48) atime:1369319982 (2013/05/23-14:39:42) ctime:1369849694 (2013/05/29-17:48:14) mtime:1369849694 (2013/05/29-17:48:14)
[file:/etc/passwd] type:100000 (file) mode:644 (-rw-r--r--) linkcount:1 owner:0 (root) group:0 (root) size:2025 clock:1391509248 (2014/02/04-10:20:48) atime:1376392921 (2013/08/13-11:22:01) ctime:1376392921 (2013/08/13-11:22:01) mtime:1376392921 (2013/08/13-11:22:01)
There isn't any md5 hash in there. :|
On 02/04/2014 12:04 PM, henrik at hswn.dk wrote:
Den 2014-02-04 10:44, Ciprian Parfon skrev:
Hello
I came to you again, with hope that someone bumped into this problem and could give me some help.
I have configured XYmon to check some files with MD5 but it doesn't work as expected. My Xymon server is 4.3.10. On the server I edited 'client-local.cfg' like so
[dev] file:/etc/passwd:4736b427730af4ae0d5e11c098be4ff6 file:/etc/shadow:aadf4e9f14a8cceab31d635f9ea5fdb8
You don't include the hash in client-local.cfg - you just tell the client what kind of hash it should calculate. So this should be
[dev] file:/etc/passwd:md5 file:/etc/shadow:md5
Also, I have in analisys.cfg the following entry:
HOST=%dev* FILE /etc/passwd MD5=4736b427730af4ae0d5e11c098be4ff6 COLOR=red FILE /etc/shadow MD5=aadf4e9f14a8cceab31d635f9ea5fdb8 COLOR=red
Your pattern match will find a host name "dev", but it will in fact match any host that has "de" in the hostname. '*' is not a wilcard, it is a counter meaning "0 or more of the preceding character" - 'v' in this case - and you haven't anchored the 'de'.
You probably want HOST=%^dev
Regards, Henrik
Xymon mailing list Xymon at xymon.com http://lists.xymon.com/mailman/listinfo/xymon
-- Ciprian Parfon System & Network Engineer +40 721879113 ciprian.parfon at gmail.com
-- Ciprian Parfon System & Network Engineer +40 721879113 ciprian.parfon at gmail.com
Den 2014-02-04 11:29, Ciprian Parfon skrev:
Hello Henrik
I took your advice and modified client-local.cfg and replaced the hashes with 'md5'. Unfortunatelly it still doesn't work.
Have patience. Changes to client-local.cfg may take up to 25 minutes to show up: xymond only reloads the configuration every 15 minutes (unless you do a 'kill -HUP'), then the client has to do one loop which picks up the new configuration but doesn't use it yet, and then the next loop of the client will make the change show up.
Regards, Henrik
participants (2)
-
ciprian.parfon@gmail.com
-
henrik@hswn.dk