/etc/xymon/client-local.cfg is in xymon 4.3.28-3build1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 | # The client-local.cfg file contains configuration for
# the Xymon clients running on monitored systems. When
# clients contact the Xymon server, they get the section
# from this file which matches their hostname or operating
# system.
#
# The following configuration items are currently possible:
# "log:FILENAME:MAXDATA"
# Monitor the text-based logfile FILENAME, and report
# back at most MAXDATA bytes. The Xymon client will
# only report back entries generated during the past
# 30 minutes, so MAXDATA is an upper limit.
# "ignore EXPRESSION"
# Must follow a "log:..." entry. Lines matching the
# regular EXPRESSION are not sent to the Xymon server.
# "trigger EXPRESSION"
# Must follow a "log:..." entry. Lines matching the
# regular EXPRESSION are always sent to the Xymon server.
# Use this for extremely critical errors that must be
# reported.
# "deltacount KEYWORD EXPRESSION"
# Must follow a "log:..." entry. Counts the number of
# lines matching the regular EXPRESSION and tracks the
# number seen per run starting from where we stopped
# last time.
#
# "linecount:FILENAME"
# Monitor the text-based logfile FILENAME, but just
# count the number of times certain expressions appear.
# This processes the entire file every time, unlike
# deltacount. It must be followed by one or more lines with
# "KEYWORD PATTERN"
# KEYWORD identifies this count. You can use any string
# except whitespace. PATTERN is a regular expression
# that you want to search for in the file.
#
# "file:FILENAME[:hash]"
# Monitor the file FILENAME by reporting file metadata.
# The Xymon client will report back all of the file
# meta-data, e.g. size, timestamp, filetype, permissions
# etc. The optional "hash" setting is "md5", "rmd160",
# "sha1", or "sha256", "sha512", "sha224", or "sha384",
# and causes the Xymon client to compute a file hash using
# the MD5, RMD160, SHA-1, or SHA-2 algorithms.
# Note: Computing the hash value may be CPU-intensive,
# so You should use this sparingly. For large-scale
# file integrity monitoring, use a real host-based
# IDS (Tripwire, AIDE or similar).
#
# "dir:DIRECTORY"
# Monitor the size of DIRECTORY, including sub-directories.
# This causes the Xymon client to run a "du" on DIRECTORY
# and send this back to the Xymon server.
# Note: Running "du" on large/deep directory structures can
# cause a significant system load.
#
# NB: If FILENAME and/or DIRECTORY are of the form `COMMAND`,
# then COMMAND is run on the client, and the lines output
# by the command are used as the file- or directory-names.
# This allows you to monitor files where the names change,
# as long as you can script some way of determining the
# interesting filenames.
[sunos]
log:/var/adm/messages:10240
[osf1]
log:/var/adm/messages:10240
[aix]
log:/var/adm/syslog/syslog.log:10240
[hp-ux]
log:/var/adm/syslog/syslog.log:10240
[win32]
[freebsd]
log:/var/log/messages:10240
[netbsd]
log:/var/log/messages:10240
[openbsd]
log:/var/log/messages:10240
[linux]
log:/var/log/messages:10240
ignore MARK
[linux22]
log:/var/log/messages:10240
ignore MARK
[redhat]
log:/var/log/messages:10240
ignore MARK
[debian]
log:/var/log/messages:10240
ignore MARK
[suse]
log:/var/log/messages:10240
ignore MARK
[mandrake]
log:/var/log/messages:10240
ignore MARK
[redhatAS]
log:/var/log/messages:10240
ignore MARK
[redhatES]
log:/var/log/messages:10240
ignore MARK
[rhel3]
log:/var/log/messages:10240
ignore MARK
[irix]
log:/var/adm/SYSLOG:10240
[darwin]
log:/var/log/system.log:10240
[sco_sv]
log:/var/adm/syslog:10240
|