Re: avoid duplicated alerts in a multi-host/mon context
Augie Schwer <augie.schwer <at> gmail.com>
2007-10-17 12:46:54 GMT
On 10/17/07, Jacques Klein <jk <at> dalim.com> wrote:
> Each host runs a mon daemon with a mon.cf configured according to the
> services to watch;
> this depends of the kind of apps. installed on this host.
> An application may need access to (a service on) an other host, so there
> is a watch checking for this remote service.
> When such a "server host" goes down (or crashes, or ...) , than there
> can (will) be several alerts raised, one on each "client host".
> This will, for example, result in duplicated and redondant email messages.
> How can such a behavior avoided ?.
If I am reading you right, then you want the "depend" definition in
your watch group:
The depend keyword is used to specify a dependency expression,
which evaluates to either true of false, in the boolean sense.
Dependencies are actual Perl expressions, and must obey all syn-
tactical rules. The expressions are evaluated in their own pack-
age space so as to not accidentally have some unwanted side-
effect. If a syntax error is found when evaluating the expres-
sion, it is logged via syslog.
Before evaluation, the following substitutions on the expression
occur: phrases which look like "group:service" are substituted
with the value of the current operational status of that speci-
fied service. These opstatus substitutions are computed recur-
sively, so if service A depends upon service B, and service B