Re: {bb} find a way detect enable/disable OFFLINE (Blue) events in BB

To: bb@bb4.com
Subject: Re: {bb} find a way detect enable/disable OFFLINE (Blue) events in BB
From: Jeff Stoner <leapfrog@freeshell.org>
Date: Thu, 23 Dec 2004 14:42:05 +0000 (UTC)
Content-type: TEXT/PLAIN; charset=US-ASCII; format=flowed
In-reply-to: <20041223044453.59513.qmail@web53502.mail.yahoo.com>
References: <20041223044453.59513.qmail@web53502.mail.yahoo.com>
Reply-to: bb@bb4.com
Sender: owner-bb@bb4.com

On Wed, 22 Dec 2004, satish kumar wrote:

I have a requirement of finding a way to detect
who/when/where enabled/disabled the OFFLINE (blue)
events  in BB. please let me know at the earliest.

A sure-fire way to detect them would be to check the log files directly in $BBVAR/logs. Something like

cd $BBVAR/logs
$GREP '^blue ' * | while read
do
   HOST=`echo $REPLY | $CUT -d: -f1 | $CUT -d. -f1`
   SERVICE=`echo $REPLY | $CUT -d: -f1 | $CUT -d. -f2`

   # do something with the information
   echo "$SERVICE on $HOST is disabled"
done

(The casual shell scripter will recognize that this will fail for some medium to large sites...those with lots of log files...unless you have an insanely large buffer for command lines.)

The actual disable message (if any) is embedded into the status log and you'll have to parse that out. For the adventerous, you can parse the $BBVAR/hist files to find past occurrences of disabled hosts/services, then using those results, grabbing the appropriate status message from $BBVAR/histlogs to get the reason (if any.) This assumes you used the defaults when setting up Big Brother to store history and historical logs.

The where will be an IP address at the bottom of the status message. This is where the msesage came from. Determining who disabled a host/service - well, that's a different matter. If you are using one of the CGI scripts from Deadcat.net - then you don't need to go through all this - simply modify that code to gather all the information and do something with it.

The ultimate way is to hack the C code to the bbd daemon - but I don't recommend this as it makes upgrading hard and you'll be on your own for the most part in supporting it. This will give you the what, the where, the why (if they bothered to add a message) but not the who. Big Brother has no concept of users.

--Jeff

"Kernel-based message queues are sexy."
--
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-=-=-=-=-=-=-=-=-=
To unsubscribe from this list, or to subscribe to the bb-digest list
send e-mail to mailto:majordomo@bb4.com with unsubscribe bb -and/or-
subscribe bb-digest in the BODY of the message.

Follow-Ups:
- Re: {bb} find a way detect enable/disable OFFLINE (Blue) events in BB
  - From: Asif Iqbal <iqbala-bb@qwestip.net>

References:
- {bb} find a way detect enable/disable OFFLINE (Blue) events in BB
  - From: satish kumar <satish_lsurf@yahoo.com>

Prev by Date: Re: {bb} bbgen 3.5 and http
Next by Date: Re: {bb} bbgen 3.5 and http
Previous by thread: {bb} find a way detect enable/disable OFFLINE (Blue) events in BB
Next by thread: Re: {bb} find a way detect enable/disable OFFLINE (Blue) events in BB
Index(es):
- Date
- Thread

Home | Main Index | Thread Index