* Abhijit Menon-Sen <[email protected]> [2013-04-09 08:32]:
> Looking at the code of is_authorized, I don't understand how host check
> results are allowed, and I don't understand where and how the following
> behaviour described in nsca-ng.cfg(5) is implemented:
>
> «If a specified string includes one or more at signs (`@'), only the
> part preceding the last of these at signs is matched against the
> "service description" field. The part following this at sign is
> used as a separate pattern which is matched against the "host
> name" field of the same command. A service check result is then
> accepted only if both matches succeed for a given command.»
This is all about service checks: ".+@foo" permits any service check
results for the "foo" host, ".+" allows any service check results for
any hosts, but neither of these patterns permit any host check results
to be submitted (as you figured out already).
In order to accept arbitrary host check results, you'd specify:
commands = "PROCESS_HOST_CHECK_RESULT;.+"
To accept only check results for the host "foo":
commands = "PROCESS_HOST_CHECK_RESULT;foo;.+"
I guess the server should also support explicit "hosts" patterns (along
the lines of "services"). I'm just a bit unsure as to whether they
should only permit host check results or also service check results for
matching hosts.
Holger
