How to reset volatile passive services to "OK"?
Posted: Wed Apr 16, 2014 10:58 am
I set up portsentry like described on the Volatile Services page.
I get emails when portsentry reports a port scan even if the service is already to "Critical" but it seems the service is stuck to critical for ever.
Is it possible to reset it to "Ok" manually or after a while? I tryed with an acknowledgment but I don't think it's the right way since I guess it could prevent alerts when the status is already on "Critical".
It also seems that Nagios forces me to use a check_command with a passive check. I think it's useful when you expect passives results and you want an alerts if you don't receive any for a while. It doesn't apply to me since portsentry only reports when there's a problem.
Is using check_dummy with check_freshness to reset the state to "Ok" the only way?
Thanks!
I get emails when portsentry reports a port scan even if the service is already to "Critical" but it seems the service is stuck to critical for ever.
Is it possible to reset it to "Ok" manually or after a while? I tryed with an acknowledgment but I don't think it's the right way since I guess it could prevent alerts when the status is already on "Critical".
It also seems that Nagios forces me to use a check_command with a passive check. I think it's useful when you expect passives results and you want an alerts if you don't receive any for a while. It doesn't apply to me since portsentry only reports when there's a problem.
Is using check_dummy with check_freshness to reset the state to "Ok" the only way?
Thanks!