/opt/pmx/etc/scheduler.d/monitor-reactor.conf
Specifies the reaction to particular action events generated by the pmx-monitor-analyzer.
<reactor email_on_too_much_mail_from_host> use = PureMessage::Monitor::Reactor::Email event = too_much_mail_from_host to = admin@example.com subject = Too much mail from %%RELAY_HOST%% template = alert-threshold.tmpl </reactor>
The E-mail reactor sends a customizable e-mail message in response to an Action Event. The following configuration options can be used to help configure the E-mail reactor:
%%SUBJECT%%
template variable used below).
<pmx>/etc/templates/en/monitor/
directory.
Your template should include any e-mail headers that you wish to have present in the message; e-mail headers are not added automatically. If not specified, a default template is used instead.
When processing the e-mail message template, substitution variables are created automatically for all of the fields within the Action Event; depending on which Analyzer generated the Action Event you may have different fields available to you. This list of substitution variables is supplemented with the following other additional fields:
%%SUBJECT%%
%%FROM%%
%%TIME_STAMP_STR%%
<reactor audit_log> use = PureMessage::Monitor::Reactor::Log event = all logfile = monitor_audit_log format = %%NAME%% occurred at %%TIME_STAMP_STR%% </reactor>
The Log reactor logs a message to a specified logfile in response to an Action Event being generated. The following configuration options can be used to help configure the Log reactor:
Substitution variables are created automatically for all of the fields within th eAction Event; depending on which Analyzer generated the Action Event you may have different fields available to you.
<reactor auto_blacklist> use = PureMessage::Monitor::Reactor::ListAdd event = too_much_spam_from_host list = blacklisted-hosts </reactor>
The ListAdd reactor takes the value from the Action Event and adds it to a specified list (if its not already there). The following configuration options can be used to help configure the ListAdd reactor:
NOTE: The ListAdd reactor is currently hard-wired to the structure of the Action Event generated by the ``Threshold'' Analyzer; when more analyzers come available this reactor may be subject to change.
<reactor temp_blacklist_host> use = PureMessage::Monitor::Reactor::ListAddTemporary event = too_much_spam_from_host list = blacklisted-hosts expiry = 3600 </reactor>
The ListAddTemporary reactor takes the value from the Action Event and temporarily adds it to a specified list. Existing values have their expiry time pushed ahead into the future. The following configuration options can be used to help configure the ListAddTemporary reactor:
NOTE: The ListAddTemporary reactor is currently hard-wired to the structure of the Action Event generated by the ``Threshold'' Analyzer; when more analyzers come available this reactor may be subject to change.
Copyright (C) 2000-2008 Sophos Group. All rights reserved. Sophos and PureMessage are trademarks of Sophos Plc and Sophos Group.