Many thanks for that direction (I should admit I've checked the zenhub log
without lowering the logseverity first).
It turned out that *all* coming traps were matched to a mapping with the
following characteristics:
Event Class Key:
defaultmapping
Transform:
if evt.message.find("Failed password for nik from") > -1:
evt.action = "drop"
(I've put that mapping in /Events/Security/Login/BadPass just to get rid of
some syslog messages telling nothing more than what a poor typist I am.)
I cannot say what caused this abnormal matches to start appear at some point. I
deleted the mapping and traps started getting through. I added the very same
mapping again and my traps are still matched/transformed/displayed without
problems, at least for the time being.
-------------------- m2f --------------------
Read this topic online here:
http://forums.zenoss.com/viewtopic.php?p=28175#28175
-------------------- m2f --------------------
_______________________________________________
zenoss-users mailing list
[email protected]
http://lists.zenoss.org/mailman/listinfo/zenoss-users
