diff options
Diffstat (limited to 'modules/monitoring/doc/10-Restrict-Custom-Variables.md')
| -rw-r--r-- | modules/monitoring/doc/10-Restrict-Custom-Variables.md | 77 |
1 files changed, 77 insertions, 0 deletions
diff --git a/modules/monitoring/doc/10-Restrict-Custom-Variables.md b/modules/monitoring/doc/10-Restrict-Custom-Variables.md new file mode 100644 index 0000000..8d3a3b1 --- /dev/null +++ b/modules/monitoring/doc/10-Restrict-Custom-Variables.md @@ -0,0 +1,77 @@ +# Restrict Access to Custom Variables <a id="monitoring-module-restrict-access-custom-variables"></a> + +* Restriction name: monitoring/blacklist/properties +* Restriction value: Comma separated list of GLOB like filters + +Imagine the following host custom variable structure. + +``` +host.vars. +|-- cmdb_name +|-- cmdb_id +|-- cmdb_location +|-- wiki_id +|-- passwords. +| |-- mysql_password +| |-- ldap_password +| `-- mongodb_password +|-- legacy. +| |-- cmdb_name +| |-- mysql_password +| `-- wiki_id +`-- backup. + `-- passwords. + |-- mysql_password + `-- ldap_password +``` + +`host.vars.cmdb_name` + +Blacklists `cmdb_name` in the first level of the custom variable structure only. +`host.vars.legacy.cmdb_name` is not blacklisted. + + +`host.vars.cmdb_*` + +All custom variables in the first level of the structure which begin with `cmdb_` become blacklisted. +Deeper custom variables are ignored. `host.vars.legacy.cmdb_name` is not blacklisted. + +`host.vars.*id` + +All custom variables in the first level of the structure which end with `id` become blacklisted. +Deeper custom variables are ignored. `host.vars.legacy.wiki_id` is not blacklisted. + +`host.vars.*.mysql_password` + +Matches all custom variables on the second level which are equal to `mysql_password`. + +`host.vars.*.*password` + +Matches all custom variables on the second level which end with `password`. + +`host.vars.*.mysql_password,host.vars.*.ldap_password` + +Matches all custorm variables on the second level which equal `mysql_password` or `ldap_password`. + +`host.vars.**.*password` + +Matches all custom variables on all levels which end with `password`. + +Please note the two asterisks, `**`, here for crossing level boundaries. This syntax is used for matching the complete +custom variable structure. + +If you want to restrict all custom variables that end with password for both hosts and services, you have to define +the following restriction. + +`host.vars.**.*password,service.vars.**.*password` + +## Escape Meta Characters <a id="restrict-access-custom-variables-escape-meta-chars"></a> + +Use backslash to escape the meta characters + +* * +* , + +`host.vars.\*fall` + +Matches all custom variables in the first level which equal `*fall`. |