From 8ca6cc32b2c789a3149861159ad258f2cb9491e3 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 28 Apr 2024 14:39:39 +0200 Subject: Adding upstream version 2.11.4. Signed-off-by: Daniel Baumann --- .../monitoring/doc/10-Restrict-Custom-Variables.md | 77 ++++++++++++++++++++++ 1 file changed, 77 insertions(+) create mode 100644 modules/monitoring/doc/10-Restrict-Custom-Variables.md (limited to 'modules/monitoring/doc/10-Restrict-Custom-Variables.md') diff --git a/modules/monitoring/doc/10-Restrict-Custom-Variables.md b/modules/monitoring/doc/10-Restrict-Custom-Variables.md new file mode 100644 index 0000000..8d3a3b1 --- /dev/null +++ b/modules/monitoring/doc/10-Restrict-Custom-Variables.md @@ -0,0 +1,77 @@ +# Restrict Access to Custom Variables + +* Restriction name: monitoring/blacklist/properties +* Restriction value: Comma separated list of GLOB like filters + +Imagine the following host custom variable structure. + +``` +host.vars. +|-- cmdb_name +|-- cmdb_id +|-- cmdb_location +|-- wiki_id +|-- passwords. +| |-- mysql_password +| |-- ldap_password +| `-- mongodb_password +|-- legacy. +| |-- cmdb_name +| |-- mysql_password +| `-- wiki_id +`-- backup. + `-- passwords. + |-- mysql_password + `-- ldap_password +``` + +`host.vars.cmdb_name` + +Blacklists `cmdb_name` in the first level of the custom variable structure only. +`host.vars.legacy.cmdb_name` is not blacklisted. + + +`host.vars.cmdb_*` + +All custom variables in the first level of the structure which begin with `cmdb_` become blacklisted. +Deeper custom variables are ignored. `host.vars.legacy.cmdb_name` is not blacklisted. + +`host.vars.*id` + +All custom variables in the first level of the structure which end with `id` become blacklisted. +Deeper custom variables are ignored. `host.vars.legacy.wiki_id` is not blacklisted. + +`host.vars.*.mysql_password` + +Matches all custom variables on the second level which are equal to `mysql_password`. + +`host.vars.*.*password` + +Matches all custom variables on the second level which end with `password`. + +`host.vars.*.mysql_password,host.vars.*.ldap_password` + +Matches all custorm variables on the second level which equal `mysql_password` or `ldap_password`. + +`host.vars.**.*password` + +Matches all custom variables on all levels which end with `password`. + +Please note the two asterisks, `**`, here for crossing level boundaries. This syntax is used for matching the complete +custom variable structure. + +If you want to restrict all custom variables that end with password for both hosts and services, you have to define +the following restriction. + +`host.vars.**.*password,service.vars.**.*password` + +## Escape Meta Characters + +Use backslash to escape the meta characters + +* * +* , + +`host.vars.\*fall` + +Matches all custom variables in the first level which equal `*fall`. -- cgit v1.2.3