tweaking 'views' in Nagios

[Carroll, Jim P [Contractor]]

Last night I finally made the bold leap to restricting views in the Nagios
web interface via the authorized_for_* directives in cgi.cfg.  To wit, the
new values for the latest config is:

authorized_for_system_information=*
authorized_for_configuration_information=*
authorized_for_system_commands=nagiosadmin,jcarro10
authorized_for_all_services=nagiosadmin,guest
authorized_for_all_hosts=nagiosadmin,guest
authorized_for_all_service_commands=nagiosadmin
authorized_for_all_host_commands=nagiosadmin

So far, so good!

However, I have a few DBAs that belong to the dev-dbas contactgroup, and
that contactgroup is defined in quite a few (Oracle-related) services.  If
one of the DBAs logs in to Nagios, the Tactical Overview lists 109 services
but no (zero, zilch) hosts.  Which makes sense given the permissions,
really.  If he clicks on Service Detail, he see alls their wonderful
services listed there, and only theirs.  Sweet!  However, if he clicks on
Host Detail (Status Overview, Status Summary, Status Grid), he gets the "It
appears as though you don't have permission..." message.  The Status Map is
functionally useless (no hosts shown).

It would be nice if the DBAs could see the hosts (only those hosts related
to the services they're monitoring).  The obvious solution would be to add
the dev-dbas contactgroup to the relevant hosts.  I have two concerns in
this regard:

- doing so would allow a DBA to acknowledge a host problem or put it into
scheduled downtime, etc.
- doing so might give the DBAs a view with services that they don't care to
know about (too much clutter)

SO, I was wondering if there's a way to grant them read-only access to the
hosts.  Ideas, anyone?

jc


-------------------------------------------------------
This SF.NET email is sponsored by:
SourceForge Enterprise Edition + IBM + LinuxWorld = Something 2 See!
http://www.vasoftware.com