monitoring: Update security documentation

2015-06-18 15:48:01 +02:00 · 2015-06-18 15:48:01 +02:00 · 22feb08f44
parent 8296e2f4c8
commit 22feb08f44
2 changed files with 18 additions and 27 deletions
--- a/doc/security.md
+++ b/doc/security.md
@ -108,14 +108,14 @@ To get you a quick start, here is an example of what a role definition could loo


    [winadmin]
-    users = "jdoe, janedoe"  
+    users = "jdoe, janedoe"
    groups = "admin"
    permissions = "config/application/*, monitoring/commands/schedule-check"
-    monitoring/filter/objects = "host=*win*"
+    monitoring/filter/objects = "host_name=*win*"


 This example creates a role called **winadmin**, that grants all permissions in `config/application/*` and `monitoring/commands/schedule-check` and additionally only
-allows the hosts and services that match the filter `host=*win*` to be displayed. The users
+allows the hosts and services that match the filter `host_name=*win*` to be displayed. The users
 **jdoe** and **janedoe** and all members of the group **admin** will be affected
 by this role.

@ -210,8 +210,8 @@ Any filter expression that is allowed in the filtered view, is also an allowed f
 This means, that it is possible to define negations, wildcards, and even nested
 filter expressions containing AND and OR-Clauses.

-The filter expression will be **implicitly** added as an **AND-Clause** to each query on 
-the filtered data. The following shows the filter expression `host=*win*` being applied on `monitoring/filter/objects`.
+The filter expression will be **implicitly** added as an **AND-Clause** to each query on
+the filtered data. The following shows the filter expression `host_name=*win*` being applied on `monitoring/filter/objects`.


 Regular filter query:
@ -225,7 +225,7 @@ With our restriction applied, any user affected by this restrictions will see th
 results of this query instead:


-    AND-- host = *win*
+    AND-- host_name = *win*
     |
     +--AND-- service_problem = 1
         |
@ -257,13 +257,13 @@ the filter expressions. The following examples will show the usefulness of this

    [winadmin]
    groups = "windows-admins"
-    monitoring/filter/objects = "host=*win*"
+    monitoring/filter/objects = "host_name=*win*"

 Will display only hosts and services whose host name contains  **win**.

    [webadmin]
-    groups = "web-admins"  
-    monitoring/filter/objects = "host!=*win*"
+    groups = "web-admins"
+    monitoring/filter/objects = "host_name!=*win*"

 Will only match hosts and services whose host name does **not** contain **win**

@ -276,4 +276,4 @@ Notice that because of the behavior of two stacking filters, a user that is memb
    monitoring/filter/objects = "(hostgroup_name=bsd-servers|hostgroup_name=linux-servers)"

 This role allows all members of the group unix-admins to see hosts and services
-that are part of the host-group linux-servers or the host-group bsd-servers.
+that are part of the host-group linux-servers or the host-group bsd-servers.
--- a/modules/monitoring/doc/security.md
+++ b/modules/monitoring/doc/security.md
@ -38,7 +38,7 @@ The monitoring module allows filtering objects:


 This filter will affect all hosts and services. Furthermore, it will also
-affect all related objects, like notifications, downtimes or events. If a
+affect all related objects, like notifications, downtimes and events. If a
 service is hidden, all notifications, downtimes on that service will be hidden too.


@ -47,19 +47,10 @@ service is hidden, all notifications, downtimes on that service will be hidden t
 The following filter column names are available in filter expressions:


-| Column                                               |
-|------------------------------------------------------|
-| host                                                 |
-| host_alias                                           |
-| host_display_name                                    |
-| host_name                                            |
-| hostgroup                                            |
-| hostgroup_alias                                      |
-| hostgroup_name                                       |
-| service                                              |
-| service_description                                  |
-| service_display_name                                 |
-| service_group                                        |
-| service_group_alias                                  |
-| service_group_name                                   |
-| + all custom variables prefixed with host or service |
+| Column                                                       |
+|--------------------------------------------------------------|
+| host_name                                                    |
+| hostgroup_name                                               |
+| service_description                                          |
+| servicegroup_name                                            |
+| + all custom variables prefixed with `_host_` or `_service_` |