Description:
SUMO is sending a summary report every 2 Hours even when there were no changes on the Cloud appliance file system. The summary will look like :
18 directories targeted
60 total directories scanned
1345 files scanned
7 new errors
7 directories added
-7 files previously changed
When a change is detected, the email will also include a list of the file system changes (see changes in red below). This email will look like :
18 directories targeted
60 total directories scanned
1345 files scanned
10 new errors
10 directories added
-8 files previously changed
1 files previously added
File system change list:
/usr/LANDesk/broker/broker.conf => CHANGED
size changed from 516 to 534, time changed from 2012-11-08 17:24:15 to 2012-11-15 09:59:27, hash changed
/usr/LANDesk/broker/webroot/client/style.php => CHANGED
/usr/LANDesk/broker/webroot/gsb/style.php-sumotest => ADDED
file has been added
(I highlighted in red the file system change above but the SUMO report email is just plain text without any colour)
How to differentiate the summary email from a real change alert email ?
You can setup a rule in your email client to filter the body of the SUMO email for "system" and/or "list" so you can differentiate the standard summary email from a change alert email.
Environment:
Apply to Landesk Cloud Appliance Version 4.0 and 4.2