Forum Discussion
CirrusLooking to create an alert monitor when a specific user creates, modifies, and/or deletes an object
Hey Community,
I am looking to configure an alert that sends an email when a specific user creates, modifies, and/or deletes an object. I found this page:
https://support.f5.com/csp/article/K30371285
I found this code on the page:
alert <filter_name> "object (.*) - create" {
email toaddress="<email address>"
fromaddress="<bigip user>"
body="<text message>"
} alert <filter_name> "object (.*) - obj_delete" {
email toaddress="<email address>"
fromaddress="<bigip user>"
body="<text message>"
} alert <filter_name> "object (.*) - modify" {
email toaddress="<email address>"
fromaddress="<bigip user>"
body="<text message>"
}
And it works but it always sends an email when any user makes a change. Just wondering if there is a way to tweak this so i don't receive emails when admin or root makes changes etc....
1 Reply
JGCumulonimbus
You can use the respective regex as follows:
^((?!.*user (admin|root) -.*).)*object (.*) - modify.*$ ^((?!.*user (admin|root) -.*).)*object (.*) - create.*$ ^((?!.*user (admin|root) -.*).)*object (.*) - obj_delete.*$.
This could be resource intensive, though.
