Hello,

I think you can do this by whitelisting the specific commands you need from cmd-return

https://docs.centreon.com/fr/pp/integrations/plugin-packs/getting-started/how-to-guides/cma/cma-setup/#ajoutez-les-commandes-cma-à-vos-listes-blanches-personnalisées

Especially in the cma-whitelist block

By whitelisting only the commands you needs for monitoring purpose, you exclude every other commands

Hope it helps

I don’t understand how this whitelist is working

On the poller, in your custom whitelist file (e.g., /etc/centreon-engine-whitelist/my-whitelist.yml), include the following lines in the cma-whitelist block:

But I want to limit commands on the server who host the agent, not the Poller.

Because I’m admin of the host, not the Centreon.

Hi, as discussed together, we could implement a local whitelist, on Host, which would be merged with cma-whitelist (inherited from poller) in 2 modes : 

• append : the whitelist used by CMA is a merge of poller-definied and local whitelist
• replace : only local whitelist is used

This idea is currently being discussed on our side.

Hello, thank you all for your response.
Does the cma-whitelist apply to the cma agent on the host also when we are on communication mode agent to poller or does it just apply when the poller is doing the check ?

Hi, the whitelist applies, with same behavior, on both direction.

The direction only has an impact on initiating. Once the connection is up, no difference.