Nagios Support Forum

Got it. Thanks man.

Hey guys, so I am having another issue that I cant find any answers to online. When I configure Nagios to send an email to me on any new events, and I have it read out the last log with %lastalertlog%, it just prints out a jumbled mess of all my parsed fields. Is there any way to pick and choose whi...

Embarrassing; I had it configured incorrectly Thanks Holden!

Okay, so I set up the alert with these settings: http://imgur.com/7b9MTDB And it seems to be working, it captures the correct events, and it all looks correct when I click on "show alert in dashboard," but it doesn't send any emails. I checked all the basic stuff such as making sure the em...

Hey guys, I am trying to email 2 users when a new log comes in on my custom query. I have tried setting it up in the Alerting page and also Nagios Reactor, but the problem is that the severity of the logs is "notice" and the only two options for the alerts are warning and critical, so noth...

Sure. Should be all set.

Worked perfectly. I didn't even think of that. Thanks buddy!

<%{POSINT:SysLogPri}>%{CISCOTIMESTAMP} %{GREEDYDATA:Bit9_Server} Bit9 event: +text=%{QS:Bit9_text} type=%{QS:Bit9_Type} subtype=%{QS:Bit9_subtype} hostname=%{QS:Bit9_Hostname} username=%{QS:Bit9_User} date=%{QS:Bit9_Date} ip_address=%{QS:Bit9_client_ip} process=%{QS:Bit9_Process} file_path=%{QS:Bit...

Hello, I am having an issue when I try to parse a logstash log that has an optional field. The optional field is called installer_name, but when I try (installer_name=%{QS:Bit9_installer_exe})? it doesn't match. I am using http://grokconstructor.appspot.com/do/match#result to test my pattern, and it...

No luck with that. I had actually changed that back before. Is it not giving you the grokparsefailure?

Would you mind posting your full configuration so I can see if I have any other stupid typos or anything?

Thanks!