Create a alert for the log servers stops receiving logs.

[anish]

Hi

I would like to create a alert in Nagios Log server if log server doesn't receive logs from a particular resource suddenly .How to configure the alert for my requirement?

[scottwilkerson]

when you go to create the alert, to alert on nothing being found place the following in the Thresholds

Code: Select all

1:

[anish]

Do I have to mention anything at Alert Name like log resource name ?

Please check the snap shot attached

[mcapra]

The alert name is for reference only. You can put whatever in there, but the "Query" you use should be one that matches all results. Something like a query with a generic * search should work.

[anish]

Hi ,

For example i need a alert to be created for the log message contains "The host "157.96.177.86:1514" has become unreachable. Remote logging to this host has stopped"

In the alert i need the details like Log source name, message,Program. Please check the snap shot attached .

I need alert for each log source separately. Is that possible .

[avandemore]

Currently the most flexible way to send alerts is with the script method.

Then you can pass the data via argument to the script which can act on it appropriately. If you just did a query on a partial match eg "has become unreachable. Remote logging to this host has stopped" an alert can be made from it.

Does this answer your question?

[tmcdonald]

Just checking in since we have not heard from you in a while. Did @avandemore's post clear things up or has the issue otherwise been resolved?

[anish]

We are still working on queries as we are not getting correct out put from Nagios

[cdienger]

Thanks for the update. Let us know if there is anything we can help with.