Hi,
It is often necessary to display the preceding and following 5 lines of a search query, for example.
Is there an easier way than filtering by host and time span after I have found the corresponding query string?
I would also need something like this for alerting.
That not only the line with the matching search query is in the alert e-mail but also 5 lines before and after it in the log file
Thanks,
Marcel
Question regarding search results surrounding a search query
-
jmichaelson
- Posts: 383
- Joined: Wed Aug 23, 2023 1:02 pm
Re: Question regarding search results surrounding a search query
Out of curiosity, what sort of log files are you searching? If its something where the preceding and following five-ish lines are effectively part of the same log and aren't being processed that way, you may want to have a look into configuring the source to send them as multi line logs and configure a Nagios Log Server input to receive and process them that way. We have multiple resources available to demonstrate this. Without knowing your sources, I'll just leave the [url =https://www.google.com/search?q=nagios+ ... &gws_rd=cr]Google search results here[/url]. Also without any information on the log specifics its hard to provide guidance on how to configure the sources and inputs, so if you can provide some of that it would be helpful inguiding you.
If they're not multiple lines, but merely related, then its a lot harder to do without all the filtering you mention as things are today. But that's a really good idea for functionality to add.
If they're not multiple lines, but merely related, then its a lot harder to do without all the filtering you mention as things are today. But that's a really good idea for functionality to add.
Please let us know if you have any other questions or concerns.
-Jason
-Jason