Nagios Support Forum

Hello LOG support

We have Dashboard query finding many entries within the same minute (attached), but alert query (either one) created from dashboard query finds nothing where we are looking for 3 events within 10 minutes (with over hundred events shown by the dashboard)

Is there "real life examples" of LOG configurations we could use (step-by-step)?
-yes attended 2-day (rather 6-hour) training, NO no help in using the product for real tasks.

Thanks

P.S. Not user friendly product (even when its user is in IT field for over quarter of the century) . No configuration examples in manual.

We have quite a few documents that may be useful to you:

• Technical Overview and Terminology
• Configuring Input Filters
• Analyzing Logs
• Alerting on Log Events

In addition, we have our Support Knowledgebase with a whole section (44 articles) devoted to Logserver: https://support.nagios.com/kb/category.php?id=3

We also have videos from our last two world conferences regarding Logserver:

2014 https://www.youtube.com/watch?v=S_B5AJ-xvWs
2015 https://www.youtube.com/watch?v=wORXARN0TA0



In regards to your current issue, can you please send over the query you are alerting on? You can export it to a file by clicking the question mark button in the dashboard, then clicking the "Export query to file" button. Attach that in your reply, please.

Also, for the alert, can you send a screenshot of the settings? In particular, I am interested in the lookback period.

This was resolved over remote.