We do not notify on acknowledgement, but encountered a situation where the service since recovered so any previous acknowledgement is gone along with any trace as far as I can tell.
My boss wants to know:
1. who, if anyone, acknowledged this alert from 2 days ago
2. what they said in the acknowledgement comment (i.e. how they claimed to have handled it).
I found an ACKNOWLEDGE_SVC_PROBLEM entry in auditlog.log which gives the who but not the associated comment. Is that stored anywhere?
Acknowledgement history?
Re: Acknowledgement history?
It may still be in the DB, you can try editing the two dates and times in the below command to get a list, narrow it down to a little before and a little after the ACKNOWLEDGE_SVC_PROBLEM time in the audit log.
The syntax would be:
between 'FROMDATETIME' AND 'TODATETIME'
Let me know if you have any questions.
Thank you
Code: Select all
echo "select nagios_objects.name1, nagios_objects.name2, nagios_acknowledgements.* from nagios_acknowledgements left join nagios_objects on nagios_objects.object_id = nagios_acknowledgements.object_id where entry_time between '2018-08-15 14:48:00' AND '2018-08-15 14:51:04';" | mysql -uroot -pnagiosxi nagiosbetween 'FROMDATETIME' AND 'TODATETIME'
Let me know if you have any questions.
Thank you