Nagios Support Forum

Hello,

I am currently testing a new Nagios Log server installation. I have created a query based on windows event logs and an alert on it. The alert comes as follows:

DHCP Scope Full returned with a CRITICAL state at Wed, 22 May 2019 17:11:44 +0300
The alert was processed with the following thresholds:
• Lookback period: 1d
• Warning: 1
• Critical: 1
Here is the full alert output:

CRITICAL: 4 matching entries found |logs=4;1;1

See the last 1d in the Nagios Log Server dashboard.
Nagios Log Server

Is it possible to include the actual message field from the event? Instead of "CRITICAL: 4 matching entries found |logs=4;1;1" i would like to get something like "CRITICAL: There are no IP addresses available for lease in the scope..."

This is the default email template you can create a new template to include %lastalertlog% OR %last10alertlogs%. Templates are configured under Alerting > Alert Settings > Email Templates.

Thanks for the prompt reply!

I put the %lastalertlog% and it returned the whole event in the mail. I hoped that I could include only the "message" field of the event, but it's OK.

vlachopoulosd wrote:Thanks for the prompt reply!

I put the %lastalertlog% and it returned the whole event in the mail. I hoped that I could include only the "message" field of the event, but it's OK.

At this tine there is only an option to get the whole event.