Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

Add a field to alert

https://support.nagios.com/forum/viewtopic.php?t=58348

Page 1 of 1

Add a field to alert

Posted: Tue Apr 28, 2020 2:43 am
by Titkun
Hi,
I have created a query and an alert for Windows Event ID 4740 (AD account lockout).
The alert runs every 30 minutes and sends an email if there is at least one lockout (in the past 30 minutes).
However, I would like to insert the value of <TargetUserName> to the email so that we know the name of the lockout account.

Currently I don't know how to do that, so every time I receive an alert email, I have to log in to Nagios Log Server, open the query to see the name of the lockout account. It's very inconvenient.

Could you please show me how can I extract that information to the alert email ?
Thank you very much for your help.

Re: Add a field to alert

Posted: Tue Apr 28, 2020 1:03 pm
by ssax
You should be able to setup an Email Template in Alerting that uses %lastalertlog% or %last10alertlog% and use that on the alert but there's not currently a way to add custom ones. I can submit a feature request on your behalf if you'd like?

Re: Add a field to alert

Posted: Tue Apr 28, 2020 10:27 pm
by Titkun
Yes ssax,
Thank you very much, please submit that feature request for me.
I just need to insert one (or some) fields in the query, not all the information as %lastalertlog%.

It's nice if I can insert such as %lastalertlog%:%TargetUserName%

Re: Add a field to alert

Posted: Wed Apr 29, 2020 1:42 pm
by ssax
I've requested the feature be added:

Code: Select all

FR: LS - Add the ability to add custom fields (from the log) to the Alerts email templates.
Please keep in mind that the decision to implement the enhancement is at the discretion of our development team.

Thank you
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited