Nagios Support Forum

I have a requirement to send the details of one line with an alert triggered by the next line from the some log source from the same server. The application log I am reading notes the reference number of the affected business data in one line and the next lines shows the error code.
Two examples are shown here.

To explain the first example. The reference number in the first line is '1/0/221127' and the error code of '#' is in the second line.

I would like to send an message with the alert saying something like;
'An error has occurred processing Delivery note 1/0/22127'

The number '27752' is the windows process ID and is not unique to a pair messages. A single process can process multiple Delivery notes some with errors and some without errors.

20200724:033019.411 0:27752 Delivery Notes(Customers) : Delivery note 1/0/221127 has a state of OK and cannot be changed
# 20200724:033019.417 0:27752 Delivery Notes(Customers) : End Delivery Note processing (Customers)


20200724:095235.369 0:22484 Delivery Notes(Customers) : Delivery note 1/0/221244 has a state of OK and cannot be changed
# 20200724:095235.373 0:22484 Delivery Notes(Customers) : End Delivery Note processing (Customers)

This may work for what you're trying to do if the messages come in together as a multi-line syslog item:
- See the "Configure Nagios Log Server" section

https://support.nagios.com/kb/article/n ... g-727.html