Nagios Support Forum

Support for Nagios products and services
https://support.nagios.com/forum/

Getting Alerts with Context out of Log Server

https://support.nagios.com/forum/viewtopic.php?t=62696

Page 1 of 1

Getting Alerts with Context out of Log Server

Posted: Thu May 27, 2021 1:03 pm
by dh0125e
I'm trying to get logs with context that are more then just "X iterations were found". From the previous question I posted only email supports the macro for the actual logs.

So now I'm looking into what external API query options I have ...

Can I execute a saved query via the REST API? I found how to execute a custom on demand query however I don't want to have to manage the queries in an external system.

Re: Getting Alerts with Context out of Log Server

Posted: Fri May 28, 2021 11:32 am
by gsmith
Hi

It sounds like it is possible, but not simple. Search for the saved query and
within the response will be searchSourceJSON. It is a JSON encoded object from which
you can use the index and query to then query Elasticsearch directly.

I have not tried this so I do not know how much, if any, massaging of the returnede data is
required to create a query on-the-fly.

Thanks
All times are UTC-05:00
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited