Page 1 of 1
Notification alert count
Posted: Fri Aug 13, 2021 2:59 am
by mejokj
Hello,
I need to count total number of notification for a certain time period using CLI. Kindly help a way to achieve it.
Re: Notification alert count
Posted: Fri Aug 13, 2021 4:48 pm
by benjaminsmith
Hi,
The easiest way would be to download the notifications report to csv file for a custom date period. I could find a way to get this too easily from the API, but you could search the nagios logs files for notification entries for a specified period. For example:
Code: Select all
find -newermt "01 January 2021" -not -newermt "13 August 2021" -exec cp {} /tmp \;
grep -ri 'host notification\|service notification' /tmp | wc -l
Re: Notification alert count
Posted: Mon Aug 16, 2021 4:39 am
by mejokj
Hello,
The Total count which shows after running the command shows less. Its bigger than this.
[root@nagiosphy2 ~]# find -newermt "01 July 2021" -not -newermt "31 July 2021" -exec cp {} /tmp \;
You have new mail in /var/spool/mail/root
[root@nagiosphy2 ~]# grep -ri 'host notification\|service notification' /tmp | wc -l
20848
[root@nagiosphy2 ~]#
The count shows constant value when I try the below
[root@nagiosphy2 24hour]# find -newermt "01 January 2021" -not -newermt "13 August 2021" -exec cp {} /tmp \;
[root@nagiosphy2 24hour]# grep -ri 'host notification\|service notification' /tmp | wc -l
20848
Re: Notification alert count
Posted: Mon Aug 16, 2021 10:38 am
by jdunitz
You might have better results using zgrep, because some of the logs may be compressed. Also, in my example here, I'm able to one-shot it without writing temporary files:
find -newermt "01 January 2021" -not -newermt "13 August 2021" -exec zgrep -i 'host notification\|service notification' {} \;
Does that work better, or does it still miss some stuff you're expecting to see?
--Jeffrey
Re: Notification alert count
Posted: Tue Aug 17, 2021 12:44 am
by mejokj
There is no output with the command provided
[root@nagiosphy2 ~]# find -newermt "01 January 2021" -not -newermt "13 August 2021" -exec zgrep -i 'host notification\|service notification' {} \;
You have new mail in /var/spool/mail/root
[root@nagiosphy2 ~]#
Re: Notification alert count
Posted: Tue Aug 17, 2021 9:51 am
by jdunitz
No output at all? That's odd...you're doing the find from /usr/local/nagios/var/archives, correct?
Are the permissions OK there? Could you do a:
ls -l /usr/local/nagios/var/archives
and make sure the files in there are all readable?
--Jeffrey
Re: Notification alert count
Posted: Tue Aug 17, 2021 10:01 am
by jdunitz
You can also pull this info right from the DB, if you like:
SELECT * FROM nagios_logentries WHERE logentry_type IN ('524288', '1048576') AND entry_time BETWEEN '2021-08-17 00:00:00' AND '2021-08-18 00:00:00';
As a one-shot command from the shell:
echo "SELECT * FROM nagios_logentries WHERE logentry_type IN ('524288', '1048576') AND entry_time BETWEEN '2021-08-17 00:00:00' AND '2021-08-18 00:00:00';"| mysql -t -u root -pnagiosxi nagios
Note that there are only 90 days of logentries in the DB, so if you need to go back farther than that, you'd be out of luck, and the archived logs would be your only option.
--Jeffrey
Re: Notification alert count
Posted: Wed Aug 18, 2021 1:22 am
by mejokj
Hi Jeffrey,
Please close the thread.
I got the required information with the commands provided.
Thanks for your support