At the moment i get a notification if the status of the log changes. So far so good.
I send an E-Mail notofication to my ticketing system to work on the issue.
My problem is, that now the helpdesk workers receiving the tickets have to be fast to delete the entry in the Checkmk Log. The Log has to be deleted, or the next entry wont change the state of the Log Service and therefore there is no notification send to the Ticketing system informing about the new error.
Is it possible to automatically delete the logs after the notification is send?
Please stay avai with the event console, we can’t transfer our Logfile Patterns there because the logic would be so messy to set up there.
And I know i can delete the logfiles on the Checkmk Server in “var/check_mk/logwatch” with a cron job, but even if I delete them every Minute, there is still potential to miss a Log entry.
No, as I said, the EC is no option!!
We would have to make houndreds or thousands of rules and you can’t even apply rules to tags.
This would be a mess.
I guess instead of a cronjob you could set up an alert handler that is triggered at the same time the notification is triggered and deletes the logfile. That should always happen before the agent is contacted the next time and hence before new log entries are written.
(haven’t tested it, but it could work^^)
This topic was automatically closed 365 days after the last reply. New replies are no longer allowed. Contact an admin if you think this should be re-opened.