To Check_MK Team,
I have a logstash host, and it received a bunch of logs from different types of systems. Some logs are application logs that need to be addresses, and some are from sign-ins to different systems.
I would like these sign-in logs to send an e-mail for each log line, and not generate an ‘alert’ in the dashboard. I have defined different patterns for Warning and Error in the logwatch config, but currently these Warnings and Errors aggregate and become an alarm in the Check_MK dashboard, and the e-mail is sent only once, until a person comes in and reads through all the log lines. Instead, I want it to send an e-mail for each line that matches the Warning/Error pattern.
How can I achieve this?
Thanks!