Unfortunately, because no other solution was available, we enabled event based monitoring for a certain software on our shop floor servers years ago.
Our local admins never get used to this and most of them didn’t neither acknowledge nor archive their events. Today we have a state based monitoring for this software in place and I want to get rid of these millions of alerts. The problem is, that these alerts are distributed over ~250 remote sites. In the event view of the master site I see the events but the page is limited to 1000 entries. Ok, I can increase but not to the mass of events I want to delete.
In event console settings we have:
Event history lifetime................................. 365 days
But this is only for already archived events.
If I well understood I can delete the files in ~/var/mkeventd/history but I need to do this on 250 remote computers.
Before I start and write a script which run over all the remote sites and delete the history files I like to ask the community if there is a more elegant way to do it or any other option to expire and auto archive these events.
I know in event console is the option “Limit event lifetime” but this will not work for the existent events as far as I tested this option.
Any help is much appreciated