Hi,
Running zabbix 1.6.6.
I'm trying to monitor the eventlog of a couple of specific servers, for anything that is a high severity.
Ideally i'd like it to raise a trigger if we get 3 or 4 high severities within 1 hour (or something like that), and only if it happens within certain time periods.
In psudo code, I'm looking for:
I have the following statements, but unsure how to plug them all together! So far, i can raise a trigger on a single event, or an event with a specific string in (as that will be next)...
and also this code does my timing -
Can anyone point me in the direction?
Running zabbix 1.6.6.
I'm trying to monitor the eventlog of a couple of specific servers, for anything that is a high severity.
Ideally i'd like it to raise a trigger if we get 3 or 4 high severities within 1 hour (or something like that), and only if it happens within certain time periods.
In psudo code, I'm looking for:
Code:
If time is > 5am, and < 11pm, then
If I get X events in the past Y minutes, with Z severity, then raise this trigger
end if
I have the following statements, but unsure how to plug them all together! So far, i can raise a trigger on a single event, or an event with a specific string in (as that will be next)...
Code:
({T_CM2K_EventViewer:eventlog[application].logseverity(4)}=4)&
({T_CM2K_EventViewer:eventlog[application].count(#3)})
Code:
({T_CM2K_EventViewer:status.time(0)}>050000)&
({T_CM2K_EventViewer:status.time(0)}<230000)
Can anyone point me in the direction?
)
Comment