Hi all,
Am I completely misunderstanding how nodata() works? I use it to get a warning if we have error logs in the last 10 minutes and I expect it to trigger at most once every 10 min (because, once it is triggered, it is in the state "on" and there must be 10 min without any new data for it to become "off" again and thus start reacting to new data). However this doesn't work and it sends me warnings every few minutes. What am I missing?
The trigger is:
The trigger has Event generation = Normal.
I am getting emails for this trigger from Zabbix every few minutes, showing the "At .." part of the e-mail, starting from the oldest one:
Notice that there is only one host that can be generating these, i.e. the cause of multiple alerts isn't that they happen on different hosts.
Thank you!
Am I completely misunderstanding how nodata() works? I use it to get a warning if we have error logs in the last 10 minutes and I expect it to trigger at most once every 10 min (because, once it is triggered, it is in the state "on" and there must be 10 min without any new data for it to become "off" again and thus start reacting to new data). However this doesn't work and it sends me warnings every few minutes. What am I missing?
The trigger is:
Code:
{my_template:log["/tmp/ada/hive.log","ERROR",,20].nodata(600)}=0
I am getting emails for this trigger from Zabbix every few minutes, showing the "At .." part of the e-mail, starting from the oldest one:
- At 13:44:29
- At 13:42:18 (e-mail received later but the trigger time is earlier ?!)
- At 13:42:47
- At 13:43:56
- At 13:42:01
- At 13:42:09
- At 13:41:33
- At 13:39:50
- ... (ten more)
Notice that there is only one host that can be generating these, i.e. the cause of multiple alerts isn't that they happen on different hosts.
Thank you!