Hello,
we have currently setup monitoring our linux systems to monitor for segfault entries.
We have implemented them as agent checks in this way:
This works fine, it reports data when segfault is found in the syslog file.
We did then create an associated trigger in this way:
The problem is now, that this trigger remains active for ever.
We did try to "reset" the error status after one day with this trigger:
But this then shows this message in the dashboard:
Any ideas on how to correctly monitor linux logfiles and reset the trigger after a specific amount of time?
we have currently setup monitoring our linux systems to monitor for segfault entries.
We have implemented them as agent checks in this way:
Code:
log[/var/log/syslog,segfault]
We did then create an associated trigger in this way:
Code:
{Template OS Linux:log[/var/log/syslog,segfault].strlen()}>0
We did try to "reset" the error status after one day with this trigger:
Code:
{Template OS Linux:log[/var/log/syslog,segfault].strlen()}>0 and {Template OS Linux:log[/var/log/syslog,segfault].nodata(1d)}<>1
Code:
Cannot evaluate function "machinename:log[/var/log/syslog,Machine check events logged].nodata(1d)": item does not have enou