thanks for the nicely crafted rules.
No worries.
=== nagios ================================================================== --- nagios (revision 55) +++ nagios (local) @@ -10,6 +10,7 @@ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios: SERVICE NOTIFICATION: [._[:alnum:]-]+;[._[:alnum:]-]+;[^;]+;OK;.*$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios: HOST ALERT: [._[:alnum:]-]+;DOWN;(SOFT|HARD);.*$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios: HOST ALERT: [._[:alnum:]-]+;UP;(SOFT|HARD);.*$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios: HOST ALERT: [._[:alnum:]-]+;UNREACHABLE;(SOFT|HARD);.*$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios: HOST NOTIFICATION: [._[:alnum:]-]+;[._[:alnum:]-]+;DOWN;.*$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios: HOST NOTIFICATION: [._[:alnum:]-]+;[._[:alnum:]-]+;UP;.*$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ nagios: HOST DOWNTIME ALERT: [._[:alnum:]-]+;STOPPED;.*$
could you post some of the loglines they are intended to supress.
.* should only used for remote supplied strings, where we have _no_ controll on what gets supplied.
thanks for your feedback maks
Here are some sample loglines: (Please excuse if they are linewrapped, I've separated them out to make it clear which ones are/were full lines)
Mar 7 16:51:50 sd01 nagios: HOST ALERT: wire-server;UNREACHABLE;HARD;10;CRITICAL - Plugin timed out after 10 seconds
Mar 7 17:40:50 sd01 nagios: HOST ALERT: wire-server;UNREACHABLE;HARD;10;/bin/ping 202.137.92.18 -n -c 1
Mar 7 23:54:09 sd01 nagios: HOST ALERT: philoz-server;UNREACHABLE;HARD;10;PING CRITICAL - Packet loss = 0%, RTA = 8861.88 ms
Mar 9 02:29:39 sd01 nagios: HOST ALERT: oe-server;UNREACHABLE;HARD;10;Socket timeout after
10 seconds
-- Geoff Crompton Debian System Administrator Strategic Data +61 3 9340 9000
-- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
