Hi guys,
I’m wondering about a way to generate an alert when one of my sources (eventlog from windows clients) goes silent (doesn’t send in messages for some time).
I was orginally thinking about using “when less than 1 messages in X minutes for source Y”, but creating a stream/condition for each of my windows clients is a bit tedious and rather messy. Also quite noisy when various clients are simply not used (not running) for a couple of days.
appreciate any ideas.
cheers
Johannes
he @taxter
with the current release of Graylog that is not (easy) possible. Upcoming Version will make this kind of alert possible.
The request is similar to https://github.com/Graylog2/graylog2-server/issues/809 but if you feel that this does not describe what you need and want - and no other issue makes it clear, please open a new one.
Thanks Jan, that issue sounds very much like the kind of feature i am looking for!
By “upcoming version …” you mean this particular issue is scheduled for the next release?
eagerly-awaiting-upcoming-version
upcoming in this situation means not 2.5 or 3.0 - more something after that. But improving the alerting will be the next focus for us.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.
