Uploaded image for project: 'Observium'
  1. Observium
  2. OBS-2457

correlation of syslog message alert emails

    XMLWordPrintable

Details

    • New Feature
    • Resolution: Unresolved
    • Minor
    • None
    • Professional Edition
    • Alerting

    Description

      Hello,

      we have configured a syslog-rule matching on prefix-limit messages. This rule is associated to an email contact.

      Our problem is that if a bgp prefix-limit exceeds on the router, this message might occur a 100 times per hour, each syslog generating an email. As far as I can see this behavior can't be changed on the router itself.

      Is it possible to correlate these emails. A possible solution could be to alert the first occurance of the syslog message and then only send correlated emails every n minutes for syslog messages matching the same rule and originated from the same router saying something like "The last event occured n times the last 30 minutes".

      In our case the syslog messages are not exactly the same, each message differs at a specific point, which might also be the reason why they are generated that often.

       

      Best regards

      Joerg

      Attachments

        Issue Links

          clones

          Improvement - An improvement or enhancement to an existing feature or task. OBS-2483 Syslog Alerts Improvements

          • Major - Major loss of function.
          • In Review
          is mentioned by

          Improvement - An improvement or enhancement to an existing feature or task. OBS-2483 Syslog Alerts Improvements

          • Major - Major loss of function.
          • In Review

          Activity

            People

              landy Mike Stupalov
              jok Joerg Krohn
              Votes:
              3 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated: