Hello!
How do I make a group specified by how long devices have been down?
We have equipment which switches location on a weekly basis, and today we group them by using IP-address (ipv4_addresses.ipv4_address). But afterwards, when the equipment is taken down on purpose, we want them to not be in that group anymore, even if their last IP-address was in that group. How would we go about specifying a group by time since last “state of up”? For the sake of argument, let’s say we want to specify devices which have been up the last 24 or 36 hours. How would we specify that?
Did you try creating a device group with devices.uptime as the pattern?
How would that help us in this case? The reason we want to make the pattern with downtime is if in case of a device going down, we still want it to be in the group. But if it was taken down on purpose, it wont go back up inside at least 24-36 hours, and by the we want the rule to withhold the device from the group.
In my head the finished rule would look something like this:
%ipv4_addresses.ipv4_address ~ “10.0.@.@” && %devices.downtime < “36h”