Ivan
1
maybe my question will turn out to be stupid, but I could not find a solution … even with google.
Syslog Message: “bla bla bla word”
Alert Rule:
% syslog.msg ~ “word”
Alert Rule ok. Alert Template ok.
How to pass syslog.msg to Alert Template?
I want to see in the message the full Syslog Message.
laf
2
You need to be using mysql regex or the @ wildcard for like queries, see the docs for more info.
After that, every column in the syslog table will be available when iterating through the %faults array as per the template docs. I.e %value.msg
Ivan
3
Thank you.
Specified% value.mcg - now shows the entire array of events of this host
How to get the last one?
I understand that it is necessary to look for a problem in %foreach , but without it does not work at all
laf
4
It should only get the lines which match the alert rule, show the full alert rule.