Josh, This type of functionality might be better provided by a tool like Observium (http://observium.org/) Observium will autodiscover your network equipment, create graphs for all interfaces and sensors, and you can easily setup alerts for any problems, such as a failed power supply.
Cheers, Tristan On Tue, Feb 17, 2015 at 1:48 PM, Josh Scott <[email protected]> wrote: > Is there an easy way to set up alerts on a per device basis without > setting up streams for every device in my infrastructure? > > Here is my situation. I have over 200 switches deployed. I wan't to alert > on any syslog level 1 events and then supress for 12 hours any subsequent > events of the same type from the same IP address. For example we recently > had a switch that had a bad power supply. Currently I have a stream set up > to catch any Syslog level 1 events, send an SMTP alert and supress any > additional ones for 12 hours. If a level 1 event happens on a different > device or a different event on the same device I won't get the alert since > the stream is set for any level 1 events > > Is there a way to set up the alerts to supress based on IP address or on > message field content? > > -- > You received this message because you are subscribed to the Google Groups > "graylog2" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. > -- Tristan Rhodes -- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
