Josh, the current alerting implementation does not support that unfortunately. There are some possibilities to achive that functionality.
1. Use a HTTP alarm callback to send the alert including some messages to a custom HTTP server that handles the alerting. 2. Use something like riemann to handle the alerting and use our output plugin to send data to it. (https://github.com/Graylog2/graylog2-plugin-output-riemann) 3. Write a custom alert callback or output plugin. Hope that helps. Regards, Bernd On 23 February 2015 at 04:22, Tristan Rhodes <[email protected]> wrote: > Josh, > > This type of functionality might be better provided by a tool like Observium > (http://observium.org/) Observium will autodiscover your network equipment, > create graphs for all interfaces and sensors, and you can easily setup > alerts for any problems, such as a failed power supply. > > Cheers, > > Tristan > > On Tue, Feb 17, 2015 at 1:48 PM, Josh Scott <[email protected]> wrote: >> >> Is there an easy way to set up alerts on a per device basis without >> setting up streams for every device in my infrastructure? >> >> Here is my situation. I have over 200 switches deployed. I wan't to alert >> on any syslog level 1 events and then supress for 12 hours any subsequent >> events of the same type from the same IP address. For example we recently >> had a switch that had a bad power supply. Currently I have a stream set up >> to catch any Syslog level 1 events, send an SMTP alert and supress any >> additional ones for 12 hours. If a level 1 event happens on a different >> device or a different event on the same device I won't get the alert since >> the stream is set for any level 1 events >> >> Is there a way to set up the alerts to supress based on IP address or on >> message field content? >> >> -- >> You received this message because you are subscribed to the Google Groups >> "graylog2" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> For more options, visit https://groups.google.com/d/optout. > > > > > -- > Tristan Rhodes > > -- > You received this message because you are subscribed to the Google Groups > "graylog2" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > For more options, visit https://groups.google.com/d/optout. -- Developer Tel.: +49 (0)40 609 452 077 Fax.: +49 (0)40 609 452 078 TORCH GmbH - A Graylog company Steckelhörn 11 20457 Hamburg Germany Commercial Reg. (Registergericht): Amtsgericht Hamburg, HRB 125175 Geschäftsführer: Lennart Koopmann (CEO) -- You received this message because you are subscribed to the Google Groups "graylog2" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
