VMware Cloud Community
behm316
Contributor
Contributor

Log Insight Alarms

I have created a custom query based on the following filters:

file path contains /var/log/desktone

text contains on port 389

Now this brings me multiple entries for different host names now what I want to do is create an alarm based on this query but in the alarm have it tell me which host name is generating the alarm. Is there a way to do this or do you have to create multiple alarms per host name.

1 Reply
sflanders
Commander
Commander

Group your query by hostname. More information here: Log Insight Alerts: Email and Returned Results - SFlanders.net

Hope this helps! === If you find this information useful, please award points for "correct" or "helpful". ===