LM Logs

Question

Hello,Just wanted to ask if there is a way to have alerting on multiple lets say IP addresses in a similar log message but not have it spam our ticketing system?Log Message 1 - 1.1.1.1 is downLog Message 2 - 2.2.2.2 is downLog Message 3 - 1.1.1.1 is down&nbsp;I want to be able to alert on 1.1.1.1 being down and suppress it for a day on duplicate alerts but if I have a alert query for "is down" then 2.2.2.2 will also get suppressed for a whole day as well when its a whole separate device/alert.I would also not be able to add all lets say 50 IP addresses that may alert as their own alert condition.Is there a way or is LM Log too limiting right now?

anonymous · Answer

I can't think of a way to do this. Without defining all 50 IP addresses up front, you couldn't setup different pipelines nor different pipeline alerts. That means they'd all alert together and the difference in IP addresses wouldn't be detected by LM aside from noticing that it matches the pattern of actually having an IP address.

Forum Discussion

LM Logs - Alerting

Related Content

LM Logs ingestion alerting

LM Logs Alert Tokens

LM Servicenow Integration

Network logs Monitoring LM

Recent Discussions

Can anyone help modify this Datasource to be able to use any port?

Dashboard updates

Does anyone monitor their iDracs with LM? Tons of duplicate alerts

How do you monitor Running Services on Linux boxes?

Event Sources SNMP and Windows collectors?