Skip to content

Instantly share code, notes, and snippets.

@tfhartmann

tfhartmann/splunktalk_nagios_reports.md

Created September 25, 2013 14:46
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save tfhartmann/6700709 to your computer and use it in GitHub Desktop.
Save tfhartmann/6700709 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
splunktalk_nagios_reports.md 
index=nagios (nagiosevent="SERVICE NOTIFICATION" ) OR (nagiosevent="HOST NOTIFICATION" ) ( user_id=$userid$)|lookup local=t nagios-hostgroupmembers host_name AS src_host | convert ctime(_time) as time | eval Name=coalesce(name,hostnotification) |transaction delim=
src_host, nagiosevent | table time,eventcount,src_host,hostgroup,user_id,Name,reason,nagiosevent
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment