(Michael Friedrich) #1

Collect logs & events and store them. Correlate monitoring events (notifications, etc.) with other activities in your environment. Discuss best practices and implementation ideas.

(UMJ) #2

Hello Everyone,

We are monitoring network devices using snmp polling and hostalive check. We have also configured syslog to send devices reload events in elastic search. Now we want to correlate the events of elasticsearch with icinga to calculate the downtime of devices. Our use case is:

1- If a device is reloaded by user with cli, that time will not calculate in the availability report or it is marked as schedule downtime.

Any suggestion how to correlate the ES events and calculate the availability of the device would be really appreciated.