Is there a way to aggregate multiple messages into one email?
Tags:
#1
nxlogdesonim
we need to separate and aggregate events per IP address during a period of time, such that, a single email is sent conteining multiple messages where the same IP is present, is this something that can be done with pm_evcorr?
i hace tried and not yet able to get this functionality, if possible pls provide a quick example.
thanks.
#1
nxlogdesonim
we need to separate and aggregate events per IP address during a period of time, such that, a single email is sent conteining multiple messages where the same IP is present, is this something that can be done with pm_evcorr?
i hace tried and not yet able to get this functionality, if possible pls provide a quick example.
thanks.
I think the following approach should work better:
- Use om_file with File '/path/to/logs/' + $IPAddress + '.log'
- In a <Schedule> block do this:
- Create a script that moves /path/to/logs/*.log to /path/to/logs/queue and call it with xm_exec's exec()
- omfile->reopen();
- Create a script that emails the files under /path/to/logs/queue and then deletes them. Call the script with exec_async()
