Aggregation of notifications

Hi.

I have no idea of how to implement the following.

Introduction
Let’s assume I have a service which checks many websites running on the same host.
Now all of this webservices create an error, when checked.
Notifications are sent for each service.

Question
Is it possible / how is it possible to only send 1 notification, not one for each webservice, when an error occurs?
Something like “grouping” or “aggregation” of the notification.

Why?
What I would like to accomplish is to prevent an unneccessary flood of notifications.

Sorry if this was previously asked, can’t find something.

Thanks in advance.

Greetings.

Hi,

just an idea:
instead of sending mails directly, you could rebuild the notification script to push the messages in a cache, db, spool or whatever. And from there you read out the message each x minutes and create a mail with collected messages

Hi Stevie,

thanks for the idea

This would be an option, if there is no other (native) possibility.

Greetings.

If they logically are based on each other or if there is a general check like http protocol dependencies could be an option.

Another idea would be using a wrapper like check_multi so everything is aggregated into one check.

Or you can just not enable notifications for the single services and build an additional one using Icinga DSL like this: Advanced Topics - Icinga 2

Hi.

Thanks, this helps a lot.

Greetings.

Hi,
I aggregated notifications two years ago using unofficial icinga-notificator script from Jakub Stollmann. It cooperates with elastic search and uses icinga-beat to communicate with ES.
I wish you good luck
Lukáš

Hi Lukáš,

thank you!

I solved this for me by an extra (dummy) service which checks the results of other services.
Since this a special requirement for only one (sub-)group of services, this is good enough for the moment.

But your answer shows an interesting solution if there will be further requirements in the future.

Greetings.