Firstly, thanks Jakkedup for sticking with me this long ! 
jakkedup:
You could schedule to turn off notifications over the weekend, or you could define a check_period named Not_on_ weekends and put that in services.cfg for the check_period directive.
Which would mean I would loose notification about any issues over the weekend - not quite what i’m after…
Jakkedup:
I see no other way that to have alerts sent by email. I suppose you could use a log checker that will not remember that it has already read the log up to point X. That way, it will read the entire log again, and of course, it will find the ERROR again, and again, it will show “critical”. In that kind of setup, you would then have to clear the log file of the “ERROR”, in order for the nagios to stop showing that it is CRITICAL. that wouldn’t be to hard, since you could simply go to the windows box, and clear out the log file.
It could work, but not ideal as it’s useful to have the log for future use sometimes.
But hang on, I think your onto something here…
Jakkedup:
Another thing you could do is to not use NC_net, or a mini nagios setup. But rather, scedule a check_log using the remote systems cron or windows scheduler. You could modify a log file plugin, to ONLY excecute the send_nsca script or the submit_check_result script in the event that “ERROR” was found during the log check. If “ERROR” is not found, since it found it 20 minutes ago, then your modified plugin will simply not submit anything at all. So, your nagios website will show “Critical” forever, once an error has been detected. It will not go back to OK, unless you personally, and manually, submit a passive check result of OK, by using the CGI interface.
I think this is the way forward! Problem is that I’m going to end up running code I’ve hacked on our live servers - always a bit worried when I run anything other than shell scripts that i’ve hacked myself!
Unfortunately although we have some dev staff here, network monitoring doesn’t really have a budget (is t the case everywhere ?) so i’d best go find a windoze c compiler. Should be a laugh
Anyway, once again thanks for your input - I shall report back if I ever produce anything useful!
Regards,
Mark