Hi,
i’ve been using splunk2nagios and it’s awesome. I can send a nagios alert based on any string in any logfile from any device or program in our network - I can say only alarm if there are x number of instances of the string that occur in y delta time etc.
but now they have released splunk version 4 and splunk2nagios is only supported in splunk version 3. anybody have a check_splunk that works for splunk version 4?
here’s more information on splunk splunk.com
splunk is free up to 500 meg a day
adam