Hi,
The answer to this is probably in the archives already, but I didn't find it.
I'm running Xymon 4.2.3 server on RHEL, and running Big Brother on the clients. I setup the bb-msgstab file on a Linux client to alert for a specific string in /var/log/messages. What I'm seeing is that anytime /var/log/messages is updated, we get an alert for the string we are testing for, even if that string occurred hours ago. Is there a way to parse the file to only send an alert if it is a new occurrence of the string? We only rotate this file once a week, so we might get an alert on something that's a day old.
Thanks!
Nicole Beck