adding "user" to thruk event log (www)

[Mariusz-C]

Situation:

I disable host notification

In Thruk log - on www

[2024-11-21 08:00:00] EXTERNAL COMMAND: DISABLE_SVC_NOTIFICATIONS;host.example.com;check_example

But in the log /var/log/thruk/thruk.log there is a field with user

[2024/11/21 08:00:00][thruk][INFO] [external_command][some.user][some numbers] [site name] cmd: COMMAND [1732172399] DISABLE_SVC_NOTIFICATIONS;host.example.com;check_example

what would i like?

That the thruk interface also shows the user who made the changes - not just disabling notifications - generally if there is a user in the log it should also be in the event log on the web

[sni]

Thruk just shows the eventlog as it is and naemon does not really know about users when it comes to external commands. That's why it is not logged.

[Mariusz-C]

@sni but in the log /var/log/thruk/thruk.log the user who performed the action is given (as is the “site name”, which can be enabled via the “Show Site Names” checkbox - so I figured that making a checkbox for the user is not a big problem)

[sni]

right, it's no problem to show and log it into the thruk.log. But the information is simply not there in naemon.

[Mariusz-C]

@sni :) It seems to me that we do not understand each other.

This entry is ALREADY in the log - it is written in the log that thruk generates.

As I understand the Event log (i.e. showlog.cgi) shows what appears in /var/log/thruk/thruk.log. Do I understand this correctly?

[sni]

no, the showlog.cgi shows the naemon.log, not the thruk.log.

[Mariusz-C]

hmmm so ... thruk generates a log and there is the user. Why are you writing about naemon? I don't have that - I use thruk and nagios as backends ....

[sni]

it's the same with nagios, in this case thruk shows the nagios.log on the showlog page.

[Mariusz-C]

:) something is not right for me - I have only thruk - nagios are on other hosts. IMO thruk shows what it has in /var/log/thruk/thruk.log - why? Look at the fact that you can display Site Names in the thruk Event log - and this is not in any log on nagios hosts, because they don't know what they are called in thruk.

I checked the nagios log on the backend host and there is no entry for thruk's “site names”.

[sni]

Exactly. Thruk has the sitename and username information and logs this into the thruk.log. Then it sends the command to nagios and nagios logs the command into the nagios.log but does not have the site/contact information anymore. But, thruk does not show the thruk.log in the showlog page. Instead it shows the nagios.log.