Sniffers: Send notification(f.i mail) with multiple lines sends multiple mails

[enannos]

Hi to all,

I've been using logsniffer for a couple of weeks now, I find the software to be one of the most powerful, flexible and easy to use opensource log analyzers that currently exist.

I have set up some log sources, most of them watching log4j log file sources. I've also created some sniffers with severity level scanner(ERROR) and e-mail publishers.

The problem is that everytime an event occurs (an "ERROR" in the log file), I am receiving as many e-mails as the lines that the specific ERROR occurs.

For example, if the following error is recorded in the log file: 2017-12-20 12:31:57,032 ERROR Problem: Server lookup failed. Number of Tries 2 2017-12-20 12:31:57,032 ERROR Resolution:
2017-12-20 12:31:57,032 ERROR 1. Check if the port specified for the server is same as that specified in properties file. 2017-12-20 12:31:57,033 ERROR 2. Check if the server down or if the server port is blocked. 2017-12-20 12:31:57,033 ERROR Restart the server/service if it is not running. Wait for other services to connect.

Then I get 5 emails, one for each line.

I am using the default pattern text: Event link: $eventLink Log entries: #foreach( $entry in $event['lf_entries'] ) $entry['lf_raw'] #end

Is it possible to receive only one email per event? Something like sorting out the events per timestamp?

Thank you