Rule to help clear monitoring related messages.

The idea is this, Nagios sends us an email with the word 'PROBLEM' in the subject line when there is a 'PROBLEM' on a server. When that 'PROBLEM' goes away or is fixed, it then sends a new email with the same text in the subject line as before, but replaces 'PROBLEM' with 'RECOVERY'. Also the state of the check is shown such as OK, or CRITICAL, or WARNING.

It would be nice if there was a way with the rules to look for messages in a folder that have it take a desired action against the subject line of matching messages that have both 'PROBLEM' and 'RECOVERY' in the subject line, as well as the OK, CRITICAL or WARNING flags. Then perhaps be able to tell it to delete or move them if they are older than 1 hr or something.

So it would see...

Message 1 - Subject: PROBLEM alert: server01 CPU CRITICAL
Message 2 - Subject: PROBLEM alert: server35 Disk Failure
Message 3 - Subject: RECOVERY alert: server01 CPU OK

Then it would know to select Message 1 and 3, and know that the message is about the same subject. Even though the word RECOVERY and OK, are different than PROBLEM and CRITICAL.

It would leave Message 2 alone, until a 4th message came in, with RECOVERY and OK in the subject line, and the rest of the subject line matched the content on Message 2 that had PROBLEM, and CRITICAL.

This kind of thing would be great for MAC and PC Outlook alike.

