Log File monitoring
Hi,
I Would like to find out about the log file monitoring.
here is my setting
Directory E:\Program Files\Hitachi ID\IDM Suite\hipam\output
Pattern :- PasswordChange.out
Params/Param Greater then or equal to = 1000
This file passwordchange.out will generated daily basis and scom need to find value that is greater or equal to 1000 in any line of this(passwordchange.out) file to fire alert. But it is not working for me
am i doing any thing wrong here ? Please advice
Siva Siva
September 7th, 2012 5:14am
Hi
The log file monitor won't work in this case - the whole line is the parameter.
http://blogs.technet.com/b/kevinholman/archive/2009/06/20/using-a-generic-text-log-rule-to-monitor-an-ascii-text-file-even-when-the-file-is-a-unc-path.aspx
See this in the middle of the walk through:
On the event expression, click Insert for a new line. Essentially log file monitors look at each new line in a logfile as one object to read, and this is represented by Params/Param[1]
This Parameter 1 is the entire line in the logfile, and is the onlyvalue that is valid for this type of monitor so just type/paste that in the box for Parameter Name.
Cheers
Graham
Regards Graham New System Center 2012 Blog! -
http://www.systemcentersolutions.co.uk
View OpsMgr tips and tricks at
http://systemcentersolutions.wordpress.com/
Free Windows Admin Tool Kit Click here and download it now
September 7th, 2012 5:33am
Hello siva
What is your passwordchange.out file content?
Is your file content is similar like this
XXXXXXX
XXXX
200
1003
Roger
September 7th, 2012 10:50am
Don't waste your time. The plain text log monitor in SCOM is horrible. Write a script to check the log and use that instead."Fear disturbs your concentration"
Free Windows Admin Tool Kit Click here and download it now
September 7th, 2012 12:02pm
Yea its look like this
xxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
1000
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Any one could help me with the script ?
Siva
September 9th, 2012 9:47pm
Use wild card for the log file name if there is new file created every day.
Free Windows Admin Tool Kit Click here and download it now
September 10th, 2012 9:28pm
File Name do not changeSiva
September 10th, 2012 10:44pm