[Xymon] monitoring contents of a logfile with a daily changing filename
Ian Diddams
didds3 at yahoo.co.uk
Thu Aug 16 16:40:27 CEST 2018
Ok - another angle. I feel I am SO close.
so I have a cleint with message logs with filename format
/var/log/messages-YYYYMMDD.log
It contains a trigger word DIDDS
client-local.cfg on the xymon SERVER contains
[linux]log:/var/log/messages:10240log:`find /var/log -maxdepth 1 -type f -name messages-\*.log`:10240log:/var/log/maillog:10240
log:/var/log/secure:10240ignore MARK
The client's msgs GUI page shows
No entries in /var/log/messagesNo entries in /var/log/messages-20180816.log
No entries in /var/log/maillog
No entries in /var/log/secure
Full log /var/log/messagesFull log /var/log/messages-20180816.log
Full log /var/log/maillog
Full log /var/log/secure
ie it can find/knows about that respective messages file.
However...
in analysis.cfg, for the respective client this line
LOG %/var/log/messages*.log "DIDDS" COLOR=yellow
doesn't flag anything - even if the string DIDDS is in that messages-20180816.log file ..
hence the line in the GUI
No entries in /var/log/messages-20180816.log
SO CLOSE.
what am I missing here?
Because if I merely use
LOG %/var/log/messages "DIDDS" COLOR=yellow
with DIDDS within /var/log/messages it goes yellow almost immediately.
???
didds
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xymon.com/pipermail/xymon/attachments/20180816/32c69e49/attachment.html>
More information about the Xymon
mailing list