[Xymon] Ignore and trigger in client-local.cfg

29 Jan 2014


      Hi!
I'm trying to get ignores and triggers to work in client-local.cfg, but can't get it to work. The background is that we have an important log which is extremely active and we are currently missing entries due to this. Rather than setting a huge value for the amount of bytes to send to Xymon (log:filename:size), I want to apply a ignore/trigger combo instead to filter out the noise before sending the log to Xymon.
The man page is not very descriptive of the possibilities, it just states:
"ignore EXPRESSION"
Must follow a "log:..." entry. Lines matching the
regular EXPRESSION are not sent to the Xymon server.
"trigger EXPRESSION"
Must follow a "log:..." entry. Lines matching the
regular EXPRESSION are always sent to the Xymon server.
Use this for extremely critical errors that must be
reported.
First, is it at all possible to specify a trigger on things we want to pick up, and discard everything else with a "catch all" ignore expression?
The logic is like this (but I need help with the syntax):
[host1]
log:/var/log/host1.log:102400
trigger this|that|stuff
ignore everything
Regards,
Johan Karlsson

[Xymon] Ignore and trigger in client-local.cfg

johan.karlsson＠deltamanagement.se

"ignore EXPRESSION"

Must follow a "log:..." entry. Lines matching the

regular EXPRESSION are not sent to the Xymon server.

"trigger EXPRESSION"

Must follow a "log:..." entry. Lines matching the

regular EXPRESSION are always sent to the Xymon server.

Use this for extremely critical errors that must be

reported.