monitoring contents of a logfile with a daily changing filename
Hi Ian,
My suggestion (not tested): -On your client, edit ~xymon/client/etc/client-local.cfg file -In your host definition, add a this line: log:/var/log/external/$REPLACE_WITH_CLIENT_NAME/messages-$(date +%Y%m%d).log -If previous does not work, this one should do the job log:$(find /var/log/external/$REPLACE_WITH_CLIENT_NAME/ -name messages-$(date +%Y%m%d).log)
Regards, Damien Martins
Le 15/08/2018 à 16:37, Ian Diddams via Xymon a écrit :
Xymon mailing list Xymon at xymon.com http://lists.xymon.com/mailman/listinfo/xymon
Ok - another angle. I feel I am SO close. so I have a cleint with message logs with filename format /var/log/messages-YYYYMMDD.log It contains a trigger word DIDDS client-local.cfg on the xymon SERVER contains
[linux]log:/var/log/messages:10240log:find /var/log -maxdepth 1 -type f -name messages-\*.log:10240log:/var/log/maillog:10240
log:/var/log/secure:10240ignore MARK
The client's msgs GUI page shows
No entries in /var/log/messagesNo entries in /var/log/messages-20180816.log No entries in /var/log/maillog No entries in /var/log/secure
Full log /var/log/messagesFull log /var/log/messages-20180816.log Full log /var/log/maillog Full log /var/log/secure
ie it can find/knows about that respective messages file.
However...
in analysis.cfg, for the respective client this line LOG %/var/log/messages*.log "DIDDS" COLOR=yellow
doesn't flag anything - even if the string DIDDS is in that messages-20180816.log file .. hence the line in the GUI No entries in /var/log/messages-20180816.log
SO CLOSE.
what am I missing here?
Because if I merely use LOG %/var/log/messages "DIDDS" COLOR=yellow with DIDDS within /var/log/messages it goes yellow almost immediately. ??? didds
participants (2)
-
damien@makelofine.org
-
didds3@yahoo.co.uk