×
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')
 
 
  •  
BMC PATROL for Log Management 2.7 ... Documentation for older consoles Using in a BMC PATROL environment Working with PATROL for Log Management Monitoring log files

Generating an alert after a specified number of strings have been found

The PATROL KM for Log Management generates alerts based on a specified number of lines that contain search strings or numeric comparisons in a monitored file. For example, you could configure the KM to search for the string "Corrupt" and specify that the KM should generate an alarm if the KM finds four lines containing the word "Corrupt" in a single scan of the monitored file. You could also configure the KM to generate a warning if the string is found twice and an alarm if the string is found more than four times. If the string is not found on a successive scan of the file, you can configure the KM to return to an OK state.

Before you begin

You must be using the PATROL Central Operator - Windows Edition, PATROL Central Operator - Web Edition, PATROL Console in Developer mode, or the PATROL KM for Log Management PATROL Configuration Manager plug-in.

To generate an alert after a specified number of string or numeric occurrences

  1. Depending on whether you are adding a new log file to be monitored or changing an existing log file, access the Add File for Label: instanceName dialog box or the Change File for Label: instanceName dialog box, respectively as described in Add File for Label - dialog box and Change File for Label - dialog box.
  2. In the*Threshold #1* text box, enter the number of lines in which the string or numeric comparison must occur per scan before an alert is generated.
  3. In the associated State list, choose the type of alert that you want the KM to generate when the number of strings or numeric comparisons exceeds the value in the Threshold #1 field.
  4. (Optional) In the Threshold #2 field, enter the number of lines in which the string or numeric comparison must occur per scan before another type of alert is generated.
  5. (Optional) In the associated State list, choose the type of alert that you want the KM to generate when the number of strings or numeric comparisons exceeds the value in the Threshold #2 field.
  6. (Optional) Select the Return to OK if no match found on next scan check box to return the KM to an OK state if the string is not found on the next scan of the monitored file.
Was this page helpful? Yes No Submitting... Thank you
Last modified by Shweta Patil on Jan 19, 2014

Comments

Log in or register to comment.

Generating and nullifying an alarm based on dual-search strings
Sending a notification when a string has been matched
© Copyright 2011 - 2017, 2019, 2020 BMC Software, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2023 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.