Log File Monitoring

 

Every application prints status messages, error messages, and other critical information in its log. It is very tedious to skim through all these bulky log files for understanding the application performance. To manage such mission critical applications in real time, monitoring their log files is necessary. OpManager Plus offers agent-based log file monitoring for real-time fault and performance management.

 

How log file monitoring works?

The log file monitoring agent installed in the end machine, monitors the log files continuously for the required string (It may even be a regex). Once that string is printed, it immediately notifies OpManager Plus server, which in-turn raises the alarm.

 

Steps to add a log file monitor

Prerequisite: Before installing the agent, add that device in OpManager Plus.

  1. Install the agent in the end machine which has the log files.
  2. Go to Admin-> File Monitoring Templates-> New Template.
  3. Enter a template name, and path of the file.
  4. Click Next.
  5. Under File Contains row, enter the String to be searched. OpManager Plus supports regular expressions as well. Note: All the special characters should be preceded by a backslash.
  6. Select Match Case check box, if you want the search to be case sensitive.
  7. Enter the number for consecutive times of the log print for which you want to raise the alarm.
  8. Click Next and associate it to the required devices. You have successfully added a log file monitoring template.
  9. Now map the agent to the device that you have added in OpManager Plus(prerequisite).
    1. Go to Admin-> Agents. You can find the agent installed device listed.
    2. Select the respective device in the Mapped Device column.
    3. Click confirm to map the device.

You have successfully created a log file monitor.

 

Known Issues : 

  1. If the file monitoring interval is modified, the match string appeared in the current polling span (old monitoring interval) will be ignored and hence the alert will not be generated.  The alert will be raised as usual based on the new monitoring interval from next poll.

        Example:

                    Consider the file monitoring interval is 5 mins starting at 10.00 AM.

                    Search string appears in the monitored log file at 10.02 AM.

                    File monitoring interval is modified as 10 mins at 10.03 AM.

 

                    In above case, the agent will ignore the search string which appeared at 10.02 AM.  It starts monitoring the log file as fresh from 10.03 AM based on the new monitoring interval (10 mins).

 

 

 

fBack to Top