Hi,

I have two questions about the logs.

1. How do we handle rotated log files?

I have logs which will be rotated periodically, which would look like

log.log
log-20081010.log
log-20081011.log
...

Suppose I specify Zabbix to read log.log, and log.log gets rotated to log-2008-1011.log.

If the log is rotated while Zabbix is still processing it (read 100 out of 200 lines total), it seems Zabbix never reads that other 100 lines.

Is there anyway to solve this problem?

Do I need to make Zabbix to rotate the logs. (If this is the case, how do I do that?)

If Zabbix does not support either, how do Zabbix users usually handle rotated log files?

2. How do I collect multiple items from a single log line?
I have a log files which look like:

Error 2008-10-10 19:87 Problem: Disk full Machine name: WIN-08
Warning 2008-10-10 18:87 Problem: Memory low Machine name: WIN-07

I need to capture timestamp, the problem, and the machine name, only for "Error". At the same time, I need to be able to correlate them.

(e.g: I need to be able to identify disk is full for the machine WIN-08 at 2008-10-10 19:87 later)

Is there any way to do this, other than using zabbix_sender?

Thank you in advance.