Ad Widget

**Atsushi** · 14-08-2018, 09:55

Regular expressions can not be used for file names in item key log[].
If it is output to a new file name on a daily basis, why not try using logrt[]?

logrt[/var/log/^logfile.log,problem]
or
logrt[/var/log/^logfile.log.[0-9].*$,problem]

**batchen_regev** · 14-08-2018, 10:39

Originally posted by Atsushi

Regular expressions can not be used for file names in item key log[].
If it is output to a new file name on a daily basis, why not try using logrt[]?

logrt[/var/log/^logfile.log,problem]
or
logrt[/var/log/^logfile.log.[0-9].*$,problem]

doesnt let me :

red error

Invalid key "logrt[/var/ldt/log/^install-security-g.log.[0-9].*$,problem]" for item "security log" on "HOSTNAME": incorrect syntax near ".*$,problem]".

**batchen_regev** · 14-08-2018, 10:45

Originally posted by batchen_regev

doesnt let me :

red error

Invalid key "logrt[/var/ldt/log/^install-security-g.log.[0-9].*$,problem]" for item "security log" on "HOSTNAME": incorrect syntax near ".*$,problem]".

the first one works but also - i want it to be the last newset log,
the /var/log/ has a few files lokking like that

/var/log/logfile.log.456456
/var/log/logfile.log.456457
/var/log/logfile.log.456458

thats why the command
system.run[cd /var/ldt/log/ ; ls -trA1 |grep 'logfilename'| awk 'END{print}']

gives me the latest one

**batchen_regev** · 14-08-2018, 15:31

thanks! works

**batchen_regev** · 15-08-2018, 12:57

ok so im having issues, the item works but the problem is this :
the log im reading from is a log that is created by some script - and then nothing else is writen to the log.
so im added to the log i have the word "problem" manually - it has set a trigger

then i run the script again - creates a new log without the word problem - but the zabbix not collecting anymore \ not updating and still shows problem
it suppused to read the latest log right ? so why isnt it updating ?

i understand that logrt is for log files that grow over time , my log is created one time and thats it.
should i use key vfs.file ? if so, how ? does it going to find the newest and latest file ?

edit:
also when i check i insert the word "problem" on an older log and still get the trigger, i really need it to be on the latest log..

thanks

**batchen_regev** · 16-08-2018, 09:08

this is the item, again it works but i have this issue:
1. if i manually change old log to have "problem" in it - it fire trigger
2. if i make new clean log after the problem one - still item is not cleaned and shows problem

see atteched

Attached Files

**batchen_regev** · 16-08-2018, 10:00

hey,

thanks for the fast replay.
but i still dont get it

if i edited a past file with "problem" ok so it triggerd but! then i ran a whole new log after the editing and everything
why isnt it takes the last clean log and stop the trigger ? as it is the last updated log

here is the trigger:
{hostname:logrt["/var/log/^install-only.log.[0-9].*$","problem"].str(problem)}=1

what should i do different?
thanks

Ad Widget

zabbix log monitoring issue

zabbix log monitoring issue

Comment

Comment

Comment

Comment

Comment

Comment

Comment