I tried to create a log file monitoring with regexp() function in trigger expression. But it's not working as expected. Here is my setting:
Item Key:
log[/tmp/log/log_test.log,"(error|ERROR)",,,skip,,]
Trigger Expression:
{server003:log[/tmp/log/log_test.log,"(error|ERROR)",,,skip,,].regexp(skip|ignore),#1} = 0
So if a line in log contains "ERROR" or "error", and it also contains "skip" or "ignore", the line should NOT trigger an alert.
However, the result is an alert is always triggered whenever ERROR/error matched regardless if skip/ignore is presented. Any helps will be appreciated.
Item Key:
log[/tmp/log/log_test.log,"(error|ERROR)",,,skip,,]
Trigger Expression:
{server003:log[/tmp/log/log_test.log,"(error|ERROR)",,,skip,,].regexp(skip|ignore),#1} = 0
So if a line in log contains "ERROR" or "error", and it also contains "skip" or "ignore", the line should NOT trigger an alert.
However, the result is an alert is always triggered whenever ERROR/error matched regardless if skip/ignore is presented. Any helps will be appreciated.