Ad Widget

Collapse

Log monitoring item with output parameter not working

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • Divya
    Junior Member
    • Apr 2014
    • 6
    #1

    Log monitoring item with output parameter not working

    I have installed zabbix server2.2.3 on ubuntu virtual box machine and zabbix agent2.2.1 in windows host.
    I want to a monitor a windows log file in zabbix server.
    When i configure a log item on server with key log[C:\zabbix\test.log,time] it works.It gives the lines containing the word "time".

    I want to pick a number in that particular line. So i want to use the output parameter.
    But if i give the log key as log[C:\zabbix\test.log,"prerender() timetaken[0-9]+)",,,,\1] it does not work.

    Zabbix agent does not show any error.In Zabbix server the LatestData does not get updated if i giv this key.

    Please help me on this.Any other changes needs to be done,to make this work
    Tags: 2.2.3, log
    • rchannel
      Junior Member
      • Apr 2014
      • 5
      #2
      Same Issue

      Having the same issue.

        Comment

        • Divya
          Junior Member
          • Apr 2014
          • 6
          #3
          Anyone pls help

          I am waiting for the answer.Anyone who knows pls help.

          Thanks in Advance

            Comment

            • topkoa
              Member
              • Oct 2007
              • 47
              #4
              Me too!!

              Can anyone answer this please?

              It gets frustrating when you follow the documentation, and it just doesn't work.



              I was following this: https://www.zabbix.com/documentation...ypes/log_items
              Last edited by topkoa; 02-07-2014, 22:37.

                Comment

                • gleepwurp
                  Senior Member
                  • Mar 2014
                  • 119
                  #5
                  Hi,

                  is the () in the "prerender()" string part of something you want to match? If not, then you'll probably need to "escape" it, because the () is trying to match an empty group...

                  Try it without the "prerender()" part and see if you get something, ie:

                  Code:
                  log[C:\zabbix\test.log,"timetaken:([0-9]+)",,,,\1]
                  If that works, you'll know that the empty "()" in your previous expression was the issue.

                  G.

                    Comment

                    • topkoa
                      Member
                      • Oct 2007
                      • 47
                      #6
                      No dice...

                      Its still not working, here is basically what I'm trying to accomplish.

                      I have a log file with the following format:

                      Code:
                      Jul  3 06:49:48 x.x.x.x scan: my.server.com[10.x.x.x] 1404384675-07be8b5f6297b00001-IGUog1 1404384675 1404384676 SCAN ENC [email protected] [email protected] - 0 38 - [B]SZ:392217[/B] SUBJ:Email Subject
                      I'm trying to extract the value from the "SZ:" portion to get the e-mail size.

                      I have tried this in the item:

                      Code:
                      log[/var/log/remote/x.x.x.x/messages,"SZ:",,,,\1]
                      ...and...

                      Code:
                      log[/var/log/remote/x.x.x.x/messages,"SZ:([0-9]+)",,,,\1]
                      ...and neither seem to work....

                      Like I said, I attempted to follow the instructions in the documentation and I'm essentially spinning my wheels now. It gives me no feedback about whats wrong; just ZBX_NOTSUPPORTED and nothing useful in the agent/server logs...

                      Thanks again for your help.

                        Comment

                        • Zadralo23
                          Member
                          • Aug 2014
                          • 34
                          #7
                          For All

                          Hello.
                          May be this resolve you problem.
                          I have string in syslog
                          Nov 26 13:24:12 172.21.13.181 next ahtung23 in this page
                          I create Item
                          log[/var/log/messages,"^.*(172.21.13.181|172.21.13.182).*$",,,, \0:-:\1]
                          I create Trigger
                          (({HP Equipment SysLog:log[/var/log/messages,"^.*(172.21.13.181|172.21.13.182).*$",,,, \0:-:\1].regexp(ahtung)})#0)
                          This trigger run on word "ahtung"
                          On Zabbix 2.2.4 all work fine.
                          If you want see in variable ip addr, you can use ^.*([0-9]{2}:[0-9]{2}:[0-9]{2})\s(.*)\s .*$

                            Comment

                            Previous template Next
                            Working...