Hello,
I’m using zabbix 2.0.3 and would like to use log monitoring, to monitor log files on Linux. Just below an example of the log file.
Every 15 min there will be a new line, 24 hours, untill the log will be 1MB. I would like to monitor on 0 messages and SEVERE, within a time frame of 8:00 AM to 22:00 PM in the log file
INFO | jvm 1 | 2014/07/05 16:17:46 | INFO 17 messages in 900 sec; 101080 messages total.
INFO | jvm 1 | 2014/07/05 16:32:46 | INFO 7 messages in 900 sec; 101087 messages total.
INFO | jvm 1 | 2014/07/05 16:47:46 | INFO 0 messages in 900 sec; 101087 messages total.
INFO | jvm 1 | 2014/07/05 17:02:46 | INFO 0 messages in 900 sec; 101087 messages total.
INFO | jvm 1 | 2014/07/05 17:17:46 | INFO 21022 messages in 900 sec; 122109 messages total.
INFO | jvm 1 | 2014/07/05 17:32:47 | INFO 17715 messages in 900 sec; 139824 messages total.
INFO | jvm 1 | 2014/06/20 16:21:20 | SEVERE Unable to connect to…….bla bla bla
I’ve made the item using https://www.zabbix.com/documentation...ypes/log_items
Enabled and no error
So i moved on to make a trigger
(({servername:logrt["path/to/log","SEVERE",,"1"].regexp(SEVERE)}=0)|
({servername:logrt["path/to/log","SEVERE"].time(0)}>080000)&
({servername:logrt["path/to/log","SEVERE"].time(0)}<220000))
And
(({servername:logrt["path/to/log","0_messages",,"1"].regexp(0_messages)}=0)|
({servername:logrt["path/to/log","0_messages",,"1"].time(0)}>080000)&
({servername:logrt["path/to/log","0_messages",,"1"].time(0)}<220000))
The error is for the trigger is:
Evaluation failed for function:…….
Ofcourse the time lap is for the sms we want that something is wrong, not for the timeframe in de log file
At the dashboard you can see the trigger (for SEVERE) is on.
how can i add the time frame for monitoring the log file in the trigger.
Or how can i let the trigger read only the last line in the log file
I’m using zabbix 2.0.3 and would like to use log monitoring, to monitor log files on Linux. Just below an example of the log file.
Every 15 min there will be a new line, 24 hours, untill the log will be 1MB. I would like to monitor on 0 messages and SEVERE, within a time frame of 8:00 AM to 22:00 PM in the log file
INFO | jvm 1 | 2014/07/05 16:17:46 | INFO 17 messages in 900 sec; 101080 messages total.
INFO | jvm 1 | 2014/07/05 16:32:46 | INFO 7 messages in 900 sec; 101087 messages total.
INFO | jvm 1 | 2014/07/05 16:47:46 | INFO 0 messages in 900 sec; 101087 messages total.
INFO | jvm 1 | 2014/07/05 17:02:46 | INFO 0 messages in 900 sec; 101087 messages total.
INFO | jvm 1 | 2014/07/05 17:17:46 | INFO 21022 messages in 900 sec; 122109 messages total.
INFO | jvm 1 | 2014/07/05 17:32:47 | INFO 17715 messages in 900 sec; 139824 messages total.
INFO | jvm 1 | 2014/06/20 16:21:20 | SEVERE Unable to connect to…….bla bla bla
I’ve made the item using https://www.zabbix.com/documentation...ypes/log_items
Enabled and no error
So i moved on to make a trigger
(({servername:logrt["path/to/log","SEVERE",,"1"].regexp(SEVERE)}=0)|
({servername:logrt["path/to/log","SEVERE"].time(0)}>080000)&
({servername:logrt["path/to/log","SEVERE"].time(0)}<220000))
And
(({servername:logrt["path/to/log","0_messages",,"1"].regexp(0_messages)}=0)|
({servername:logrt["path/to/log","0_messages",,"1"].time(0)}>080000)&
({servername:logrt["path/to/log","0_messages",,"1"].time(0)}<220000))
The error is for the trigger is:
Evaluation failed for function:…….
Ofcourse the time lap is for the sms we want that something is wrong, not for the timeframe in de log file
At the dashboard you can see the trigger (for SEVERE) is on.
how can i add the time frame for monitoring the log file in the trigger.
Or how can i let the trigger read only the last line in the log file
Comment