Hey everybody,
I had a dream that one day, i would be able to set triggers on specific words in monitored log files (such as "CRITICAL", "WARNING" -strange huh?-), in order to be mailed when critical things happends.
So i created the two following items
and the following triggers
(found this one on the WEB, and seems to work)
Edit : the log comes from a crontab, the cron overwrites the last log.
The log contains only one line telling me the status (OK, WARNING, CRITICAL, etc)
To be sure, i gave it a try, and opened my ESXI chassis
YAY, i receive a mail "PROBLEM - CRITICAL blahblahblah"
So i closed my chassis, and got the "OK" mail back.
But now, when i go to ZABBIX's last values, i still can see the item's last value to "CRITICAL blahblahblah" for the item created. Not "OK blahblah" as it is now written in the log file.
When i write this, it's 16.15, the item seems not to be updated.
And i don't understand why.
If i edit the logfile, i can see "OK blablablabla" and no more "CRITICAL blahblahblah"
any hint?
Thanks!
I had a dream that one day, i would be able to set triggers on specific words in monitored log files (such as "CRITICAL", "WARNING" -strange huh?-), in order to be mailed when critical things happends.
So i created the two following items
Type : Zabbix Agent (active)
Key : log[/here/is/my/zabbix/readable/log,CRITICAL]
Type : Log
Refresh : 30s
[stuff]
Type : Zabbix Agent (active)
Key : log[/here/is/my/zabbix/readable/log,WARNING]
Type : Log
Refresh : 30s
[stuff]
Key : log[/here/is/my/zabbix/readable/log,CRITICAL]
Type : Log
Refresh : 30s
[stuff]
Type : Zabbix Agent (active)
Key : log[/here/is/my/zabbix/readable/log,WARNING]
Type : Log
Refresh : 30s
[stuff]
{ZABBIX:log[/here/is/my/zabbix/readable/log,CRITICAL].nodata(600)}=0
{ZABBIX:log[/here/is/my/zabbix/readable/log,WARNING].nodata(600)}=0
{ZABBIX:log[/here/is/my/zabbix/readable/log,WARNING].nodata(600)}=0
Edit : the log comes from a crontab, the cron overwrites the last log.
The log contains only one line telling me the status (OK, WARNING, CRITICAL, etc)
To be sure, i gave it a try, and opened my ESXI chassis
YAY, i receive a mail "PROBLEM - CRITICAL blahblahblah"
So i closed my chassis, and got the "OK" mail back.
But now, when i go to ZABBIX's last values, i still can see the item's last value to "CRITICAL blahblahblah" for the item created. Not "OK blahblah" as it is now written in the log file.
CRITICAL ESXI 05 Déc 2014 15:45:17 CRITICAL : System Board 1 Intrusion 0
And i don't understand why.
If i edit the logfile, i can see "OK blablablabla" and no more "CRITICAL blahblahblah"
any hint?
Thanks!
Comment