Hi,
I'm trying to tackle a problematic log file monitoring requirement - basically, when an error string appears in the log, I need to extract the X lines that preceded the error.
For example:
00:00:00 Starting transaction...
00:00:00 Command: blablabla
00:00:00 Destination: blablabla
00:00:00 Result: ERROR
So, in this example, if ERROR appears in the log I need to get the lines that precede the error.
I am currently able to use logrt to identify the ERROR, but I'm not sure how to accomplish the extraction of the other lines.
logrt doesn't seem to support capturing of multi-line regex, so I thought to trigger a custom script on the client to parse the log, but there are a few things I don't know how to do:
- How to get the filename of the specific log in which the error was detected?
- How to get the line on which this error occurred? I don't want to assume that it would always be the last error in the file.
Has anyone done something similar to this before? any tips would be appreciated
I'm trying to tackle a problematic log file monitoring requirement - basically, when an error string appears in the log, I need to extract the X lines that preceded the error.
For example:
00:00:00 Starting transaction...
00:00:00 Command: blablabla
00:00:00 Destination: blablabla
00:00:00 Result: ERROR
So, in this example, if ERROR appears in the log I need to get the lines that precede the error.
I am currently able to use logrt to identify the ERROR, but I'm not sure how to accomplish the extraction of the other lines.
logrt doesn't seem to support capturing of multi-line regex, so I thought to trigger a custom script on the client to parse the log, but there are a few things I don't know how to do:
- How to get the filename of the specific log in which the error was detected?
- How to get the line on which this error occurred? I don't want to assume that it would always be the last error in the file.
Has anyone done something similar to this before? any tips would be appreciated
Comment