Creating monitoring for a specific log to generate an alert
I'm trying to create monitoring for generating alerts from a specific log located in a specific partition on a Windows server. I created the item and the trigger, but the alert is not being triggered. Can you help me figure out what I'm doing wrong? Below is the configuration I set up:
Zabbix version 7.2
Zabbix agent.cfg was configured as follows:
Server=ZABBIX_SERVER_IP
ServerActive=ZABBIX_SERVER_IP
Hostname=HOST_NAME_IN_ZABBIX
Item Created:
Name: Error monitoring in log
Type: Zabbix Agent (active)
Key: logrt["D:\\Folder\\Folder\\Folder\\Folder\\Folder\\l og_a pp_*.txt","0",UTF-8,100,skip]
The * after app_ is meant to identify the log for the day.
Type of information: log
Trigger Created:
Name: Error monitoring in log
Severity: Warning
Expression: logeventid(/SERVER/logrt["D:\\Folder\\Folder\\Folder\\Folder\\Folder\\l og_a pp_*.txt","0",UTF-8,100,skip])=1
The "0" in quotes is meant to identify the line containing the error in the log.
I tried using the expression below, but it shows an error in the expression
{HostName:log["C:\\Logs\\particaoD\\meuarquivo.log","ERRO|FA IL", UTF-8,100,skip].strlen()} > 0
Zabbix version 7.2
Zabbix agent.cfg was configured as follows:
Server=ZABBIX_SERVER_IP
ServerActive=ZABBIX_SERVER_IP
Hostname=HOST_NAME_IN_ZABBIX
Item Created:
Name: Error monitoring in log
Type: Zabbix Agent (active)
Key: logrt["D:\\Folder\\Folder\\Folder\\Folder\\Folder\\l og_a pp_*.txt","0",UTF-8,100,skip]
The * after app_ is meant to identify the log for the day.
Type of information: log
Trigger Created:
Name: Error monitoring in log
Severity: Warning
Expression: logeventid(/SERVER/logrt["D:\\Folder\\Folder\\Folder\\Folder\\Folder\\l og_a pp_*.txt","0",UTF-8,100,skip])=1
The "0" in quotes is meant to identify the line containing the error in the log.
I tried using the expression below, but it shows an error in the expression
{HostName:log["C:\\Logs\\particaoD\\meuarquivo.log","ERRO|FA IL", UTF-8,100,skip].strlen()} > 0
Comment