Hi,
I'm not able to find any clue in the documentation how can I return multiple line hits from a preprocessing regex?
I want to monitor some network stats which has no snmp representative, and as I'm farly new to zabbix I'm not sure how to solve this.
I have setup and private-key ssh agent to my item.
It produces the following output for 1 host:
tcp4 0/0/128 *.302
tcp6 0/0/128 *.65002
tcp46 0/0/128 *.300
tcp4 0/0/128 *.304
...
The list is dynamic in length, normally around 30-50 lines
What is the main goal in here, to capture this and store to have historical value, but there are a few interesting aspect.
First:
in the middle part as of 0/0/128 I would to get a trigger alert if in any line's first digit block is not 0
I have on the point, where I have cut the line nicely into groups of my interest, and I can get out the middle block first digit value.
(\w{1,3}(\w|\d{1,2}))(\s{1,10})(\d\/\d\/\d{1,4})(\s{1,10})(.*) --> \4
(\d{1,4}) --> \1
However this does it only on the first line. If I try to use /flags it errors out with "Regex can not be valuated".
Is it possible to extend the regex above to make it work multi line and somehow build a trigger on it?
Another goal:
To aggregate by the first column as how many tcp4, tcp6, etc.. is in the query and potentially put that number and also the number of all lines onto a graph. I have no idea about this at all how can be done.
Thanks for any help
I'm not able to find any clue in the documentation how can I return multiple line hits from a preprocessing regex?
I want to monitor some network stats which has no snmp representative, and as I'm farly new to zabbix I'm not sure how to solve this.
I have setup and private-key ssh agent to my item.
It produces the following output for 1 host:
tcp4 0/0/128 *.302
tcp6 0/0/128 *.65002
tcp46 0/0/128 *.300
tcp4 0/0/128 *.304
...
The list is dynamic in length, normally around 30-50 lines
What is the main goal in here, to capture this and store to have historical value, but there are a few interesting aspect.
First:
in the middle part as of 0/0/128 I would to get a trigger alert if in any line's first digit block is not 0
I have on the point, where I have cut the line nicely into groups of my interest, and I can get out the middle block first digit value.
(\w{1,3}(\w|\d{1,2}))(\s{1,10})(\d\/\d\/\d{1,4})(\s{1,10})(.*) --> \4
(\d{1,4}) --> \1
However this does it only on the first line. If I try to use /flags it errors out with "Regex can not be valuated".
Is it possible to extend the regex above to make it work multi line and somehow build a trigger on it?
Another goal:
To aggregate by the first column as how many tcp4, tcp6, etc.. is in the query and potentially put that number and also the number of all lines onto a graph. I have no idea about this at all how can be done.
Thanks for any help