Having trouble with regex and parsing logfiles
Hey all:
I am having trouble using regex successfully with log files and I am looking for some help.I have tried checking my regex at regex101, but even when I get working formulas in regex101 they don't seem to work in zabbix. If I leave all of the options at defaults in the 'items' configuration the log files show up in the 'latest data' window, so I know that the zabbix agent is collecting the log files off of my remote server successfully. The problem I have is with the regex. I read that the zabbix agent wants only Posix regex, so I used the posix regex test from Dan's Tools and it sort of worked. Enough of the back story, here is the log I am searching:
I want to capture the report title:Tor2 MariaDB Backup Report so I used this regex: \bTor2 [\.[:space:]]MariaDB[\.[:space:]]Backup[\.[:space:]]Report.*\b This string works in zabbix but it only captures: Tor2 MariaDB Backup Report for 2020-09-06_13:59:43 using parent snapshot 6df3d22e
But I need to see if the backup was successful so I used this regex: ((.*\n){7}) to capture the whole log report. When I concatenate the two strings like so: (((.*\n){7})\bTor2 [\.[:space:]]MariaDB[\.[:space:]]Backup[\.[:space:]]Report.*\b) The posix tester returns the entire log and zabbix accepts it as an argument but it produces NO results. I am at a loss what to do next and any help is gratefully appreciated.
Rick
I am having trouble using regex successfully with log files and I am looking for some help.I have tried checking my regex at regex101, but even when I get working formulas in regex101 they don't seem to work in zabbix. If I leave all of the options at defaults in the 'items' configuration the log files show up in the 'latest data' window, so I know that the zabbix agent is collecting the log files off of my remote server successfully. The problem I have is with the regex. I read that the zabbix agent wants only Posix regex, so I used the posix regex test from Dan's Tools and it sort of worked. Enough of the back story, here is the log I am searching:
Code:
snapshot 6b3be518 saved duration: 0:00 [0:00] 100.00% 1.417 GiB / 1.417 GiB 12 / 12 items 0 errors ETA 0:00 scanned 1 directories, 11 files in 0:00 [0:00] 1 directories, 11 files, 1.417 GiB scan [/sql_backup] Tor2 MariaDB Backup Report for 2020-09-06_13:59:43 using parent snapshot 6df3d22e
But I need to see if the backup was successful so I used this regex: ((.*\n){7}) to capture the whole log report. When I concatenate the two strings like so: (((.*\n){7})\bTor2 [\.[:space:]]MariaDB[\.[:space:]]Backup[\.[:space:]]Report.*\b) The posix tester returns the entire log and zabbix accepts it as an argument but it produces NO results. I am at a loss what to do next and any help is gratefully appreciated.
Rick
Comment