Ad Widget

**geniepage** · 09-12-2015, 17:42

Hello ciclopeblu,
it is simple. I'm suing it for digging in syslog logs.
Simple use item: log - and use regular expressin for filtering.

Manual for it is on zabbix:

6 Log file monitoring

https://www.zabbix.com/documentation/2.4/manual/config/items/itemtypes/log_items

Regards
Genie

**ciclopeblu** · 18-12-2015, 18:24

Hello,

I have created the item, my problem is that I do not know how to create the trigger for when the log change or, better, for when a specific pattern has been found on the log.

Thanks,

Renato

**ingus.vilnis** · 21-12-2015, 12:59

Hi Renato,

Here is an example for a log trigger.

Code:

{Template:log[/var/log/test.log].str(error)}=1 and {Template:log[/var/log/test.log].nodata(180)}=0

It will go into Problem state when a line containing word "error" will be found in the log and clear after 3 minutes.

Please adjust the regular expressions and timings according to your needs.
Hope this helps.

Best Regards,
Ingus

**ciclopeblu** · 22-12-2015, 11:56

Hello,

thanks for your help, I now get:

Incorrect item key "log[/var/log/sshd.log]" provided for trigger expression on ...

I suppose I have to create an item for that file, correct?

thanks,

Ciclope

**ingus.vilnis** · 22-12-2015, 12:01

Hi,

Yes, you need an item first and then you can create a trigger for this item. Now the trigger is looking for item key but cannot find one.

Best Regards,
Ingus

**ciclopeblu** · 22-12-2015, 12:11

I did:

But I still do not get any allert..

Ciclope

**ingus.vilnis** · 22-12-2015, 12:14

1. In item configuration try changing the name to $1 and see what happens (but that is not why you see no alerts).
2. Show your trigger configuration.
3. Check Latest data that log lines are actually read into Zabbix.

Best Regards,
Ingus

Ad Widget

Parsing a log file and send an alert if a condition is true

Parsing a log file and send an alert if a condition is true

Comment

Comment

Comment

Comment

Comment

Comment

Comment