Hello all,
I want to monitor some application which writes their logs in this format:
C:\Program Files\Application\InstanceX\logs\yyddmm.log
The problem I have is that each machine has an arbitraty number of instances, therefore a different number of logs to be monitored.
My first attempt to work around that was using logrt.count with a regex like:
However, this doesn't work it seems that the regex part can only be applied to the base filename, not the path itself.
So I went with a bruteforce approach, and created individual items for the each possible instances I could have in one machine.
That sorta of works, but leaves a lot of unsupported items in the machines that have less than maximum total instances.
The next step was to aggregate the counts I can know how many occurences of count happened on a given machine, regardless of how many instances that machine has.
Again I went with a bruteforce approach by creating a calculated item like
last(//logrt.count[C:\Program Files\Application\Instance1\logs\yyddmm.log,.*string])+last(//logrt.count[C:\Program Files\Application\Instance2\logs\yyddmm.log,.*string])+[...]
For all instances.
That worked for the instances with the maximum number of instances, but fails for the others. I know this is overall a terrible approach, but I wasnt able to find a different one.
Can anyone point me to the right approach for this case?
I was imagining using something like Log Discovery, but I am not sure if this is even possible.
I want to monitor some application which writes their logs in this format:
C:\Program Files\Application\InstanceX\logs\yyddmm.log
The problem I have is that each machine has an arbitraty number of instances, therefore a different number of logs to be monitored.
My first attempt to work around that was using logrt.count with a regex like:
Code:
C:\\Program Files\\Application\\Instance.*log
So I went with a bruteforce approach, and created individual items for the each possible instances I could have in one machine.
That sorta of works, but leaves a lot of unsupported items in the machines that have less than maximum total instances.
The next step was to aggregate the counts I can know how many occurences of count happened on a given machine, regardless of how many instances that machine has.
Again I went with a bruteforce approach by creating a calculated item like
last(//logrt.count[C:\Program Files\Application\Instance1\logs\yyddmm.log,.*string])+last(//logrt.count[C:\Program Files\Application\Instance2\logs\yyddmm.log,.*string])+[...]
For all instances.
That worked for the instances with the maximum number of instances, but fails for the others. I know this is overall a terrible approach, but I wasnt able to find a different one.
Can anyone point me to the right approach for this case?
I was imagining using something like Log Discovery, but I am not sure if this is even possible.
That would solve things without any additional stuff...
Comment