Hello,
Here's what I'm trying to do : I have 2 log files on a server that I need to monitor. One of them is called ok_.log and the other nok_.log
In the ok_.log file, I write lines everytime a specific operation succeeds. For example :
operation_id
operation_id2
operation_id3
In the nok_.log file, I write lines everytime a specific operation fails. For example :
failed_operation_id
failed_operation_id2
failed_operation_id3
What I want to do is that each time a line shows up in nok_.log, I look for the same line in the ok_.log file. If It's not there, then the trigger is fired.
Here's the syntax I tried to use in my trigger : find(/myHost/logrt[C:\myPath\_logs\ok_.*log$],,,last(/myHost/logrt[C:\myPath\_logs\nok_.*log$]))=0
It doesn't work and fires the following error : Invalid parameter "/1/expression": incorrect expression
Is there any other way to achieve what I'm trying to do, or am I not understanding something on a more basic level ? It looks like find() doesn't accept key results as a matching pattern and I don't really know how to work around that.
Here's what I'm trying to do : I have 2 log files on a server that I need to monitor. One of them is called ok_.log and the other nok_.log
In the ok_.log file, I write lines everytime a specific operation succeeds. For example :
operation_id
operation_id2
operation_id3
In the nok_.log file, I write lines everytime a specific operation fails. For example :
failed_operation_id
failed_operation_id2
failed_operation_id3
What I want to do is that each time a line shows up in nok_.log, I look for the same line in the ok_.log file. If It's not there, then the trigger is fired.
Here's the syntax I tried to use in my trigger : find(/myHost/logrt[C:\myPath\_logs\ok_.*log$],,,last(/myHost/logrt[C:\myPath\_logs\nok_.*log$]))=0
It doesn't work and fires the following error : Invalid parameter "/1/expression": incorrect expression
Is there any other way to achieve what I'm trying to do, or am I not understanding something on a more basic level ? It looks like find() doesn't accept key results as a matching pattern and I don't really know how to work around that.
Comment