| Author |
Message
|
| ghoshly |
 Posted: Wed Dec 11, 2013 6:10 pm Post subject: Automated monitoring of syslog |
 |
|
Partisan
Joined: 10 Jan 2008
Posts: 333
|
Hello,
Is there any automated process already available through which we can monitor syslog automatically, specially for MQ and Broker errors?
I am thinking of a shell script which should be run periodically and perform a string based search in the syslog and based on anomaly found, it should send email alert to system administrators. In this case I need to come up with a definite list of strings to search for. I can not search for BIP* because then it would include all deployment, flow start stop etc. Other than experience, is there any reference where I can get similar list?
Would you please suggest any better or alternate approach??
WMB 8.0.0.2, AIX 7:1 |
|
| Back to top |
|
 |
| smdavies99 |
| Posted: Wed Dec 11, 2013 11:27 pm Post subject: |
|
|
Jedi Council
Joined: 10 Feb 2003
Posts: 6076
Location: Somewhere over the Rainbow this side of Never-never land.
|
the unix utilities
grep and awk
will be your friend here. Especially awk. Once you have greppped a BIP event then you can fire it into awk where you can use those wonderful things called 'regular expressions' to filter out the 'I' events and others that you want to ignore.
enjoy
{Unix user since 1982 (Dec Ultrix)}
_________________
WMQ User since 1999
MQSI/WBI/WMB/'Thingy' User since 2002
Linux user since 1995
Every time you reinvent the wheel the more square it gets (anon). If in doubt think and investigate before you ask silly questions. |
|
| Back to top |
|
|
| gs |
| Posted: Thu Dec 12, 2013 1:36 am Post subject: |
|
|
Master
Joined: 31 May 2007
Posts: 254
Location: Sweden
|
|
| Back to top |
|
|
| gs |
| Posted: Thu Dec 12, 2013 1:41 am Post subject: |
|
|
Master
Joined: 31 May 2007
Posts: 254
Location: Sweden
|
This configuration was used to put everything in its own log file but you could adjust the filters (which are regexp based btw) to your liking.
You can also use multiple log destinations, file & smtp at the same time. |
|
| Back to top |
|
|
| ghoshly |
| Posted: Thu Dec 12, 2013 11:02 am Post subject: thanks |
|
|
Partisan
Joined: 10 Jan 2008
Posts: 333
|
Thanks for your kind response.
Based on the above response, I am getting the conclusion, that there is no such list available to detect issues in syslog. We need to prepare such using regex. |
|
| Back to top |
|
|
| PeterPotkay |
| Posted: Thu Dec 12, 2013 1:37 pm Post subject: |
|
|
Poobah
Joined: 15 May 2001
Posts: 7722
|
You're probably not the first one in your company wanting to be notified of a value in a syslog. There is likely an enterprise solution already in place. Ask them to look for the entries you care about.
_________________
Peter Potkay
Keep Calm and MQ On |
|
| Back to top |
|
|
|
|
