You can use the UNIX/Linux LogFile template to create a monitor to search log files for a specific log entry.
The following procedure shows you how to use the UNIX/Linux LogFile management pack template.
To use the UNIX\Linux LogFile management pack template
-
Start the Add Monitoring Wizard.
Note For information about starting the Add Monitoring Wizard, see How to Start the Add Monitoring Wizard in Operations Manager 2007. -
On the Select Monitoring Type page, in the Select the monitoring type box, select Unix\Linux LogFile, and then click Next.
-
On the Unix LogFile Name and Description page, do the following:
- Type a name for the monitor in the Name box.
- Optionally, type a description of the monitor in the
Description box.
- Select the destination management pack from the Management
Pack list, or click New to create a new management pack
with the Create a Management Pack wizard.
Note By default, when you create a management pack object, disable a rule or monitor, or create an override, Operations Manager saves the setting to the Default Management Pack. As a best practice, you should create a separate management pack for each sealed management pack that you want to customize, rather than saving your customized settings to the Default Management Pack. For more information, see Default Management Pack.
- Type a name for the monitor in the Name box.
-
If you are creating a new management pack, do the following:
- On the Create a Management Pack page, type a name for
the management pack in the Name box.
- Optionally, type a description for the management pack in the
Description text box.
- On the Knowledge Article page, enter any information you
deem necessary to describe this management pack or its
functionality.
- Click Create to create the management pack.
- On the Create a Management Pack page, type a name for
the management pack in the Name box.
-
On the Unix LogFile Name and Description page, click Next.
-
On the Enter and Test Log File Settings page, do the following:
- Select the Server name or Computer group name
option, and then click the browse icon to open the Select
UNIX/Linux Server or Select Computer Group dialog
box.
- Select the server or computer group name that you want from the
Select Server or Select Computer Group box, and then
click OK.
- In the Define Log file block, type the directory for the
log file in the Log file path box, for example
/var/log/messages.
- Enter the Expression that you want in the Expression:
box.
- Perform an Expression Test by typing, in the Sample
entry box, an expression that you want to search for. For
example, type Failure to search for the word “Failure” in
the monitored log files.
Note This field is case-sensitive. You must type the expression exactly as it appears in the log file or it will not be detected. - Click Test. Ensure that “Found match within sample
entry” appears in the Expression test block, and then click
Next.
- Select the Server name or Computer group name
option, and then click the browse icon to open the Select
UNIX/Linux Server or Select Computer Group dialog
box.
-
On the Log File Summary page, review the settings you entered, and then click Create to create the log file monitor.
-
The log file monitor name, management pack, and creation date is listed in the Unix/Linux Log File pane of the Operation console.
Did you find this information useful? Please send your suggestions and comments about the documentation.