0

I need to find strings in a log file with regex and later send output to Zabbix monitoring server to fire triggers if needed. For example here is a part of the log file:

===== Backup Failures ===== 
Description: Checks number of studies that their backup failed  
Status:  OK     , Check Time: Sun Oct 30 07:31:13 2022
Details: [OK] 0 total backup commands failed during the last day.

===== Oracle queues ===== 
Description: Count Oracle queues sizes. The queues are used to pass information between the applications  
Status:  OK     , Check Time: Sun Oct 30 07:31:04 2022
Details: [OK] All queues have less than 15 elements. 

===== Zombie Services  ===== 
Description: Checks for zombie services 
Status:  Error  , Check Time: Sun Oct 30 07:31:30 2022,  Script: <check_mvs_services.pl>
Details: [CRITICAL] 1 missing process(es) found. Failed killing 1 process(es)

===== IIS Application Pools Memory Usage ===== 
Description: Checks the memory usage of the application pools that run under IIS (w3wp.exe) 
Status:  OK     , Check Time: Sun Oct 30 07:32:30 2022
Details: [OK] All processes of type w3wp.exe don't exceed memory limits 

===== IIS Web Response ===== 
Description: Checks that the web site responds properly 
Status:  OK     , Check Time: Sun Oct 30 07:32:34 2022
Details: [OK] All addresses returned 200

I need to find all items for monitoring and it's results. If results not OK then Zabbix triggers should send alarm.

I found Zabbix can handle log file monitoring with similar command here but first need to find strings in the log file:

log[/path/to/the/file,"regex expression",,,,]

In this example I believe these items should find for Zabbix:

===== Backup Failures =====
Details: [OK] 0 total backup commands failed during the last day.

===== Oracle queues =====
Details: [OK] All queues have less than 15 elements.

===== Zombie Services  =====
Details: [CRITICAL] 1 missing process(es) found. Failed killing 1 process(es)

===== IIS Application Pools Memory Usage =====
Details: [OK] All processes of type w3wp.exe don't exceed memory limits

===== IIS Web Response =====
Details: [OK] All addresses returned 200

Can you advise how possible to achieve this solution?

For any help I would be really appreciated.

Thanks in advance.

Peter
  • 13
  • 2
  • So basically you want all the headings and the `Details` field? – code Nov 04 '22 at 22:11
  • Basically yes, I believe this should be the first step. And later Zabbix should check what is the value in Details row, [OK], [WARNING] or [CRITICAL] and fire its trigger if needed. – Peter Nov 06 '22 at 14:14

0 Answers0