OpsMgr 2007 : How to Generate alerts based on generic CSV log file



Here’s a small document I put up together to outline how to generate alerts out of the CSV file. Apparently the steps are outlined below and for convenience I have also attached the PDF with screen shots attached.


Step 1: Go to  Authoring TAB , right click on “RULES” and Select “Create New Rules”


Step 2: Expand Alert Generating Rules expand Event Based


Step 3: Select Generic CSV Text Log (Alert)


Step 4: Enter the rule name, Description. Click select to pick a target class.


Step 5: For testing purpose choose “Windows Computer”


Step 6: Enter the Directory path where log resides for ex ” c:\logs “


Step 7: In the pattern you could include log pattern for ex ( FileDDMMYYY.log )


             file*.log to represent all log files


Step 8: You can specify the separator in the CSV ex , ; /


Step 9: Considering you might have multiple values separated by comma(or any other separator)


the next steps is to specify a condition generally Params/Param[1] would indicate first column in CSV file of the active row.


for purpose of this example proved Params/Param[1] matchregularexpression test


Step 10: Provide matching  alert priority/severity


 There are some special variables that you can use to print in alert description


===========================================================


Log file Directory :               $Data/EventData/DataItem/LogFileDirectory$


Log file name:                       $Data/EventData/DataItem/LogFileName$


Column Data:                       $Data/EventData/DataItem/Params/Param[1]$


===========================================================


In case you decide to use a monitor


====================================================


Log file Directory :             $Data/Context/LogFileDirectory$


Log file name:                         $Data/Context/LogFileName$


Column Data:                          $Data/Context/Params/Param[1]$


Ex test,abcd,efgh is the line


$Data/Context/Params/Param[1]$ should contain test


$Data/Context/Params/Param[2]$ should contain abcd and so on


====================================================


Download the document in the PDF format


 


Sampa has a great blog which explains overall Application log monitoring and is an excellent resource


http://blogs.msdn.com/sampatton/archive/2007/04/21/application-log-monitoring.aspx


 


 

How to Generate alerts based on generic CSV.pdf

Comments (1)

  1. eg satheesh says:

    i follow the same way but i unble to get any alert ….

    can u help me?

    how to troubleshoot?