The Log File Monitor Subagent matches regular expressions
against log file entries and determines the log
file size for comparison with a set threshold. For this online demo,
Log File Monitor has been set up to monitor the /var/log/syslog
log file to detect when the sendmail process is restarted.
Whenever this process is restarted, Log File Monitor sends a notification
to the management station.
Log File Monitor was configured with the DR-Web interface using the Log File Monitor Custom Page. Log File Monitor can also be configured using a SNMP-enabled manager. Each of the fields found on the Custom Page either configures a MIB object or creates a row in a table.
Note: When you log on to the CIAgent demo, you will be using Guest access: data and settings can not be modified, added, or deleted.
The log files are monitored through polling. Polling occurs when the Subagent checks the log files for the requested information. The Subagent has two variations of polling: global and individual. Global polling checks all the log files entered in the siLogTable, while individual polling checks one specific log file. Both variations of polling can be set simultaneously, even if overlapping occurs, because one does not override the other.
The demo's entry in this table means that when a log file entry starts with
restarting lib/sendmail a trap will be sent to the configured manager.
The file that is being monitored is found at /var/log/syslog, and
it doesn't matter how large the file entry is, the entire entry is included
in the notification sent to the manager. This table also shows the number of
times that sendmail is restarted.
The Add a Row field lets you add an additional row to the Log File Monitor table. On a subsequent page, this row can be configured by naming a log file and entering a search string.
Next Topic: Scenario B: Observe Host Resources