net-snmp appears to run on windows, is free, and supports logfile monitoring.
http://sourceforge.net/projects/net-snmp/files/net-snmp%20binaries/5.5-binaries/
http://net-snmp.sourceforge.net/docs/man/snmpd.conf.html
Log File Monitoring
This requires that the agent was built with support for either the
ucd-snmp/file or ucd-snmp/logmatch modules respectively (both of which are
included as part of the default build configuration).
file FILE [MAXSIZE]
monitors the size of the specified file (in kB). If MAXSIZE is
specified, and the size of the file exceeds this threshold, then the
corresponding fileErrorFlag instance will be set to 1, and a suitable
description message reported via the fileErrorMsg instance.
Note:
This situation will not automatically trigger a trap to
report the problem - see the DisMan Event MIB section later.
Note: A maximum of 20 files can be monitored.
Note: If no file directives are defined, then walking the fileTable
will fail (noSuchObject).
logmatch NAME FILE CYCLETIME REGEX
monitors the specified file for occurances of the specified pattern
REGEX. The file position is stored internally so the entire file is only read
initially, every subsequent pass will only read the new lines added to the file
since the last read.
NAME
name of the logmatch instance (will appear as
logMatchName under logMatch/logMatchTable/logMatchEntry/logMatchName in the
ucd-snmp MIB tree)
FILE
absolute path to the logfile to be monitored. Note that
this path can contain date/time directives (like in the UNIX 'date' command).
See the manual page for 'strftime' for the various directives accepted.
CYCLETIME
time interval for each logfile read and internal
variable update in seconds. Note: an SNMPGET* operation will also trigger an
immediate logfile read and variable update.
REGEX
the regular expression to be used. Note: DO NOT enclose
the regular expression in quotes even if there are spaces in the expression as
the quotes will also become part of the pattern to be matched!
Example:
logmatch apache-GETs
/usr/local/apache/logs/access.log-%Y-%m-%d 60 GET.*HTTP.*
This logmatch instance is named 'apache-GETs', uses
'GET.*HTTP.*' as its regular expression and it will monitor the file named
(assuming today is May 6th 2009):
'/usr/local/apache/logs/access.log-2009-05-06', tomorrow it will look for
'access.log-2009-05-07'. The logfile is read every 60 seconds.
Note: A maximum of 250 logmatch directives can be specified.
Note: If no logmatch directives are defined, then walking the
logMatchTable will fail (noSuchObject).
Michael F. Doyle
mobile: +1 440 263-8734
________________________________
From: F J Rutcho [mailto:[email protected]]
Sent: Tue 9/21/10 16:20
To: spectrum
Subject: [spectrum] Log Scrapes on Windows Servers
All,
We're presently using Microsoft's Operations Manager (MOM) to monitor our
Windows environment for items that Spectrum cannot handle, such as Log Pattern
matches. I can create the necessary rules to capture these log scrapes and
pass them to Spectrum.
Now here's my dilemma; we are in the process of upgrading to Microsoft's new
System Center Operations Manager (SCOM) and creating the necessary rule to
scrape a log file for a specific pattern is more complicated. Let me
illustrate the complexity.
In MOM, build a raft. In SCOM, build an aircraft carrier.
I don't need the complexity, I need a simple solution. Does anyone out in
Spectrum land monitor log patterns on Windows Servers and have the pattern
matches arrive in Spectrum and generate an alarm.
Please share your "other tools" that are in use to monitor log patterns in a
text file.
Oh yeah, please don't offer "systemEdge" as that requires a license.
Thanks for your help.
Sincerely,
Fred
* --To unsubscribe from spectrum, send email to [email protected] with the
body: unsubscribe spectrum [email protected]
---
To unsubscribe from spectrum, send email to [email protected] with the body:
unsubscribe spectrum [email protected]
