Jeevan Bisht's System Center Blog

System Center Rocks !!

OpsMgr 2007 : How to Generate alerts based on generic CSV log file

OpsMgr 2007 : How to Generate alerts based on generic CSV log file

  • Comments 1
  • Likes

Here's a small document I put up together to outline how to generate alerts out of the CSV file. Apparently the steps are outlined below and for convenience I have also attached the PDF with screen shots attached.

Step 1: Go to  Authoring TAB , right click on "RULES" and Select "Create New Rules"

Step 2: Expand Alert Generating Rules expand Event Based

Step 3: Select Generic CSV Text Log (Alert)

Step 4: Enter the rule name, Description. Click select to pick a target class.

Step 5: For testing purpose choose "Windows Computer"

Step 6: Enter the Directory path where log resides for ex " c:\logs "

Step 7: In the pattern you could include log pattern for ex ( FileDDMMYYY.log )

             file*.log to represent all log files

Step 8: You can specify the separator in the CSV ex , ; /

Step 9: Considering you might have multiple values separated by comma(or any other separator)

the next steps is to specify a condition generally Params/Param[1] would indicate first column in CSV file of the active row.

for purpose of this example proved Params/Param[1] matchregularexpression test

Step 10: Provide matching  alert priority/severity

 There are some special variables that you can use to print in alert description

===========================================================

Log file Directory :               $Data/EventData/DataItem/LogFileDirectory$

Log file name:                       $Data/EventData/DataItem/LogFileName$

Column Data:                       $Data/EventData/DataItem/Params/Param[1]$

===========================================================

In case you decide to use a monitor

====================================================

Log file Directory :             $Data/Context/LogFileDirectory$

Log file name:                         $Data/Context/LogFileName$

Column Data:                          $Data/Context/Params/Param[1]$

Ex test,abcd,efgh is the line

$Data/Context/Params/Param[1]$ should contain test

$Data/Context/Params/Param[2]$ should contain abcd and so on

====================================================

Download the document in the PDF format

 

Sampa has a great blog which explains overall Application log monitoring and is an excellent resource

http://blogs.msdn.com/sampatton/archive/2007/04/21/application-log-monitoring.aspx

 

 

Attachment: How to Generate alerts based on generic CSV.pdf
  • i follow the same way but i unble to get any alert ....

    can u help me?

    how to troubleshoot?

Your comment has been posted.   Close
Thank you, your comment requires moderation so it may take a while to appear.   Close
Leave a Comment