my 2 cents:
- for OS, i'd say %warn|err|panic|critical|exception
- for application, it really depends what kind of output your
applications spew out using syslog.
- check syslog.conf to make sure you have all the important events
logged to /var/log/messages or whichever log u r monitoring
On 1/17/07, Michael A. Price <user-2a9e3c790857@xymon.invalid> wrote:
Hello,
I figured out my LOG monitoring configuration issues and I have it
working!!!!
Now,
What patterns are a good start for matching in /var/log/messages ???
CRITICAL ??
WARNING ??
NOTICE ??
thanks, michael
--
Michael A. Price
Performance Network Engineering
NASA/GSFC Code 440.8/LMB
Greenbelt, Maryland 20770
Phone: XXX-XXX-XXXX
Cell: XXX-XXX-XXXX
e-mail: user-2a9e3c790857@xymon.invalid