Xymon Mailing List Archive search

Help with ignoring certain syslog messages.

list Jasoneh
Wed, 17 Mar 2010 12:37:32 -0400
Message-Id: <user-12f62a12d904@xymon.invalid>

I&#39;m trying to turn the messages test red when &quot;NOTICE&quot; is in a syslog message, but not when &quot;Charged or &quot;Backup initiated&quot; is also present in the message. &nbsp;The config I&#39;m using does ignore the &quot;Backup initiated&quot; messages, but not the &quot;Charged&quot; ones. &nbsp;Can someone give me some hints on how to can handle this situation?
Here is the message I&#39;m trying to ignore:&nbsp;&quot;Mar 17 02:05:58 sycamore SUNWscsdMonitor[979]: [ID 218055 daemon.error] [SUNWscsd 0x030B1D0E:0x00000000 Informational] &lt;rctrl0000&gt; Standard General Event, NOTICE: Controller BBU Fully Charged !.[info: 5E-00E6E83FE] (Secondary, Wed Mar 17 06:10:12 2010) {Unique ID#: 09ecee}&quot;
In hobbit-clients.cfg I have this:&nbsp;&nbsp;LOG %.* NOTICE COLOR=red &quot;IGNORE=%(Charged|Backup initiated)&quot;
When I run &quot;hobbitd_client --test&quot; to test the config, it shows that message would report as green.
# hobbitd_client --testHostname (.=end, ?=dump, !=reload) []: sycamore.example.comHosttype []: SunOSTest (cpu, mem, disk, proc, log, port): loglog filename: /var/adm/messagesTo read log data from a file, enter &#39;@FILENAME&#39; at the promptlog line: Mar 17 02:05:58 sycamore SUNWscsdMonitor[979]: [ID 218055 daemon.error] [SUNWscsd 0x030B1D0E:0x00000000 Informational] &lt;rctrl0000&gt; Standard General Event, NOTICE: Controller BBU Fully Charged !.[info: 5E-00E6E83FE] (Secondary, Wed Mar 17 06:10:12 2010) &nbsp; &nbsp;&nbsp;log line:&nbsp;Log status is green
Hostname (.=end, ?=dump, !=reload) [sycamore.example.com]:&nbsp;Test (cpu, mem, disk, proc, log, port): loglog filename:&nbsp;/var/adm/messagesTo read log data from a file, enter &#39;@FILENAME&#39; at the promptlog line: Mar 10 22:36:17 sycamore vmtape: [ID 428768 kern.notice] Backup initiated: Compression(none)Encryption(none)log line:&nbsp;Log status is green
Hostname (.=end, ?=dump, !=reload) [sycamore.example.com]:&nbsp;Test (cpu, mem, disk, proc, log, port): loglog filename: /var/adm/messagesTo read log data from a file, enter &#39;@FILENAME&#39; at the promptlog line: NOTICE: testing noticelog line:&nbsp;Log status is red
&amp;red NOTICE: testing notice

Thanks,
Jason
 
<img src="http://www.bigstring.com/refer.php?img=68"; width="1" height="1">Start making money with PeopleString!