How to Monitor a UNIX or Linux Log file

  • Article

Applies To: Operations Manager 2007 R2

You can use the UNIX/Linux LogFile template to create a monitor to search log files for a specific log entry.

The following procedure shows you how to use the UNIX/Linux LogFile management pack template.

To use the UNIX\Linux LogFile management pack template

  1. Start the Add Monitoring Wizard.

    Note

    For information about starting the Add Monitoring Wizard, see How to Start the Add Monitoring Wizard in Operations Manager 2007.

  2. On the Select Monitoring Type page, in the Select the monitoring type box, select Unix\Linux LogFile, and then click Next.

  3. On the Unix LogFile Name and Description page, do the following:

    1. Type a name for the monitor in the Name box.

    2. Optionally, type a description of the monitor in the Description box.

    3. Select the destination management pack from the Management Pack list, or click New to create a new management pack with the Create a Management Pack wizard.

      Note

      By default, when you create a management pack object, disable a rule or monitor, or create an override, Operations Manager saves the setting to the Default Management Pack. As a best practice, you should create a separate management pack for each sealed management pack that you want to customize, rather than saving your customized settings to the Default Management Pack. For more information, see Default Management Pack.

  4. If you are creating a new management pack, do the following:

    1. On the Create a Management Pack page, type a name for the management pack in the Name box.

    2. Optionally, type a description for the management pack in the Description text box.

    3. On the Knowledge Article page, enter any information you deem necessary to describe this management pack or its functionality.

    4. Click Create to create the management pack.

  5. On the Unix LogFile Name and Description page, click Next.

  6. On the Enter and Test Log File Settings page, do the following:

    1. Select the Server name or Computer group name option, and then click the browse icon to open the Select UNIX/Linux Server or Select Computer Group dialog box.

    2. Select the server or computer group name that you want from the Select Server or Select Computer Group box, and then click OK.

    3. In the Define Log file block, type the directory for the log file in the Log file path box, for example /var/log/messages.

    4. Enter the Expression that you want in the Expression: box.

    5. Perform an Expression Test by typing, in the Sample entry box, an expression that you want to search for. For example, type Failure to search for the word “Failure” in the monitored log files.

      Note

      This field is case-sensitive. You must type the expression exactly as it appears in the log file or it will not be detected.

    6. Click Test. Ensure that “Found match within sample entry” appears in the Expression test block, and then click Next.

  7. On the Log File Summary page, review the settings you entered, and then click Create to create the log file monitor.

  8. The log file monitor name, management pack, and creation date is listed in the Unix/Linux Log File pane of the Operation console.