Monitoring Log Files
Learn how to alert your organization whenever there is a problem detected based on content in your log files
This section describes the monitoring and the rules for how Nodinite translates your monitoring configuration into meaningful monitoring states. Also, some remote commands are available as Actions to help you swiftly manage problems. Actions are detailed on the Managing Log Files page.
Monitoring Features
Content-based evaluation
- The Nodinite Log File Parser Monitoring Agent allows you to monitor the content of text-based log files. These should have a start value that should then be matched with some other value that comes later.
- Uses RegEx expressions to cover just about any scenario
- Supports rolling log files
Smart time options
- Filter on the different time-based properties, and the order, when you have multiple files (created, modified, Modified after Clear Date Time, ...)
State-based evaluation
- Either the time or the content will issue an alert. These can be used to inform your business about the problem
- if a specific error text is found
- Correlation between a start event and another later event
- Example: Two events should occur after another within a configurable timespan (may very well span multiple files).
Any number of Log Files can be monitored from a single agent (in one or more folders / SMB shares)
Multiple agents can be deployed on multiple servers for scalability, security and performance
Different files can be monitored with different options on different file shares/folders
The same set of files can be monitored with different monitoring options (if you have more than one rule to apply)
List of log file configurations in a Monitor View
Monitor Capabilities
The agent has the following list of Log File Parser Categories:
- Log File Events
One Log File Configuration is displayed within Nodinite as one Resource. If you have 7 enabled Log File Configurations, then you will have 7 Resources in Nodinite.
- The name of the Resources comes from the name of the Log File Configuration, set in the global Configuration
- All log file configurations, belong to the 'Log File Event' Category
- The Application name, if set, comes from the global configuration
Here's an example of Application names, these are defined in the global Configuration
Each of the Log File Configurations (presented in Nodinite as a Resource) has one of the following evaluated states at any given moment:
| State | Status | Description | Actions | |
|---|---|---|---|---|
| Unavailable | Resource not available | If the files to be evaluated are not available due to a bad configuration, and/or network or security-related problems | Review [prerequisites][] | |
| Error | Error threshold is breached | The end match value is either missing and/or took too long time according to the error threshold | [Edit thresholds][AIEditThresholds] | |
| Warning | Warning threshold is breached | The end match value is either missing and/or took too long time according to the warning threshold | [Edit thresholds][AIEditThresholds] | |
| OK | Within user-defined thresholds | All values are matched and/or are within the defined time based monitoring thresholds | [Edit thresholds][AIEditThresholds] |
Log File configuration example when not available
From within Nodinite, you can reconfigure the state evaluation on Resource level using the Expected State feature.
Actions
Using the Web Client for Nodinite, Actions can be sent to the Monitoring Agent for Log File Parser requesting operations to be performed on the monitored resources. With the existing privilege model, you can allow certain users to operate on selected resources.
List of Actions on the Resources of [Log File Parser Categories]
Categories that can be executed by using this agent:
- Perform the following Remote Actions
Alert history for Log Files
During root cause analysis or other purposes, it might be helpful to understand how often problems with your log files happen. If your Monitor View allows it, you can search for historical state changes for the provided time span, either for all your log file configurations, or individually. This topic is further detailed within the generic instructions on how to Add or manage Monitor View page.
| Search | Resource history |
|---|---|
 Search for alert history for all resources in the Monitor View |
 |
Metrics chart: Metrics
Not yet implemented
Supported Versions
- All text-based log files with any content, or a date time and value to match (start and end) from SMB shares and/or Windows File Folders.
See Prerequisites for Log File Parser Monitoring Agent for additional details on installing and running the agent.
Release Log
For detailed information about the features and bug fixes, please see the Release Log