I'd like to setup the LogFilter to scan the logs for a particular string at a particular frequency but to only generate an alarm if the string is seen n times in x minutes.
For example, I'm monitoring a logfile for the string 'ERROR' but I only want to generate an alarm if that string is seen 5 times in 10 minutes. It doesn't seem like the behavior section of the LogFilter rule would be able to do that since it is a simple rule, or can it?
The 5.5.4 O/S cartridge does not provide this option. Logfilter rule behavior is unable to fire an alarm/action if n collections are true during an x amount of collection period and reset.
STATUS: FREQ-214 has been delayed until the replacement IC cartridge LogFilter agent is produced.
© ALL RIGHTS RESERVED. Feedback Nutzungsbedingungen Datenschutz Cookie Preference Center