Using Foglight for Infrastructure
Host availability alerting
Virtual hosts and reported metrics
Exploring the Infrastructure Environment dashboard
Monitoring log files with Foglight Log Monitor
Accessing the Infrastructure dashboard
Selecting a service
Running a report for the Infrastructure Environment
Exploring the Monitoring tab
Exploring monitored hosts
Exploring the FAQ Question Viewer
Exploring the Administration tab
Using Foglight for Infrastructure agents
Configuring Multiple Instances for Monitoring using Silent Installation
Using the PowerVM HMC agent
Using the UnixAgentPlus
Monitoring remote hosts
Deploying Foglight for Infrastructure agents
Creating agent instances
Defining credentials
Activating the agent
Monitoring the infrastructure
Adding a monitored host
Adding multiple monitored hosts
About the WindowsAgent
About the UnixAgentPlus
About the UnixAgent
About the MultiHostProcessMonitorAgent
Configuring monitoring agents
Investigating log records
Configuring agent properties
Monitoring IBM PowerVM environments
Configuring File Log Monitor agent properties
Configuring connections to remote Windows platforms
Monitored Hosts
Log Files
File Formats
Record Transformations
Data Collection Scheduler
FileLogMonitor configuration example
Configuring Windows Event Log Monitor agent properties
Before you begin
Managing PowerVM HMC agents
Advanced system configuration and troubleshooting
Configuring HMC user accounts
Configuring PowerVM HMC agent credentials
Creating PowerVM HMC agents
Reviewing and editing PowerVM HMC agent properties
Monitoring your PowerVM environment
Exploring the Infrastructure Environment dashboard
Investigating the collective use of all HMC resources
Viewing HMC details
Identifying top consumers of managed server resources
Viewing individual managed server details
Identifying top consumers of PowerVM partition resources
Viewing individual PowerVM partition details
Identifying top consumers of PowerVM virtual I/O server resources
Viewing individual PowerVM VIOS details
Investigating additional managed server, partition, and VIOS details
Exploring PowerVM partition and PowerVM VIOS overviews
Exploring managed server profiles
Investigating the use of PowerVM partition and VIOS processor resources
Investigating the use of PowerVM partition and VIOS memory resources
Exploring processor, memory, and storage breakdowns
Investigating volume-based storage pools
Exploring top resource analyzers
Exploring PowerVM VIOS network summaries
Drilling down on shared network adapters
Drilling down on physical and virtual network adapters
Investigating object dependencies
Reviewing frequently asked questions
Advanced system configuration for WinRM
Configuring default local user credentials for Infrastructure Agents
Reference
Foglight for Infrastructure views
Foglight Log Monitor views
Rules
Metrics
Appendix: Building regular expressions in Foglight
AIX metrics
HP-UX metrics
Linux metrics
Solaris metrics
Windows metrics
AIXHostDetails topology object
AIXMemoryDetails topology object
AIXPhysicalCPUUsage topology object
AIXUsedMemoryDetails topology object
CPUCounts topology object
Host topology object
HostCPUs topology object
HostNetwork topology object
HostProcess topology object
HostProcessInstance topology object
HostService topology object
HostTopProcessEntry topology object
LPARNetworkInterfaceDetails topology object
LPARPhysicalDiskDetails topology object
LogicalDisk topology object
MSCluster topology object
MSClusterNode topology object
MSClusterResource topology object
MSClusterResourceGroup topology object
MSHostedResourceGroup topology object
Memory topology object
NetworkInterface topology object
NetworkInterfaceDetails topology object
NixHostProcessInstance topology object
OperatingSystem topology object
PhysicalDisk topology object
PowerVMVIOS topology object
PowerVMVIOSCPUs topology object
PowerVMVIOSMemory topology object
PowerVMVIOSNetwork topology object
PowerVMVIOSStorage topology object
Processor topology object
WinHostProcessInstance topology object
Configuring File Log Monitor agent properties
For a configuration example, see FileLogMonitor configuration example.
Monitored Hosts
The Monitored Host properties specify the hosts whose log files you want to monitor with this agent.
|
• |
Hosts: A list specifying the hosts monitored by the agent instance. Typically you want a cloned list that is associated with a specific agent instance. Each entry in the list includes the following columns: |
|
• |
Host: The name of the monitored host or its IP address. |
|
• |
Host name override: The host name under which this host’s data is stored in the data model. This property is optional. |
|
• |
Host Type: Windows or Unix. This property determines how the agent connects to the host: using SSH (Unix hosts), or using WMI or WinRM (Windows hosts). |
|
• |
SSH Port: The port number used for secure connections, if applicable. For Unix and Linux hosts, this value is typically set to 22. For Windows hosts, this is not applicable, and -1 should be specified (meaning not applicable). This property is optional. |
|
• |
Operation Timeout: The maximum amount of time in seconds given to the agent for each phase of a collection attempt. This includes uploading the native executable, scanning for log entries, and retrieving log content. |
|
• |
Collect System ID: This property indicates to the agent whether or not to collect a unique system ID from this system. This is not desirable when monitoring Hyper-V systems, as some Hyper-V systems use the same ID for multiple systems, preventing them from being unique. |
|
• |
Remote Collector Executable: The name of the agent native executable on the remote monitored host. This property is optional. If not specified, a random name is used. Configure this property only if you need to set a specific name for the executable so that you can write a sudo rule for it, or to have it uploaded to a non-default directory. In that case, provide a complete a full path name along with the file name. |
|
TIP: By default, the executable is created on the monitored host in the %TEMP% directory (Windows) or /tmp (Unix). |
|
• |
Secure Launcher: The name and path to the sudo that enables the agent to launch on Unix and Linux machines, for example: /usr/bin/sudo. This property is optional. |
Log Files
The Log Files properties allow you to specify the monitored log files on each host the agent instance connects to, and the type of log records that you want to scan.
|
• |
Log Files: A list specifying the log files monitored by this agent. If the list is shared between agent instances, or if the agent instance is configured to connect to multiple hosts, the log file locations specified in this list are checked on every host the agent connects to. This is useful in situations when you want to scan a standard log file, for example, /var/log/messages, across multiple hosts. To do that, create one agent instance with its own Hosts list, (see Monitored Hosts), and a single row in this list. |
|
• |
Directory: The directory containing the log files that you want to monitor. |
|
• |
Filename Pattern: A regular expression that specifies which log files to monitor. |
|
TIP: The agent supports PCRE (Perl Compatible Regular Expressions). For details about the PCRE syntax, visit http://perldoc.perl.org/perlre.html. |
|
• |
File Format Name: The name of the file format the log file uses. File format definitions are specified in the File Formats properties. The value you provide in this column must match an existing file format. |
|
• |
|
• |
RegEx Match Pattern: A regular expression that the agent uses to look for specific text in the monitored log files. |
|
TIP: The agent supports PCRE (Perl Compatible Regular Expressions). For details about the PCRE syntax, visit http://perldoc.perl.org/perlre.html. |
|
• |
Match Severity: The severity associated with log records that match the specified regular expression, in the monitored log file. There are five available severities that you can choose from: Warning, Critical, Fatal, Debug, and Informational. |
|
• |
Tags: One or more comma-separated tags that you want to add to log records that match the specified regular expression, in the monitored log file. This property is optional. Tags are useful because they can help you quickly locate records with a desired tag. If set, tags are reported along with any record that matches the specified regular expression. For example, the tag security, auth can be applied to any records that match the regular expression “.*login failed.*”. This allows the agent to identify all records (regardless of file name, host, agent or content) that relate to either security or authorization, and to display them on the Log Monitor dashboard. |
|
• |
Exclude Records: Enable/disable to trigger an alarm for agents that are specified in the pattern. |
|
• |
RegEx Record Exclude Pattern: The regular expression of the specific text that the agent uses to exclude records from the monitored log files. |
|
• |
RegEx File Exclude Pattern: The regular expression of the specific filename or directory that the agent uses to exclude records from the monitored log files. |
|
• |
Exclude Enable: Sets to true to enable excluding records from the log files, and vice versa. |
|
• |
Hours of Backlog Records to Read: Specifies the time duration of scanning the monitored log files. |
File Formats
The File Formats properties allow you to specify the format of the log files that you want to monitor.
|
• |
File Formats: A list describing the structure of contents in the monitored log files. Any file that you monitor must have its format specified in this list. In most cases, all agent instances refer to one global list of file formats. The global list is pre-populated to describe some common log file formats. |
|
• |
Name: The name of the file format. |
|
• |
Max Record Size: The maximum length of a record entry in bytes to use for pattern matching and submission to the Management Server. If a record is larger in size, it is truncated. The pattern is still applied to the entire record when searching for a match. This property is optional, and defaults to 1024 if not specified. |
|
• |
New Line Policy: The character or sequence of characters used to signify the end of a text line (EOL) in the file format. The following values are available: |
CR: The carriage return character (\r), ASCII code 0x0d. This is common on Mac OS systems up to version 9.
LF: The line feed character (\n), ASCII code 0x0a. This is common on Unix and Unix-like systems (including Mac OS X systems).
CRLF: A carriage return character (\r, ASCII code 0x0d), followed by a line feed (\n, ASCII code 0x0a). This is common on Windows systems.
ANYCRLF: A carriage return character (\r, ASCII code 0x0d), a line feed (\n, ASCII code 0x0a), or both. This is common on mixed platform log files.
ANY: Any Unicode new line sequence, including CR, LF, CRLF, plus the single characters VT (vertical tab, U+000B), FF (form feed, U+000C), NEL (next line, U+0085), LS (line separator, U+2028), and PS (paragraph separator, U+2029).
|
• |
Rollover Policy: Indicates to the agent the way the contents of the log files using this format are rotated when they reach their maximum size. |
RECYCLE: The name of the active log file remains the same, while older logs are renamed by appending a ‘1’ to the name and increasing that number each time a new log file is created. For example, your system always writes log records to the same file, abc.log. When that file reaches its maximum size, the system renames it to abc1.log, and creates a new abc.log file for storing new logs. When that abc.log file becomes full, the system renames it to abc.log2 file, and creates a new abc.log file, and so on.
NEW: Each time a new log file is created, the number in the file name of the active log is increased by ‘1’. For example, your system starts writing log records to abc.log. When that file reaches its maximum size, the system creates a new log file, abc1.log, and continues to write log records to that file. When abc1.log file becomes full, the system creates an abc2.log file, and so on.
|
• |
Record Separator RegEx: A regular expression indicating when a log record ends and a new one starts. This property is optional. The default is an empty string which indicates that each record is a single line. |
|
• |
Character Set: The character encoding used in the log file using this format. The character set must be installed on the remote host, and available through the iconv utility. The native character set is translated to UTF-8 when a log record is reported. This property is optional. If not specified, it defaults to UTF-8. |
|
• |
Maximum Match Count: The maximum number of records the agent can read during one collection interval. If the agent reaches the number of records before the end of the file, it continues to read the remainder of the file during the next collection interval, and so on. |
|
• |
Max Processing Time(s): The amount time in seconds the agent can spend on reading all log files in one collection cycle while being connected to the remote host. |
This value should be equal to or less than the Operation Timeout value in the Hosts list. For more information, see Monitored Hosts.