{"id":1187,"date":"2009-12-21T00:45:40","date_gmt":"2009-12-20T22:45:40","guid":{"rendered":"http:\/\/contoso.se\/blog\/?p=1187"},"modified":"2010-09-01T12:16:43","modified_gmt":"2010-09-01T10:16:43","slug":"reading-a-logfile-with-a-3-state-monitor","status":"publish","type":"post","link":"http:\/\/contoso.se\/blog\/?p=1187","title":{"rendered":"Reading a logfile with a 3 state monitor"},"content":{"rendered":"

If you build a monitor to monitor a logfile, Operations Manager will remember which line it was reading last. Operations Manager will only look for new keyword below that line, it will not read the whole file again. I did a lot of tests with logfile monitoring, read more about them here<\/a>. If you need to get Operations Manager to read the whole logfile each time, you can use a scrip like this:<\/p>\n

\u00c2\u00a0
\nConst ForReading = 1
\nSet oAPI = CreateObject(“MOM.ScriptAPI”)
\nSet oBag = oAPI.CreatePropertyBag()<\/p>\n

Set objFSO = CreateObject(“Scripting.FileSystemObject”)
\nSet objTextFile = objFSO.OpenTextFile _
\n(“c:\\temp\\file.txt”, ForReading)<\/p>\n

Do Until objTextFile.AtEndOfStream
\nstrText = objTextFile.ReadLine<\/p>\n

varWarPos = Instr(strText, “Warning”)
\nIf varWarPos > 0 Then
\nvarStatus = “Warning”
\nvarLine = strText
\nEnd If<\/p>\n

varCriPos = Instr(strText, “Critical”)
\nIf varCriPos > 0 Then
\nCall oBag.AddValue(“Line”, strText)
\nCall oBag.AddValue(“Status”,”critical”)
\nCall oAPI.Return(oBag)
\nWscript.Quit(0)
\nEnd If<\/p>\n

Loop
\nobjTextFile.Close<\/p>\n

If varStatus = “Warning” Then
\nCall oBag.AddValue(“Line”, varLine)
\nCall oBag.AddValue(“Status”,”warning”)
\nCall oAPI.Return(oBag)
\nWscript.Quit(0)
\nElse
\nCall oBag.AddValue(“Status”,”ok”)
\nCall oAPI.Return(oBag)
\nEnd If<\/p><\/blockquote>\n

This script will read the file (c:\\temp\\file.txt) line by line. The script is looking for two keywords in the logfile, “Warning” and “Critical”. If there is a “Critical” in a line the script will send back a bag with status=Critical and the script will stop. If there is a “Warning” in the line the script will continue, as there might be a “critical” somewhere too. If there was only “Warning” the script will send back status=Warning. If there was no “Warning” or “Critical” the script will send back status=ok.<\/p>\n

If there is a “Warning” or “Critical” the script will also put that line into a bag, and send it back to Operations Manager. You will see this line in the alert description. To use this script, you can configure a monitor like this:<\/p>\n