Does Spectrum have log file monitoring to directly monitor files for specific words or phrases?

Document ID : KB000014826
Last Modified Date : 14/02/2018
Show Technical Document Details
Question:

Does Spectrum have log file monitoring to directly monitor files for specific words or phrases?

Answer:

1.      It is not possible to monitor files for words using Spectrum directly.

2.      However it is possible to do file system monitoring for words etc using Sysedge which could then send traps to Spectrum creating events / alarms

The following is taken from the Sysedge user guide:

The SystemEDGE agent lets you monitor UTF-8 encoded text files continuously for the appearance of user-specified regular expressions.

Log file monitoring provides a flexible solution for monitoring applications by monitoring the messages that the applications log.

This feature is also useful for security management; for example, you can configure the agent to monitor system log files for messages to notify you of possible security violations. You use the Log Monitor table to specify the file to monitor, regular expression to match, interval, action, severity, and other values. The agent automatically monitors the defined log file and sends a trap to the management system when it detects a regular expression match.

 

The log file specification may be a wildcard expression, which causes the agent to monitor the single, most recently updated log file matching this expression.