Use and configure variables in logmon probe profiles

Products

DX Unified Infrastructure Management (Nimsoft / UIM) Unified Infrastructure Management for Mainframe CA Unified Infrastructure Management SaaS (Nimsoft / UIM) CA Unified Infrastructure Management On-Premise (Nimsoft / UIM)

Issue/Introduction

This is a simple example for reference and very useful when you're trying to leverage the use of variables in logmon for alarm messages, with the most relevant data. Once you define the variables then the values for those variables can be used/reflected within the alarm message.

Environment

DX UIM, Any version

logmon v3.91 or higher

Cause

- logmon variables guidance

- logmon variable usage - thresholds and alarms

Resolution

Use of variables in logmon alarms

You just need to examine the file/log, identify the column positions where you want to grab values then create variables with a corresponding name, e.g., version for version information. Then define the variable for example:

Name
Version

Source
7

Expect
=

Value
3.3

Then choose a field separator or leave it as whitespace (the default).

Then the variable will be available for the Watcher rule->"Message to send on match" when you type in a dollar sign ($).

The variable will be available for use in the messages, e.g., $Version. They can also be pre-configured in the raw config file if you know what you want ahead of time.

Here is an example:

Log message-> May 20 00:53:26 error Men and Mice Central: [1212 loadConnectionInfo] Unable to connect to the server "<example.com>.".

Count the number of columns for the log entry to the desired column-value, use that Column position and rt-click to test the logmon profile results to see if the 'Expected string is located.'

If not you may have to adjust the column position.

In this particular case, upon examination of the monitored log, column 17 contained the server name.

It sometimes helps to copy and paste the log entry into Excel to count the columns, test the results, and then adjust the column number.

During testing, use 'cat' mode, and then once it works as expected, you can simply set the desired logmon mode, e.g., updates.

Here is the simple resultant logmon alarm when the server string is found.

Note that the variable value for the server above can remain empty if you don't need to configure that with a specific value.

And just in case....file formatting is different:

The logmon probe is currently not capable of reading multiple formats within a single file. The probe is not designed to handle non-ASCII characters, that the monitored logfile could have in one file.

See also:

https://techdocs.broadcom.com/us/en/ca-enterprise-software/it-operations-management/ca-unified-infrastructure-management-probes/GA/monitoring/systems-and-service-response/logmon-log-monitoring/logmon-log-monitoring-release-notes.html

Supported Locales:
For logmon version 3.42 and later, the probe supports the following encoding files for various locales:

Note: Localization is supported only on Windows and Linux systems.

Important! Do not use the Raw Configuration GUI when the probe is deployed in a non-English locale.

Encoding Name
UTF-8 Unicode (UTF-8)
UTF-16BE UnicodeBigUnmarked
UTF-16LE UnicodeLittleUnmarked
Shift_JIS Japanese (Shift-JIS)
ISO-2022-JP Japanese (JIS)
ISO-2022-CN Chinese(ISO)
ISO-2022-KR Korean (ISO)
GB18030 Chinese Simplified (GB18030)
GB2312 Chinese Simplified (GB2312)
Big5 Chinese Traditional (Big5)
EUC-JP Japanese (EUC)
EUC-KR Korean (EUC)
ISO-8859-1 Western European (ISO)
ISO-8859-2 Central European (ISO)
windows-1250 Central European (Windows)
windows-1252 Western European (Windows)

Additional Information

logmon AC configuration

logmon hints and examples

Note that when using a variable if the value fetched doesn't change/remains static and doesn't reflect the current value fetched, you may have to add a suppression key.