We have a need to monitor an application log file. When we see the same alert X number of times in a row we would like to get an alert. How can we setup the logmon probe to do this?

• UIM 9.02 or higher
• logmon probe 4.10 or higher

1) Create a watcher profile to find the match you are looking for.
2) Set up a QOS variable.
3) Setup QOS to count matches. (Select Count Matches option for QOS).
4) Set up the alarm to send when matches is greater than or equal to X ( Where X is the number of matches you want to alarm on)
5) Then in nas setup a preprocessing rule to exclude the original logmon alarm.

Without the last step, you will end up with two alarms, one for the match of the watcher profile and then a second one for the match count being greater.