I am trying to monitor syslog messages.  I added the regular expressions into sysedge.cf but when I send testing messages it looks like my patterns in sysedge.cf are not working.

Release : 12.9

Component : VPM GENERAL

• You need to ensure your syntax is 100% correct within the sysedge.cf file or the regex will not work correctly.

• The following is the correct syntax for a log file monitor that used advanced regex\pattern matching:

watch logfile 8 0x0 'C:\Program Files\CSCOpx\log\syslog.log' '\W*(LOG_LOCAL7-2-SYSTEM_MSG)\W* \[\w*\d*\]\[\W*(raised)\W*\]\[\w*\-\w*\]\[\W*(critical)\W*\]' syslog '' 1 none

• The above regex is using PCRE so you need to ensure PCRE is enable on the agent as defined within the sysedge.cf:

use_pcre