SCOM 2007R2 – UNIX Text Log Monitoring

Overview:
One of the most common monitoring requirements in large complex environments is the monitoring of log files in the Unix environment for certain specific error statements or phrases or regular expressions.

In this demo, we will create a custom Unix log monitoring management pack that will cater to most of the log monitoring scenarios that we see in the market.

Functionality Improvements:

Below is the functionality that this management pack will provide :
1) The entire monitoring can be defined and controlled from a centrally located csv file
2) Log file names can contain regular expressions
3) Search string/phrases can contain regular expressions

Management Pack Components:

Below are the components in that comprise the management pack:

1) Custom classes:
a) Class that will be instantiated for each line in the config file
b) Class that will be instantiated once the actual log file is discovered
2) Discoveries:
a) Discovery to read the lines in the config file
b) Discovery to find the actual log files
3) Data Sources:
a) Discovery data source for the config file discovery
b) Discovery data source for the log files
c) Monitoring data source to monitor the log file and raise an alert
d) Data source to clean up byte tracking files
4) Rules
a) Rule to monitor the log file
b) Rule to clean up byte tracking files

For a step by step walkthrough of developing the management pack, please refer to
http://techordian.com/2012/08/25/unix-text-log-monitoring-in-scom-2007r2-part-1/
http://techordian.com/2012/09/10/scom-2007r2-unix-text-log-monitoring-part-2/
http://techordian.com/2012/09/10/scom-2007r2-unix-text-log-monitoring-part-3/
http://techordian.com/2012/09/10/scom-2007r2-unix-text-log-monitoring-part-4/

0 thoughts on “SCOM 2007R2 – UNIX Text Log Monitoring

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.