Hi, I am after some advice please.
Monitoring a Unix/Linux logfile using a 2 stage event reset > log files > text log monitor.
Same log file for both expressions.
First expression contains SCOM ERROR
Second expression Contains SCOM CLEAR
It alerts on first expression but doesn't go critical, it also alerts on second expression but doesn't clear the alert.
I think it is down to the "Parameter Name" building the first and second expressions.
What should I have as the "Parameter Name" it is finding my value though.
Basically I am reading a log file. I want to alert when log contains SCOM ERROR DISK1 OUT OF SPACE for example and then clear the alert when log contains SCOM CLEAR DISK1 OUT OF SPACE.
Any help appreciated.
Microsoft is conducting an online survey to understand your opinion of the Technet Web site. If you choose to participate, the online survey will be presented to you when you leave the Technet Web site.
Would you like to participate?