Does Prognosis have the ability to look at a log file on a Windows server and search for a specific string. I have an application that will write an error message which is the early warning that I want to get notified on.
we have few solutions that do log parsing, but there is nothing generic to cater for any log file. Prognosis can easily be extended to read the log file for specific error messages and populate a new record that can be used to trigger an alert.
If my reply answered your question please click on the 'Accept as Solution' button to help others find the answer. Thanks, Shoaib
An Analyst is a relatively efficient way to really parse apart logs and take actions upon them. We have a couple of solutions that are largely Analyst based. You can use thresholds too but Analysts have certain advantages as well.
If you want to pull in additional but similar log files we have EXTRACTORS, GENLOG Extended Solution, and also custom collectors we build.
If it is something like the Windows event log or Syslog it can be straight forward. Part of an analyst rule for example.
Ok, Analysts are a bit quirky to get used to without training and so I am sure you will have questions if you have not used them before. I'd suggest starting individual posts for each one. I am also working on some documentation updates to hopefully clarify several things that you might run into but not sure when those will get done exactly.
If my answer helped you today, please be sure to mark the resolved button to assist others.
Christopher R Souser - Solution Architect – MSci. PA, CISSP, ITIL.