question

Bixby-1953 avatar image
0 Votes"
Bixby-1953 asked Bixby-1953 commented

Unix log file monitoring tests correctly, but does not generate an alert?

We are running SCOM 2019 UR2

I'm using the MS documentation to create a logfile monitor for Unix/Linux servers. -
https://docs.microsoft.com/en-us/system-center/scom/unix-linux-logfile?view=sc-om-2019

I created the monitor and successfully tested for the text, "Error". The test shows a green check as successful.
Our Linux admins even check the log and there are instances of the word "error" in the log.

But for some reason SCOM never creates an alert?

The Linux admins even cleared the log, created a new "error", and still no alert?

I applied the monitor to a single server and it did not work. I even created a group, added the single server to the group, applied the group to the monitor and still no alert?

I must me doing something wrong.

has anyone experienced this issue and if so, what was your fix? Any suggestions as to what I am doing wrong?

Thank you in advance for any assistance with this frustrating instance.

msc-operations-manager-generalmsc-operations-manager-linux
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

AlexZhu-MSFT avatar image
0 Votes"
AlexZhu-MSFT answered Bixby-1953 commented

Hi,

The UNIX/Linux log file monitor cannot handle wildcards. The log file name must be fixed, that is, we can only monitor a single file. Do we monitor multiple files, if so, it may not work.

The monitors created from out-of-box template have the following limitations and we may check if all the conditions are met.

It only works well with certain behavior of the log file
It only works with one log file
It doesn't actually suppress alerts corresponding to entries logged during maintenance mode; the alerts come anyhow soon after maintenance window ends


Alex
If the response is helpful, please click "Accept Answer" and upvote it.

· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi,

It seems there is no update for a couple of days. May we know the current status of the problem? Or is there any other assistance we can provide?

Regards,

Alex
If the response is helpful, please click "Accept Answer" and upvote it.

0 Votes 0 ·

Thank you, Alex!

0 Votes 0 ·