我需要使用正则表达式在日志文件中查找字符串,然后将输出发送到 Zabbix 监控服务器以在需要时触发触发器。 例如,这是日志文件的一部分:
===== Backup Failures =====
Description: Checks number of studies that their backup failed
Status: OK , Check Time: Sun Oct 30 07:31:13 2022
Details: [OK] 0 total backup commands failed during the last day.
===== Oracle queues =====
Description: Count Oracle queues sizes. The queues are used to pass information between the applications
Status: OK , Check Time: Sun Oct 30 07:31:04 2022
Details: [OK] All queues have less than 15 elements.
===== Zombie Services =====
Description: Checks for zombie services
Status: Error , Check Time: Sun Oct 30 07:31:30 2022, Script: <check_mvs_services.pl>
Details: [CRITICAL] 1 missing process(es) found. Failed killing 1 process(es)
===== IIS Application Pools Memory Usage =====
Description: Checks the memory usage of the application pools that run under IIS (w3wp.exe)
Status: OK , Check Time: Sun Oct 30 07:32:30 2022
Details: [OK] All processes of type w3wp.exe don't exceed memory limits
===== IIS Web Response =====
Description: Checks that the web site responds properly
Status: OK , Check Time: Sun Oct 30 07:32:34 2022
Details: [OK] All addresses returned 200
我需要找到所有监控项目及其结果。 如果结果不正常,Zabbix 触发器应该发送警报。
我发现Zabbix可以使用类似的命令处理日志文件监控,但首先需要在日志文件中查找字符串:
log[/path/to/the/file,"regex expression",,,,]
在此示例中,我相信 Zabbix 应该可以找到这些项目:
===== Backup Failures =====
Details: [OK] 0 total backup commands failed during the last day.
===== Oracle queues =====
Details: [OK] All queues have less than 15 elements.
===== Zombie Services =====
Details: [CRITICAL] 1 missing process(es) found. Failed killing 1 process(es)
===== IIS Application Pools Memory Usage =====
Details: [OK] All processes of type w3wp.exe don't exceed memory limits
===== IIS Web Response =====
Details: [OK] All addresses returned 200
您能建议如何实现这个解决方案吗?
对于任何帮助,我将不胜感激。
提前致谢。
您可以做一件事,使用 logtail 将所有错误记录在一个文件中。 然后您可以使用此文件将日志发送到 zabbix 并在 zabbix 中设置警报。
为此,您可以做一件事,制作不同的脚本来使用 logtail 监视日志文件。然后,如果在特定日志文件中发现错误,则仅将错误重定向到另一个文件
[ 就像 logtail -F /var/log/mysql/error.log | grep -i '错误' > /tmp/mysql_error.txt].
从 zabbix 中使用 key 读取错误文件。