I am having a issue with Monits content check. I know I can check the log file like this
check file test.log with path logs/test.log
if not match "something" for 5 cycles then alert
But the log file has so many variables and its growing really fast so it alerts me on every line. The problem I am having is that I need to ignore everything else. I know I can do it with ignore variable in monit check content, but that wont help me because there are numbers that change every second. I need a way to check this log file out, the file size and timestamp won't help me because if database is lost the log file still is growing because it gives me the error database has gone away. Now I need a way to monitor it so I know that my messages are going to users. Does anyone have a good solution for this. I really need it.
Best Answer
The partial fix for this is to anchor your search.
Or maybe polish your Regex or search a better or more representative string. Can you add application logs that can present fault conditions more clearly?
You're basically searching for something of this frequency with "If it doesn't happen for 5 cycles (5 minutes), then alert me", maybe a better approach is a general inactivity log monitor. Monit may not be the solution.