by Limsys at 2013-04-22 23:27:59
I was engaged to help my lead to do a monitoring using a task scheduler that runs a powershell script that checks application logs. What the script particualry needs to do is to search within those log files for a string, that is "jvm_bind". Unfortunately our logs size is more than 1GB but less than 5GB. We do not have a clue on where to start on this. Aside for the script that monitors the logs being generated for a particular string, there is this other powershell scipt to write in the eventlogs once it sees a log generated by the other script that found a string match within the application logs.
We hope you can help us on this.
by mjolinor at 2013-04-23 02:35:33
How many log files are there?
Is >1GB but >5GB per file, or for the whole collection?
by Limsys at 2013-04-23 21:38:11
Log files are generated on a daily basis. We have more than one application generating this kind of log. For one location we have 12 application logs to monitor. Log sizes ranges from 1GB to 5GB per file.
by mjolinor at 2013-04-24 03:47:09
What's your expectaton on time-to-alert once that string appears on one of those log files?
by Limsys at 2013-05-02 19:28:51
My expectations will be the PS to write an event log when it sees the string in the logs generated by the app. Then we 3rd party monitoring tool to capture the event id and eventually alerts us of the app error.
by mjolinor at 2013-05-02 20:28:11
[quote]My expectations will be the PS to write an event log when it sees the string in the logs generated by the app. Then we 3rd party monitoring tool to capture the event id and eventually alerts us of the app error.[/quote]
I understand that.
There's a couple of different ways to do this. An event-drive script will be much more complex to code but may be able to get the events written to the windows event log sooner. A poll driven script will have more latency, but will be considerably easier to code. That latency can be reduced by multi-threading, but that will also add some complexity to the script and consume additional system resources.
Pick your poison.