Defining Monitored Files

<< Click to Display Table of Contents >>

Navigation:  Monitoring with EventSentry > Log File Monitoring >

Defining Monitored Files

Once you have created a file definition for your delimited file, or, if you are monitoring non-delimited files, you can configure the actual files that are to be monitored. EventSentry supports variables and wildcards for log files that include dynamic strings such as date, time and sequence numbers.

 

When adding a new file, you will be required to point to the path of the log file (variables and wildcards are supported), enter a unique name for the log file and specify whether the file is delimited (including a file type) or non-delimited.

 

To create a new or edit an existing file definition, right-click the Log File Packages container and select Files and Files Types. The Files area will show you all currently configured files and allow you to specify new files.

 

Monitoring a new log file

Click the Add button to bring up the Add / Edit File to Monitor dialog.

 

clip0140

 

Name

Specify a descriptive name for the log file. For example, enter Firewall Log File if you are monitoring the log file of your firewall.

 

File Definition

If you are monitoring a non-delimited file, check the Non-Delimited checkbox. Otherwise, select the file definition from the pull-down menu. If a suitable definition is not in the list, then you will have to create a new file definition.

 

Path

Specify the full path to the log file. Since log files usually include dynamic strings such as the current date, file etc., you can include variables and/or wildcards in the path name. The following variables and wildcards are supported:

 

Character/Name

Type

Description

*

Wildcard

matches zero or more characters

?

Wildcard

matches a single character

$YEAR

Variable

4-digit year

$YEARSHORT

Variable

2-digit year

$MONTH

Variable

2-digit month

$DAY

Variable

2-digit day

$HOUR

Variable

2-digit hour (24 hour format)

$MINUTE

Variable

2-digit minute

 

Since you can use both wildcards and variables, you can often specify the file name of your log files in two different ways - either with by using wildcards or by using variables. See the table below for examples on how to map file names:

 

Filename

Filename

Filename

Filename

ntbackup01.log

ex070501.log

ex070501.log

20070110232333 Mar 15, 2007 12.33 PM.txt

ntbackup02.log

ex070502.log

ex070502.log

20070340242343 Mar 16, 2007 12.35 PM.txt

ntbackup03.log

ex070503.log

ex070503.log

20070139619433 Mar 15, 2007 12.37 PM.txt

ntbackup*.log

ex$YEARSHORT$MONTH$DAY.log

ex*.log

$YEAR*$DAY, $YEAR*.txt

 

As can be seen from the 2nd and 3rd column, the log file name can sometimes be specified in different ways.

 

Include Subdirectories

File in sub directories can be monitored by checking this box. When monitoring files in sub directories, the path can be specified in a variety of ways:

 

Path

Files Monitored

C:\LogFiles\*.log

Monitors all files with the .log extension in the C:\LogFiles folder as well as sub directories

C:\LogFiles\*\*.log

Monitors all files with the .log extension in any sub directory of the C:\LogFiles folder (and not in the main C:\LogFiles folder)

C:\inetpub\logs\LogFiles\W3SVC*\u_*.log

Monitors all files which match the u_*.log pattern in any sub directory of C:\inetpub\logs\LogFiles which matches the W3SVC* pattern.

 

Notes

You can use notes to specify what application generates the log file or other descriptions.