NetXMS Support Forum

Hi

Hopefully someone can help me understand what is going wrong.

I'm trying to monitor a log file for changes using logwatch.

The logfile is one i'm creating using dos rasdial to connect to a vpn and do certain tests, so log format is:

14-12-2009 13:05:00,19
Connecting to BDO PPTP...
Verifying username and password...
Registering your computer on the network...
Successfully connected to BDO PPTP.
Command completed successfully.


Pinging 10.1.25.1 with 32 bytes of data:



Request timed out.

Reply from 10.1.25.1: bytes=32 time=90ms TTL=128

Reply from 10.1.25.1: bytes=32 time=34ms TTL=128

Reply from 10.1.25.1: bytes=32 time=34ms TTL=128



Ping statistics for 10.1.25.1:

    Packets: Sent = 4, Received = 3, Lost = 1 (25% loss),

Approximate round trip times in milli-seconds:

    Minimum = 34ms, Maximum = 90ms, Average = 52ms



Pinging 10.1.1.1 with 32 bytes of data:



Request timed out.

Reply from 10.1.1.1: bytes=32 time=34ms TTL=63

Reply from 10.1.1.1: bytes=32 time=34ms TTL=63

Reply from 10.1.1.1: bytes=32 time=34ms TTL=63



Ping statistics for 10.1.1.1:

    Packets: Sent = 4, Received = 3, Lost = 1 (25% loss),

Approximate round trip times in milli-seconds:

    Minimum = 34ms, Maximum = 34ms, Average = 34ms

Command completed successfully.

then i'm using logwatch and try to look for changes, but so far all i can catch is the ping failure, maybe my regex code is wrong?

<parser processAll="0">
<file>c:\netxms\bdo_pptp_vpn_log.txt</file>
<macros>
<macro name="timestamp">[0-9]{2}-[0-9]{2}-[0-9]{2} [0-9]{2}:[0-9]{2}</macro>
</macros>
<rules>
                <rule break="1">
<match>^(?=.*?\connection\b)(?=.*?\cannot\b)(?=.*?\completed\b).*$</match>
<event>100009</event>
</rule>
                <rule break="1">
<match>^(?=.*?\computer\b)(?=.*?\not\b)(?=.*?\respond\b).*$</match>
<event>100010</event>
</rule>
<rule break="1">
<match>Request timed out.</match>
<event>100008</event>
</rule>
        </rules>
</parser>