Previous Topic: edgewatch Commands for Log File MonitoringNext Topic: Remove Log Monitoring Entries

CA SystemEDGE User GuideLog File Monitoringedgewatch Utility--Monitor Log Filesedgewatch Examples

edgewatch Examples

This section provides examples for using the edgewatch utility with SNMP versions 1, 2c, and 3.

Example: List Entries in Log Monitor Table

The following example displays the contents of the Log Monitor table:

edgewatch -v 1 -h 127.0.0.1 -c public -o logfile list

edgewatch -v 2c -h fe80::2367:1 -c public -o logfile list

edgewatch -v 3 -s 3 -u userName -x privPassword -X encryptProtocol -A authProtocol -a authPassword -o logfile list

Add a Log Monitor Entry

The following example instructs the agent to add an entry to the Log Monitor table at table index 5 to search for su failures on an HP-UX system. The agent runs the script /local/bin/mail2admin when it finds a match.

edgewatch -v 1 -h 127.0.0.1 -c private -o logfile add 5 0x00 /usr/adm/sulog "SU.* -" "su attempt - WARNING" "/local/bin/mail2admin" 1

edgewatch -v 2c -h fe80::2367:1 -c private -o logfile add 5 0x00 /usr/adm/sulog "SU.* -" "su attempt - WARNING" "/local/bin/mail2admin" 1

edgewatch -v 3 -h fe80::2367:1 -s 3 -u userName -A authProtocol -a authPassword -X encryptProtocol -x privPassword -o logfile add 5 0x00 /usr/adm/sulog "SU.* -" "su attempt - WARNING" "/local/bin/mail2admin" 1

Example: Delete a Log Monitor Entry

The following example deletes an entry from the Log Monitor table at table index 5:

edgewatch -v 1 -h 127.0.0.1 -c private -o logfile delete 5

edgewatch -v 2c -h fe80::2367:1 -c private -o logfile delete 5

edgewatch -v 3 -h 127.0.0.1 -s 3 -u userName -A authProtocol -a authPassword -X encryptProtocol -x privPassword -o logfile delete 5

Example: Disable a Log Monitor Entry

The following example disables the Log Monitor table entry at table index 5 by setting that entry's status to notInService(2). The entry will remain in the table, but the agent will not scan the log file for the regular expression unless the status returns to active (1).

edgewatch -v 1 -h 127.0.0.1 -c private -o logfile setstatus 5 notInService

edgewatch -v 2c -h fe80::2367:1 -c private -o logfile setstatus 5 notInService

edgewatch -v 3 -h 127.0.0.1 -s 3 -u userName -A authProtocol -a authPassword -X encryptProtocol -x privPassword -o logfile setstatus 5 notInService