Creating search criteria
You create the search criteria phrases to be accessed by and shared among several log file monitors from the Fathom library. These search criteria phrases, along with the severity level and alert detail you define, are the rule properties you use to create log file resource monitor rules and rule sets.
You can use the search criteria that you create and store at the library level in multiple log file monitors simultaneously. You can also share search criteria by exporting it from or importing it to other machines. For details about importing and exporting search criteria, see Chapter 9, "Exporting and Importing in Fathom."
Within your work environment, it is likely important for you to know when a database is unexpectedly down. Perhaps the effectiveness of your company's operations have suffered lately due to unplanned database down time. Obtaining information from the log file about these events could help you better research the issue.
To help you assess what might be happening, you can set up a literal search for the words database down. Once you enable the search against the log file, Fathom checks the file for an occurrence of the phrase, based on your polling cycle, and reports on its findings.
You must provide values for the Search Type and the Search Text fields on the Create Search Criterion page. The Search Type is a drop-down list. Depending on the type of expression you enter in the Search Type field, select either the literal search string or Perl 5 regular expression option. In the Search Text field, you enter the specific value for the type of expression you selected.
Another example of a literal text string you might search for in a log file is abnormal shutdown. A search based on this value yields a match only if the exact expression abnormal shutdown is found in the file. In contrast, a Perl 5 regular expression search supports a variety of notations that you can use for pattern matching, potentially yielding broader search results.
Note: The Search Text field does not impose any length limits on your entry. However, for practical reasons, you might want to limit the length. Also, keep in mind that the Search Text field is case sensitive.
To create a search criterion:
- Select Library from the menu bar and click Create Search Criteria. The Create Search Criterion Monitor page appears:
![]()
- In the Criterion Properties section, enter a value in the Name field. The search name can be a maximum of 32 characters, and it must not contain spaces between words, or use special characters such as an asterisk (*), an ampersand (&), or a period.
- Enter a description in the Description field.
- In the Search Text field, enter the search string you want the log file resource monitor to look for in the log file. The entry must be consistent with the type of search you are performing.
- In the Search Type field, select either Literal Search or Regular Expression. See the "Specifying search criteria" section for a detailed description of these search types.
- Store this search criterion in a Search Criteria category by choosing either:
- Use Existing Category — From Category, scroll through the list of Fathom predefined categories and select one. The list includes these categories: AppServer Broker, AppServer Server, Database, Miscellaneous, NameServer, WebSpeed Broker, and WebSpeed Server.
- Use New Category — In the Category field, use the predefined misc category, or enter the name of a new category.
The search criterion is now available from the list frame. You can display it from the category to which you assigned it.- Click Save to save this search criterion.
- Repeat these steps for each additional criterion you want to create.
Using Perl 5 expressions to create search criteria
Table 7–1 identifies some Perl 5 regular expressions you can use. Similarly, Table 7–2 suggests specific examples based on this notation.
Table 7–2 provides some examples based on the Perl 5 regular expressions identified in Table 7–1.
Selecting search criteria to define a local rule
Adding and defining a rule requires you to select search criteria and to associate severity and alert information with it.
To add a rule to a log file monitor:
- On the Edit Monitoring Plan page, click Add Rule. The Create Log File Rule Monitor page appears:
![]()
- From Choose Criteria Category, select the category in which the search criteria you want to use is defined.
The search text automatically appears in the Criterion Search Text field, and a description automatically appears in the Search Criterion Description field.- From Choose Search Criteria, display all currently defined search criteria for the category previously selected and select a search criteria.
- From Severity, select the level of severity you want to set.
- From On Alert Perform Action, select the action you want Fathom to perform when an alert is triggered.
- Click Save. The Monitoring Plan page reappears and includes the new rule:
Note the following points concerning individual rules that you add to a log file monitor resource:
![]()
- Individual rules display in alphabetical order and appear in the list before rule sets.
- Each rule appears with an associated resource status indicator.
- You can click any rule to display summarized details about it.
- You must explicitly create an individual rule to add it to the rule set; an individual rule is not directly available for use in any rule set.
- Choose one:
- If you want to add rule sets, see the "Associating rule sets with log file monitors" section for details.
- If you are done adding rules, click Done. The Log File Monitor summary page appears, displaying any rules and rule sets selected for a log file monitor.
Copyright © 2004 Progress Software Corporation www.progress.com Voice: (781) 280-4000 Fax: (781) 280-4095 |