logfile = logmon.log
debug = 5
logsize = 100
cfg_ver = 2
format_interval = 1
severity = 5
commOnRunThreads = 100
winDefaultEncoding = UTF-8
standard_static_threshold = false
active = yes
interval = 5 sec
scanfile = /appdata1/HTTPServer/logs/access_log.%Y.%m.%d
fileencoding = UTF-8
scanmode = full
alarm = yes
qos = no
message = no
subject =
user =
resetFile = no
initialfileptr = 2
resumefileptr = 4
command_timeout_active = no
command_timeout =
command_severity = 2
command_timeout_alarm = 0
alarmFOpenFail = no
clearFOpenFailRestart = no
monitor_exit_code = No
max_alarm_sev = 5
max_alarms =
max_alarm_msg =
password =
reccur_directory = no
reccur_directory_level = 10
active = no
match = *20*
level = critical
subsystemid =
message = Matches
i18n_token =
restrict =
expect = no
abort = no
sendclear = no
count = no
separator =
suppid =
source =
target =
qos =
runcommandonmatch = no
alarm_on_first_match = no
commandexecutable =
commandarguments =
pattern_threshold_severity = information
pattern_threshold_message =
timeout = 1
pattern_threshold =
expect_message =
expect_level =
regexfromexternalfile = no
patternfilepath =
token =
variable_threshold =
variable_threshold_message =
variable_threshold_severity = information
variable_threshold_supp =
active = yes
match = *20*
level = critical
subsystemid =
message = Error
i18n_token =
restrict =
expect = no
abort = no
sendclear = no
count = no
separator =
suppid =
source =
target =
qos =
runcommandonmatch = no
alarm_on_first_match = no
commandexecutable =
commandarguments =
pattern_threshold_severity = information
pattern_threshold_message =
timeout = 1
pattern_threshold =
expect_message =
expect_level =
regexfromexternalfile = no
patternfilepath =
token =
variable_threshold =
variable_threshold_message =
variable_threshold_severity = information
variable_threshold_supp =
active = no
scanfile = rdb_short.log
scanmode = cat
alarm = yes
start = /^\*+\s+$/
end = blankline
start = /^(Mon|Tue|Wed|Thu|Fri|Sat|Sun) .*/
end = /^(\s+$|\*+\s+$)/
start = /^(Mon|Tue|Wed|Thu|Fri|Sat|Sun) .*/
end = /^(Mon|Tue|Wed|Thu|Fri|Sat|Sun) .*/
match = *RDB error*
message = $src : $msg,$msg2
i18n_token = as#system.logmon.rdb_errors
definition = 1/7
definition = 2/1-
definition = 4/1-
match = *[Ee][Rr][Rr][Oo][Rr]*
message = $src : $msg
i18n_token = as#system.logmon.errors
definition = 1/7
definition = 2/1-
restrict = detect_db_start
message = $src : Database server started with $cfg
i18n_token = as#system.logmon.db_started
definition = 2/12
definition = 3/4
active = no
scanfile = my.log
scanmode = cat
alarm = yes
start = *(12345 |[Ll]ogfile)*
end = blankline
start = *Major *
end = /^\s+$/
match = *Error in extent*
match = *feil*
match = ^DB-lib error.*
separator = : | ": "
message = $msg ($rdb)
i18n_token = as#system.logmon.lib_error
level = warning
definition = 1/7
definition = 5/1-
active = no
scanfile = /var/adm/messagesx
scanmode = cat
alarm = yes
match = *[Ee][Rr][Rr][Oo][Rr]*
match = *[Jj]ukebox*
match = This must be here
expect = yes
message = Missing application heartbeat
i18n_token = as#system.logmon.expect_string
level = critical
case = yes
match = error
lines = 3
output = out.log
eval = perl out.eval out.log
message = Error in logfile.
i18n_token = as#system.logmon.external_eval
level = major
active = no
scanfile = sulog
scanmode = updates
alarm = yes
match = *[Hh]eartbeat*
expect = no
message = Missing heartbeat, it wasn't here
i18n_token = as#system.logmon.heartbeat_test
level = minor
match = /.* - .*-root.*/
message = Failed attempt to login as root $who
i18n_token = as#system.logmon.root_users
level = minor
definition = 2
definition = 6
active = no
subject = weblog
scanfile = weblog
scanmode = updates
match = *
message = $ip $msg
i18n_token = as#system.logmon.ip_msg_test
level = minor
definition = 1
definition = 2-
active = no
scanfile = C:\WINNT\drwtsn32.log
scanmode = updates
alarm = yes
active = yes
start = Application exception occurred:
end = blankline
lines = 0
active = yes
match =
level = major
subsystemid =
message = Application error at $When $App $Error
i18n_token = as#system.logmon.application_error
restrict = Exception
expect = no
abort = no
sendclear = no
count = no
separator =
suppid =
source =
target =
qos =
runcommandonmatch = no
alarm_on_first_match = no
commandexecutable =
commandarguments =
pattern_threshold_severity = information
pattern_threshold_message =
timeout = 1
pattern_threshold =
expect_message =
expect_level =
regexfromexternalfile = no
patternfilepath =
token =
variable_threshold =
variable_threshold_message =
variable_threshold_severity = information
variable_threshold_supp =
definition = 2/2
definition = 3/2-
definition = 4/4-
active = no
scanfile = /norman/win32/norman.rpt
scanmode = full
alarm = yes
active = yes
match = * -> *
level = major
message = Infected file: $infected
i18n_token = as#system.logmon.infected_file
expect = no
subsystemid = 1.1.16
definition = 5:
active = yes
match = /.*infections.*:(?! 0).*/
level = critical
message = $infections file(s) are virus infected !
i18n_token = as#system.logmon.infected_count
expect = no
separator = :
subsystemid = 1.1.16
definition = 2
active = no
interval = 60 sec
scanfile = ipconfig
scanmode = command
alarm = no
qos = yes
message = no
monitor_exit_code = No
max_alarm_sev = 5
max_alarms =
max_alarm_msg =
password =
active = yes
match = *
level = information
i18n_token =
expect = no
abort = no
sendclear = no
count = yes
qos =
runcommandonmatch = no
expect_message =
expect_level =
active = yes
interval = 5 sec
scanfile = /appdata1/ETCArchiveFiles/ExceptionFiles_Archive_02-03-18.log
fileencoding = UTF-8
scanmode = full_time
alarm = yes
qos = no
message = no
subject =
user =
reccur_directory = no
reccur_directory_level = 10
resetFile = no
initialfileptr = 2
resumefileptr = 4
command_timeout_active = no
command_timeout =
command_severity = 2
command_timeout_alarm = 0
alarmFOpenFail = no
clearFOpenFailRestart = no
monitor_exit_code = No
max_alarm_sev = 5
max_alarms = 1
max_alarm_msg =
password =
active = yes
match = *ETC*
level = critical
subsystemid =
message = Matches
i18n_token =
restrict =
expect = no
abort = no
sendclear = no
count = no
separator =
suppid =
source =
target =
qos =
runcommandonmatch = no
alarm_on_first_match = no
commandexecutable =
commandarguments =
pattern_threshold_severity = information
pattern_threshold_message =
timeout = 1
pattern_threshold =
expect_message =
expect_level =
regexfromexternalfile = no
patternfilepath =
token =
variable_threshold =
variable_threshold_message =
variable_threshold_severity = information
variable_threshold_supp =