DX Unified Infrastructure Management

Dear community, could someone guide me with the use of the logmon variable of the "Match Expression" type? The documentation is not very clear.

hi Jose,

i have just been working on this and found this: https://knowledge.broadcom.com/external/article/233742/using-regex-in-variables-for-the-logmon.html which helped me a lot.

The Match Expression relates to the expression used is the Standard tab to identify the message. However, in that expression you must use groups (basically a match surrounded with brackets()) and the number should relate to the group value you want to use, so if you have 3 groups in your expression but the value you want is the second, make sure the value is 2 (beside Character Position).

Here is an example i used with one group: /Currently established client connections <.*?>\s*<.*?>(\d*)/

Note: Ignore the alarming, this is an example for RegEx usage

Now in the Variable Setting, select the Match Expression and use the number 1 for the group i created:

The Expected Value can be used on the value extracted.

A good place to test RegEx is regex101.com, select PCRE as this is the type used for logmon, do not use any modifiers (gm etc.) as they aren't used in logmon. Paste in your test string, then work on your regex including a group, these will be highlighted to you on the right-hand side:

Thanks,

Steve

Dear community, could someone guide me with the use of the logmon variable of the "Match Expression" type? The documentation is not very clear.

Thank you for the statement, only one when you apply "Expected Value"

hi Jose,

i have just been working on this and found this: https://knowledge.broadcom.com/external/article/233742/using-regex-in-variables-for-the-logmon.html which helped me a lot.

The Match Expression relates to the expression used is the Standard tab to identify the message. However, in that expression you must use groups (basically a match surrounded with brackets()) and the number should relate to the group value you want to use, so if you have 3 groups in your expression but the value you want is the second, make sure the value is 2 (beside Character Position).

Here is an example i used with one group: /Currently established client connections <.*?>\s*<.*?>(\d*)/

Note: Ignore the alarming, this is an example for RegEx usage

Now in the Variable Setting, select the Match Expression and use the number 1 for the group i created:

The Expected Value can be used on the value extracted.

A good place to test RegEx is regex101.com, select PCRE as this is the type used for logmon, do not use any modifiers (gm etc.) as they aren't used in logmon. Paste in your test string, then work on your regex including a group, these will be highlighted to you on the right-hand side:

Thanks,

Steve

Dear community, could someone guide me with the use of the logmon variable of the "Match Expression" type? The documentation is not very clear.

hi Jose,

Thank you for the statement, only one when you apply "Expected Value"

hi Jose,

i have just been working on this and found this: https://knowledge.broadcom.com/external/article/233742/using-regex-in-variables-for-the-logmon.html which helped me a lot.

The Match Expression relates to the expression used is the Standard tab to identify the message. However, in that expression you must use groups (basically a match surrounded with brackets()) and the number should relate to the group value you want to use, so if you have 3 groups in your expression but the value you want is the second, make sure the value is 2 (beside Character Position).

Here is an example i used with one group: /Currently established client connections <.*?>\s*<.*?>(\d*)/

Note: Ignore the alarming, this is an example for RegEx usage

Now in the Variable Setting, select the Match Expression and use the number 1 for the group i created:

The Expected Value can be used on the value extracted.

A good place to test RegEx is regex101.com, select PCRE as this is the type used for logmon, do not use any modifiers (gm etc.) as they aren't used in logmon. Paste in your test string, then work on your regex including a group, these will be highlighted to you on the right-hand side:

Thanks,

Steve

Dear community, could someone guide me with the use of the logmon variable of the "Match Expression" type? The documentation is not very clear.

Thank you for your reply, I have tried to view the images in different browsers but they do not display. Could you attach those images please?

hi Jose,

Thank you for the statement, only one when you apply "Expected Value"

hi Jose,

i have just been working on this and found this: https://knowledge.broadcom.com/external/article/233742/using-regex-in-variables-for-the-logmon.html which helped me a lot.

The Match Expression relates to the expression used is the Standard tab to identify the message. However, in that expression you must use groups (basically a match surrounded with brackets()) and the number should relate to the group value you want to use, so if you have 3 groups in your expression but the value you want is the second, make sure the value is 2 (beside Character Position).

Here is an example i used with one group: /Currently established client connections <.*?>\s*<.*?>(\d*)/

Note: Ignore the alarming, this is an example for RegEx usage

Now in the Variable Setting, select the Match Expression and use the number 1 for the group i created:

The Expected Value can be used on the value extracted.

A good place to test RegEx is regex101.com, select PCRE as this is the type used for logmon, do not use any modifiers (gm etc.) as they aren't used in logmon. Paste in your test string, then work on your regex including a group, these will be highlighted to you on the right-hand side:

Thanks,

Steve

Dear community, could someone guide me with the use of the logmon variable of the "Match Expression" type? The documentation is not very clear.

hi Jose,

Here is the definition of the alarm in the watcher rule:

The alarm definition is done in the Variable and this causes the alarm to fire:

Here is the alarm created:

Thanks,

Steve

Thank you for your reply, I have tried to view the images in different browsers but they do not display. Could you attach those images please?

hi Jose,

Thank you for the statement, only one when you apply "Expected Value"

hi Jose,

i have just been working on this and found this: https://knowledge.broadcom.com/external/article/233742/using-regex-in-variables-for-the-logmon.html which helped me a lot.

The Match Expression relates to the expression used is the Standard tab to identify the message. However, in that expression you must use groups (basically a match surrounded with brackets()) and the number should relate to the group value you want to use, so if you have 3 groups in your expression but the value you want is the second, make sure the value is 2 (beside Character Position).

Here is an example i used with one group: /Currently established client connections <.*?>\s*<.*?>(\d*)/

Note: Ignore the alarming, this is an example for RegEx usage

Now in the Variable Setting, select the Match Expression and use the number 1 for the group i created:

The Expected Value can be used on the value extracted.

A good place to test RegEx is regex101.com, select PCRE as this is the type used for logmon, do not use any modifiers (gm etc.) as they aren't used in logmon. Paste in your test string, then work on your regex including a group, these will be highlighted to you on the right-hand side:

Thanks,

Steve

Dear community, could someone guide me with the use of the logmon variable of the "Match Expression" type? The documentation is not very clear.

Dear community, could someone guide me with the use of the logmon variable of the "Match Expression" type? The documentation is not very clear.