Hi,
I want to create a trigger based on a keyword in a log file. For example, trigger an alert whenever the word “error” passes in /var/log/someapplication.log.
I have to kindly move this topic up.
I think the current best practice is to use telegraf to do collection .
Telegraf 1.15 is about to release, and tail is the current best plugin for this
OK but how to generate alerts when there is a keyword written in the log like “Error”. I am already collecting data using tail plugin.
Where are you stuck, what have you tried?
Are you using a specific alert node? If matching on any occurance of the word error your alert node probably would need to use a regular expression match
https://docs.influxdata.com/flux/v0.65/stdlib/regexp/matchregexpstring/
1 Like
I actually haven’t tried anything I’m just searching. Thanks for the link, seems like a regexp match will be the way yet the link is for Flux, I couldn’t find something similar for Kapacitor.
