Menu

Configuration File

Les Peters

Configuration File Entries

The configuration file contains all the necessary information to properly run an instance of OmniCheck. Below is a list of the available entries, their use, and example values.

  • process

Mandatory: the unique name for this instance of OmniCheck. It is used as part of various filenames. Try to be descriptive of what is being monitored.

process: syslog
process: web-apps
  • home

Mandatory: the directory OmniCheck expects to find the rulefiles.

home: /app
home: /var/sfw/omnicheck
  • name

Mandatory: the name used when OmniCheck sends mails and pages. The mnemonic NODE can be used to represent the nodename of the host.

name: foobar
name: NODE
  • file

Mandatory: the file(s) that this instance/block of OmniCheck will monitor. This value can be any of the following:
a single file
a path to an executable program or script (prefaced with #!)
a fileglob matching multiple files
a filelist containing multiple files (prefaces with @)

file: /usr/adm/syslog/syslog.log
file: #!/bin/df -k
file: /app/logs/*.err
file: @/opt/omnicheck/file.list
  • oldfile

Recommended: the filename of the previous rotation of a single file listed in the file configuration file entry. OmniCheck will parse and data that was written to this file after the last run, but before the file was rotated. This feature only works when a single file is being monitored in the block.

oldfile: /usr/adm/oSYSLOG
oldfile: /app/omnicheck/logs/.old/process-a.err
oldfile: #!/app/omnicheck/bin/calc_oldfile_name.sh

See here for documentation on specifying oldfiles for files within a filelist.

  • gzip

Mandatory if using GNU ZIP to compress 'oldfiles': the full pathname of the binary for the GNU ZIP utility. This value will be used when 'oldfiles' compressed with gzip are used.

gzip: /usr/bin/gzip
  • tmpdir

Optional: the directory OmniCheck uses to store working files, such as the tellfile, spoolfile and lockfile. If "tmpdir" is not set in the configuration file, the most OS-appropriate directory will be used.

NOTE: Do not set 'tmpdir' to /tmp on Solaris systems, as that filesystem is cleared on reboot, erasing your tellfiles.

tmpdir: /usr/tmp
tmpdir: /var/tmp
tmpdir: /app/omnicheck/tmp
  • block

Optional: the name used when you want to monitor one file differently than another. The first block is always the "main" block, and the configuration file entries "process", "home", and "tmpdir" in the "main" block are copied into each subsequent block.

block: WebSrv_A
block: Tomcat_B
  • rules

Mandatory: the filename for the patterns and associated actions (rules). There can be one or more rulefiles listed on the 'rules' entry, or each rulefile can be listed on their own line: regardless, the files are read in the order they are listed in the configuration file, and the rules therein are processed in the same order. The rulefiles can either be references relative to the home directory or via an absolute path:

Relative to the 'home' directory

rules: rules.local rules.group rules.global
rules: rules.process_1 rules.process_group rules.all_processes

Absolute path

rules: /opt/omnicheck/special/rules.special
  • logs

Optional: the directory to which OmniCheck will write its omnicheck.err and omnicheck.out log files. If not defined, the home directory will be used.

logs: /oap/logs
logs: /usr/local/omnicheck/logs
  • out

Optional: the filename to use for STDOUT of OmniCheck. Unix date(1)-style mnemonics can be added to provide an auto-rotation feature. The default value is omnicheck.out

out: omnicheck_%Y%m%d.out
out: omnicheck_%H:%M:%S.out
  • err

Optional: the filename to use for STDERR of OmniCheck. Unix date(1)-style mnemonics can be added to provide an auto-rotation feature. The default value is omnicheck.err

err: omnicheck_%Y-%m-%d.err
err: omnicheck_%H:%M:%S.err
  • debug

Optional: the level of messages to generate in the omnicheck.err file. Messages at lower levels will be written, i.e., 'crit' includes 'alert' and 'emer', et cetera. The higher the level, the more log entries generated.

debug: debug 
debug: info
debug: notice # default level 
debug: warn
debug: err 
debug: crit
debug: alert
debug: emer
  • interval

Mandatory for running in persistent (daemon) mode: provides OmniCheck the minimum length of time (in seconds) to spend in each iteration of its event loop. If an event loop takes longer than interval seconds, the next event loop will start immediately after the last.

interval: 300
  • IRS

Optional: defines an input record separator (IRS) for logs that consist of multiple lines. When this configuration entry is used, it should contain a regex matching the beginning of a new multiple-line log entry. OmniCheck will match each line of the new content for this pattern, and if found, will begin a new record with this line. Note: the multiple-line records will contain newlines.

IRS: ^\d\d\d\d-\d\d-\d\d-\d\d\.\d\d\.\d\d\.\d+
IRS: ^[A-Z] [A-Z][a-z][a-z] [ \d]\d \d\d:\d\d:\d\d \d\d\d\d

There is an optional :trim tag you can associate with the IRS entry to match a set of lines, trim off the matching part, like a date/time stamp, then concatenate the remainders into one line.

IRS: ^\d\d\d\d-\d\d-\d\d-\d\d\.\d\d\.\d\d\.\d+ :trim
IRS: ^[A-Z] [A-Z][a-z][a-z] [ \d]\d \d\d:\d\d:\d\d \d\d\d\d :trim

NOTE: may not be used in persistent mode.

Flags to control OmniCheck's function

  • production

Recommended: tells OmniCheck whether the monitored file(s) is 'in production' or not. A true
value would be 'on', 'yes', or '1', whereas a false value would be 'off', 'no', or '0' (zero). When the production value is false, pages are downgraded to mails, and actions that would contact the oncall now contact the admin.

production: no  # or 0 or off
production: yes # or 1 or on
  • farm

Recommended: tells OmniCheck whether the monitored file(s) is part of a redundant set of objects or not.
The theory goes that a single component of a farm can endure an failure without causing adverse impact to the farm as a whole.

See 'production' above for true and false values. When the farm value is true, the effect is the same as if the production value is false.

farm: no  # or 0 or off
farm: yes # or 1 or on
  • maint

Recommended: tells OmniCheck whether the monitored file(s) is under maintenance work or not. See 'production' above for true and false values. When the 'maint' value is true, no notifications will be sent.

maint: no  # or 0 or off
maint: yes # or 1 or on
  • quiet

Optional: tells OmniCheck when to be 'quiet', and not send any alerts. It follows the structure of crontab(5) to provide values for the minute, hour, day, month, and day-of-week. Any trailing values not assigned are assumed to match all possible values (*).

quiet: * 15-19 * * *   # no alerts between 3:00pm and 7:59pm
quiet: * 15-19         # same as above
quiet: * * * * 0,6     # no alerts on Saturday or Sunday

Required Entries for sending mail or pages

  • smtphost

the name of the host handling SMTP traffic for your site, or the path to a SMTP-capable binary on your system. Any necessary options for the binary must be provided.

smtphost: localhost
smtphost: relay.mail.here.com
smtphost: /usr/lib/sendmail -t
  • pagerhost

The name of the host that will translate an email into a pager message.

pagerhost: pager.foo.com
pagerhost: page.mail.here.com
  • admin

the name of the administrator for the file/system being monitored. Valid values are bare Unix username, a fully-formed email address, a simple file containing either a username or email address, or an executable script/program whose output is either a username or email address. The value of this entry replaces action references to 'admin'.

admin: jblow
admin: jblow@here.com
admin: /app/omnicheck_admin
admin: #!/opt/omnicheck/get_admin.sh
  • oncall

the name of the oncall personnel for the file/system being monitored. Valid values are bare Unix username, a fully-formed email address, a simple file containing either a username or email address, or an executable script/program whose output is either a username or email address. The value of this entry replaces action references to 'oncall'.

oncall: jblow
oncall: jblow@here.com
oncall: /app/omnicheck_oncall
oncall: #!/opt/omnicheck/get_oncall.sh
  • organization

Optional: This field can be used to identify to which group that an instance of OmniCheck belongs, as well as invoke different actions within a single rule: see here for more information.

organization: QA_Team
organization: NorthAm.Prod
organization: Foobar
  • fqdn

May be mandatory: Certain Unix-based architectures do not provide proper hostname identification (you know who you are). For those systems, you can provide a name to use for mail and page events.

fqdn: foobar.db.foo.com

Related

Wiki: Home

Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.