AnsweredLockedParsing the result of file context monitoring

Author
mmoyseyenko
New Member
  • Total Posts : 3
  • Reward points: 0
  • Joined: 2015/07/03 08:45:46
  • Status: offline
2016/01/08 09:52:19 (permalink)

Parsing the result of file context monitoring

I need to parse and analyze the string returned by the File Context Monitoring. The string has the following format:
 
"[yyyy-mm-dd] <KeyWord> <Resource1>: xxx <Resource2>: yyy <Resource3>: zzz"
 
I can find and return the string in the file by "KeyWord". However, let's say my goal is to send an alert only if Resource2 value is over 1000 (i.e. yyy > 1000)
Is there any way to do it with standard IPSentry tools or do I need to look at creating my own custom add-in?
 
#1
IPSentrySupport
Support Guy
  • Total Posts : 2079
  • Reward points: 0
  • Joined: 2006/05/16 21:55:52
  • Status: offline
Re: Parsing the result of file context monitoring 2016/01/09 08:51:23 (permalink)
Within the file monitoring addin there is no method to convert data to other types (Dates, Times, Numbers, etc.) or perform mathematical comparisons or data type conversions on file data.
 
 

---
IPSentry Support
RGE, Inc.
http://www.ipsentry.com
http://forum.ipsentry.com

IPSentry® is a Registered Trademark of RGE, Inc.
#2
mmoyseyenko
New Member
  • Total Posts : 3
  • Reward points: 0
  • Joined: 2015/07/03 08:45:46
  • Status: offline
Re: Parsing the result of file context monitoring 2016/01/11 09:13:34 (permalink)
IPSentrySupport
Within the file monitoring addin there is no method to convert data to other types (Dates, Times, Numbers, etc.) or perform mathematical comparisons or data type conversions on file data.
 
 


 
Thanks. I've figured as much. So what are my options?
 
#3
IPSentrySupport
Support Guy
  • Total Posts : 2079
  • Reward points: 0
  • Joined: 2006/05/16 21:55:52
  • Status: offline
Re: Parsing the result of file context monitoring 2016/01/11 19:42:57 (permalink) ☼ Best Answerby mmoyseyenko 2016/01/12 08:42:14
One option might be to write a custom utility that IPSentry can shell to using the command monitoring option to trigger the appropriate alerts.
 
 

---
IPSentry Support
RGE, Inc.
http://www.ipsentry.com
http://forum.ipsentry.com

IPSentry® is a Registered Trademark of RGE, Inc.
#4
Jump to:
© 2024 APG vNext Commercial Version 5.5