This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Power Shell Log Parser- Total number of Strings Found Status Issue

Afternoon,

I have been having an issue with the canned Solarwinds Power Shell Log Parser. We use this to comb through logs looking for specific regex's in logs that are cleared nightly and start fresh the next morning. We parse them looking for error codes that are written in the log and if seen we alert on it. We currently have it functioning to go to warning if the regex is found but what we can't seem to do is get it to report as up, when its not found. I have the script below we are using, and a few screen shots. We use this same script with different logs and Regex for 4 monitors, so hoping its an easy fix as its affecting the status of 10,000 of these. Thanks for any feedback!

Oh NPM.12.2 SAM 6.4, Agent based Polling with 4 Pollers.

When Regex is found, so Greater than 0

pastedImage_2.png

When Entry is Not Found, Meaning Regex is equal to 0, the app shows as Unknown with the following information.

pastedImage_5.png

pastedImage_6.png

Total number of Strings Found

$logfile_path = "C:\boh\log\osm.log"

$regex = "Diskrecovery -backup has failed, creating flag"

$Error.Clear();

if ( $logfile_path -eq $null )

  {

  Write-Host "Message: Can't find ""logfile_path"" argument. Check documentation."

  exit 1

  }

if ( $regex -eq $null )

  {

  Write-Host "Message: Can't find ""regex"" argument. Check documentation."

  exit 1

  }

if ( !$(Test-Path $logfile_path) )

  {

  Write-Host "Message: File $logfile_path not found."

  exit 1

  }

$filename = split-path "$logfile_path" -leaf

$t = (Get-Childitem env:temp).value

$usage="total";

$regname = [System.Text.RegularExpressions.Regex]::Replace($regex,"[^1-9a-zA-Z_]","_");

$txt=".txt"

$file_path = "$t\$usage-$filename-$regname-$txt"

if ( Test-Path $file_path )

  { $known_rows = get-content $file_path }

else

  { $known_rows = 0 }

$resn = @()

$resl = @()

[array]$matching_rows = get-childitem $logfile_path | select-string -pattern $regex

$total = $matching_rows.Count

if ($Error.Count -ne 0) {

  Write-Host "$($Error[0])"

  exit 1

  }

if ( $total -lt $known_rows ) {

  $known_rows = 0

  $known_rows > $file_path

  }

$new_rows = $total - $known_rows

$total > $file_path

for ( $i = 0 ; $i -le $total; $i++ ) {

  $resn += @($i)

  $resl += @($i) }

$i = 1

$stat = $matching_rows | select linenumber, line | ForEach-Object {

  $resn[$i] = $_.linenumber

  $resl[$i] = $_.line

  $i = $i + 1

  }

if ($total -eq 0)

{

write-host "Statistic: 0"

write-host "Message: No strings found"

exit 0

}

if ($total -gt 0)

{

$lines = @()

write-host "Statistic: $total"

if($total -gt 1)

  {

  for ( $i = 1 ; $i -le $total; $i++ )

   {

   $lines += "<br/>"

   $lines += $resl[$i]

   $lines += ";"

   }

  write-host "Message: Total number of lines that match search criteria: $total. Lines that have search string: $lines"

  exit 0

  }

else

  {

  $line = $resl[$resl.Count - 1]

  write-host "Message: Total number of lines that match search criteria: $total. Lines that have search string: $line"

  exit 0

  }

}

pastedImage_0.png

When Regex is found, so Greater than 0

pastedImage_2.png

When Entry is Not Found, Meaning Regex is equal to 0, the app shows as Unknown with the following information.

pastedImage_5.png

pastedImage_6.png