I've enabled some debugging on a voice gateway router and I am forwarding the logs to Solarwinds for visibility. I would like to alert based on a specific set of characters, something like
However it appears that the alert I've set up only sends me a single line rather than the entire debug message. Example email we receive looks like
8/9/2018 9:39 AM : 1907028973: SIP/2.0 487 Request Cancelled
However I know there is more to these alerts, as a full message may look like
Jun 3 09:36:18.495 PST: //7195130/FA906982A706/SIP/Msg/ccsipDisplayMsg:
SIP/2.0 487 Request Cancelled
Via: SIP/2.0/UDP 220.127.116.11:5060;branch=z9hG4bK08Bbc6e867dac28870b
From: "Soup People" <sip:+email@example.com:5060>;tag=gK0851a53b
Date: Sat, 03 Jun 2017 17:36:18 GMT
CSeq: 498233649 INVITE
Each of the above lines comes in individually, so I can't use regex to match against it. Is this something that is a limitation of the Cisco IOS-XE software, or is this how Solarwinds handles syslog messages? Any way to fix it so I can send the entire message?
What version of NPM are you running?
NPM 12.2 with Orion 2017.3.5 SP5