This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Process a line with multiple Services\Status \n

CTull
Guide

‎29 Sep 2025 03:46 PM - edited ‎29 Sep 2025 03:50 PM

 I have something similar to pull in for a health check on services.

Example JSON.

{
"event.type": "LOG",
"content": "Last Modified at: ,2025-08-29 08:25:03.747519\nservice1,Good\nservice2,Good\nservice3,Good\nservice4,Bad",
"status": "NONE",
"timestamp": "1759152303747",
"dt.entity.host": "HOST-123456",
"dt.host_group.id": "DEV",
"log.source": "D:\\WebApplications\\service\\HealthCheck\\Data.txt",
"loglevel": "NONE",
"dt.cost.costcenter": "Services",
"dt.entity.host_group": "HOST_GROUP-123456789",
"dt.openpipeline.pipelines": "logs:default",
"dt.openpipeline.source": "oneagent"

 

Processor Def:
PARSE (content, "LD 'at: ,' TIMESTAMP('yyyy-MM-dd HH:mm:ss.f'):last_time_modified '\'")
| PARSE(content, "LD TIMESTAMP STRING DATA STRING:Service_Status")

 

Any ideas how I can get these services\status into a variable to be able to alert and generate the title or description with the variables if one of the 4 services\status is BAD?

Also with the new logging in the Gen3 view how do we do event alerting etc. without using classic log process?

 

Labels:
Reply
1 REPLY 1

CTull
Guide

‎29 Sep 2025 06:52 PM

Yes, I can make an event extraction for each service and its status to trigger with service,bad and generate an alert but the page is dynamic and updates are made often.  Each event extraction would then be static and always manual updates.  While I want this to be as dynamic as possible to be able to handle additional services as necessary as the service list grows.

0 Kudos
Reply
Ask a question

Featured Posts