How do I read just one file in a app?

approachct · ‎07-25-2011

I want to be able to push down a single application which contains an inputs.conf to monitor files on a Oracle RAC system.

There are three nodes and each system should just read its own file, however the issue is they are on a shared filesystem. Each node is active in this type of cluster. The application would look something like -

 [monitor:///temp/log/abc1/alert_abc1.log]
 ...

 [monitor:///temp/log/abc2/alert_abc2.log]
 ...

 [monitor:///temp/log/abc3/alert_abc3.log]
 ....

Ideally I would want to have a whitelist = specific hostname on each stanza, similar to the syntax in serverclass.conf. It would look something like

 [monitor:///temp/log/abc1/alert_abc1.log]
 whitelist.0 = node1*
 ...

 [monitor:///temp/log/abc2/alert_abc2.log
 whitelist.0 = node2*
 ...

 [monitor:///temp/log/abc3/alert_abc3.log]
 whitelist.0= node3*
 ....

I realize I could push three separate apps, but that will become a maintenance nightmare down the road.

Thanks for any ideas.

araitz · ‎07-25-2011

If it is on a shared filesystem, why not set up one machine to read all three files, or even set up a dedicated forwarder to monitor the shared file system?

How do I read just one file in a app?

Announcing Scheduled Export GA for Dashboard Studio

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!