References > Template Reference > Log Parser > Log Parser (PowerShell)

Log Parser (PowerShell)

The Log Parser template allows you to check a specified log file and determine the total number of lines that match your search criteria.

Prerequisites

WinRM must be installed and properly configured on the target server.

Credentials

Administrator on target server.

You must specify the correct arguments for each monitored component in the Script Arguments field. If you fail to do this, the monitor will return with a status error of Undefined.

Configuring Windows Remote Management (WinRM)

  1. If not already done so, install PowerShell 2.0 and WinRM on the SAM and target servers. PowerShell 2.0 can be found here: http://support.microsoft.com/kb/968930.
  2. On the SAM server, open a command prompt as an Administrator. Go to the Start menu and right-click the cmd.exe and then select Run as Administrator.
  3. Enter the following in the command prompt:
    winrm quickconfig –qwinrm set winrm/config/client @{TrustedHosts="*"}
  4. On the target server, open a command prompt as an Administrator and enter the following:
    winrm quickconfigwinrm set winrm/config/client @{TrustedHosts="IP_ADDRESS"} where IP address is the IP address of your SAM server.

Monitored Components

For details on monitors, see SAM Component Monitor Types.

Total number of strings found

This monitor shows the total number of strings that match the search criteria. Additionally in the message field, this monitor returns all strings that match the search criteria. In the returning message, this component returns all lines that match the search criteria divided by ";"

This monitor uses the following arguments:

  • LogFilePath,RegularExpression where LogFilePath - This is the path of the target log file on the target server. The path cannot contain any spaces.
  • RegularExpression - This is used for regular expression searches to find a desired string in the log file. Searches are not case sensitive; however, a search cannot contain spaces.

Below is an example using the Scripts Arguments field to search the number of strings that match the word "error" in the powertest.log file:
d:\powertest.log,^error

Number of newly found strings

This monitor shows the number of newly found strings. Additionally, in the message field, this monitor returns all new strings that match search criteria.

This monitor uses the following arguments:

  • LogFilePath,RegularExpression where LogFilePath - This is the path of the target log file on the target server. The path cannot contain any spaces.
  • RegularExpression - This is used for regular expression searches to find a desired string in the log file. Searches are not case sensitive; however, a search cannot contain spaces.

Below is an example using the Scripts Arguments field to search for the number of newly found strings since the last script execution. In this case, just the new instances of the searched word, “error” is returned. In the returning message, this component returns all lines that match the search criteria divided by ";":
d:\powertest.log,^error

Found String in # Position

This monitor shows the number position of the string found from the end that matches the search criteria, as well as the string itself. By default, this counter also shows the last string.

This monitor uses the following arguments

  • LogFilePath,RegularExpression,Position where LogFilePath - This is the path of the target log file on the target server. The path cannot contain any spaces.
  • RegularExpression - This is used for regular expression searches to find a desired string in the log file. Searches are not case sensitive; however, a search cannot contain spaces.
  • Position - This value determines the position from the last string of the log file. By default, a value of 1 will return the last string found.

For example using the Scripts Arguments field which searches for the position of the word, "error" in relation to the end of the log file: d:\powertest.log,^error,1