regex - Powershell log tailer issues -

-

i have written log tailer powershell, tailer loads in xml file contains configuration information regarding when report on word match in log tail (basically if patterns occur x amount of times in tail).

at moment tailer not returning matches many of lines contain matches.

for example retrieving log file many info lines, if check word info nothing detected, if work shutdown returns matches (the line shutdown contains info on line).

the strange thing using same log file , same powershell script seems produce accurate results on own machine behaves strangely on server.

i suspect might issue version of powershell running on server, hoping here might know of issues can come different versions. have noticed when print out number of matches, if nothing found output blank, perhaps should 0 , causing weird issue trigger?

function main() {     #### global settings      $debugpreference = "continue"     $servername = $env:computername     $scriptpath = split-path $script:myinvocation.mycommand.path     $logconfigpath = "$scriptpath/config.xml"        #### variables relating log file      #contains log path , log file mask     $logpaths = @()     $logfilemasks = @()      # total number of lines grabbed end of log file evaluation     $numlinestotail = 1000      # key value pair strings match , max count of matches before considered issue     $keywords = @()     $maxcounts = @()        #### variables relating email settings      $smtpserver = "mail server"     $emailsubject = "$servername log report"     $toemailaddress = "email accounts"     $fromemailaddress = ""      # initial content want in email body should go here (e.g. name of server on)     $htmlbodycontent = "<p><h3>server $servername : </h3></p><p>items appear in red have exceeded match threshold , should investigated.<br/>tail lines: $numlinestotail</p>"        #### function calls      loadlogtailerconfig $logconfigpath ([ref]$logpaths) ([ref]$logfilemasks) ([ref]$keywords) ([ref]$maxcounts)      ($i = 0; $i -lt $logpaths.count; $i++)     {         $tail = getlogtail $numlinestotail $logpaths[$i] $logfilemasks[$i]          $tailissuetable = checkforkeywords $tail $keywords[$i] $maxcounts[$i]          if ($tailissuetable -ne "")         {              $htmlbodycontent += "<br/>logs scanned: " + (getlatestlogfilefullname $logpaths[$i] $logfilemasks[$i]) + "<br/><br/>" + $tailissuetable             sendissueemail $smtpserver $emailsubject $toemailaddress $ccemailaddress $fromemailaddress $htmlbodycontent         }     } }  # loads in configuration data utility use function loadlogtailerconfig($logconfigpath, [ref]$logpaths, [ref]$logfilemasks, [ref]$keywords, [ref]$maxcounts) {     write-debug "loading config file data $logconfigpath"      [xml]$configdata = get-content $logconfigpath      foreach ($log in $configdata.logs.log) {          $logpaths.value += $log.filepath         $logfilemasks.value += $log.filemask          $kwp = @()         $kwc = @()          foreach ($keywordset in $log.keywords.keyword)         {             $kwp += $keywordset.pattern             $kwc += $keywordset.maxmatches          }          $keywords.value += @(,$kwp)         $maxcounts.value += @(,$kwc)     } }  # gets string containing last x lines of recent log file function getlogtail($numlinestotail, $logpath, $logfilemask) {     $logfile = getlatestlogfilefullname $logpath $logfilemask  #get-childitem $logpath -filter $logfilemask | sort lastwritetime | select -last 1      write-debug "getting $numlinestotail line tail of $logfile"      $tail = get-content "$logfile" | select -last $numlinestotail      return $tail }  function getlatestlogfilefullname($logpath, $logfilemask) {     $logfile = get-childitem $logpath -filter $logfilemask | sort lastwritetime | select -last 1       return "$logpath$logfile" }  # returns body text email containing details on keywords in log file , frequency function checkforkeywords($tail, $keywords, $maxcounts) {        $issuesfound = 0      $htmlbodycontent += "<table><tr><th style=""text-align : left;"">keyword</th><th>max count value</th><th>count total<th></tr>"      ($i = 0; $i -lt $keywords.count; $i++)     {         $keywordcount = ($tail | select-string $keywords[$i] -allmatches).matches.count          write-debug (("match count {0} : {1}" -f $keywords[$i], $keywordcount))          if ($keywordcount -gt $maxcounts[$i])         {             # style red if count threshold has been exceeded             $htmlbodycontent += "<tr style=""color : red;""><td>" + $keywords[$i] + "</td><td>" + $maxcounts[$i] + "</td><td>" + $keywordcount + "</td></tr>"             $issuesfound = 1         }         else         {             # style green if count threshold has not been exceeded             $htmlbodycontent += "<tr style=""color : green;""><td>" + $keywords[$i] + "</td><td>" + $maxcounts[$i] + "</td><td>" + $keywordcount + "</td></tr>"         }     }      $htmlbodycontent += "</table>"      if ($issuesfound -eq 1)     {         return $htmlbodycontent     }      return "" }  # sends out email specified email address function sendissueemail($smtpserver, $subject, $toaddress, $ccaddress, $fromaddress, $bodycontent) {     write-debug "sending email subject: $subject, to: $toaddress, via smtp ($smtpserver)"      send-mailmessage -smtpserver $smtpserver -subject $subject -to $toaddress -from $fromaddress -bodyashtml $bodycontent }  cls main

and xml config example:

<logs>     <log>         <filepath>c:/some/path</filepath>         <filemask>log.*</filemask>         <keywords>             <keyword>                 <pattern>nullreferenceexception</pattern>                 <maxmatches>10</maxmatches>             </keyword>             <keyword>                 <pattern>exception</pattern>                 <maxmatches>10</maxmatches>             </keyword>         </keywords>     </log>     <log>         <filepath>c:/some/path</filepath>         <filemask>test.*</filemask>         <keywords>             <keyword>                 <pattern>nullreferenceexception</pattern>                 <maxmatches>100</maxmatches>             </keyword>         </keywords>     </log> </logs>

edit : server having issues running powershell v 1.0, test servers running same version fine...

your function getlatestlogfilefullname 1 problem. can , generate invalid paths.

function getlatestlogfilefullname($logpath, $logfilemask) {     $logfile = get-childitem $logpath -filter $logfilemask | sort lastwritetime | select -last 1      return "$logpath$logfile" }

use instead: 

return $logfile.fullname

and should check cases there no valid log file:

if ($logfile) {     return $logfile.fullname } else {     return $null }

the second problem select-string usage.

$keywordcount = ($tail | select-string $keywords[$i] -allmatches).matches.count

in powershell v1 select-string not have -allmatches parameter.

ps> get-help select-string name     select-string synopsis     identifies patterns in strings. syntax     select-string [-pattern] <string[]> -inputobject <psobject>[-include <string[]>] [-exclude <string[]>] [-simplematch] [-casesensitive] [-quiet] [-list] [<commonparameters>]      select-string [-pattern] <string[]> [-path] <string[]> [-include<string[]>] [-exclude <string[]>] [-simplematch] [-casesensitive] [-quiet] [-list] [<commonparameters>]

check powershell versions on servers using $psversiontable variable. not rely on version displayed in title bar!

powershell version confusion

if variable not exist have version 1.


Comments

Post a Comment

Popular posts from this blog

node.js - Mongoose: Cast to ObjectId failed for value on newly created object after setting the value -

-
this question has answer here: what's mongoose error cast objectid failed value xxx @ path “_id”? 7 answers even though has been asked many times because entity has no valid objectid field. i came across situation objectid set value can casted objectid still error. the schema: var serviceschema = parammongoose.schema({ servicename:{ type: parammongoose.schema.types.objectid , ref: 'servicenames',required:true } }); pseudo code: servicefromdb=new service({servicename:'some name'}); servicefromdb.servicename='000000000000000000000001'; servicefromdb.save(function(paramerror,paramdata){ if(paramerror){ console.log('but but...',servicefromdb,paramerror) } }); the output of code is: but but... { servicename: 000000000000000000000001, _id: 55079a90286f49280364f78b } { [casterror: cast objectid faile...
Read more

[C++][SFML 2.2] Strange Performance Issues - Moving Mouse Lowers CPU Usage -

-
i've been working on making 2d map editor past 2 weeks or so, , i've run strange problem. trying optimize code, example, making functions should've been functions begin with, did made cpu usage go through roof. i've tried commenting out different sections of code thought culprits (scrolling, rendering, other calculations) no avail. think issue might trying call things within different functions, sake of making modular possible, i'd functionality. the other major change i've made since file i'm comparing i've ported variables external cpp file, since having variables global makes lot easier use within different functions. simple issue, can't life of me understand why happens. with original code, around 2-3% cpu usage. new code, around 20-35%, but, if move mouse around, it'll drop around 6-8%. tl;dr: after trying optimize code using functions, i've somehow killed performance, , found strange quirk moving mouse reduces cpu usage.. /...
Read more

ios - Possible to get UIButton sizeThatFits to work? -

-
i have been using method of resizing uibuttons depreciated, , not robust. , other reasons, want sizethatfits work uibuttons. i've read online, i'm not sure if should work (seems working some, not others, difference maybe between style, i'm using custom). here simple test code recreate issue (i put in viewdidload test, shouldn't matter, , real code part of large project): uibutton *btn = [uibutton buttonwithtype:uibuttontypecustom]; [btn settitle:@"this test long title need word wrap more single line when displayed on tiny ipod in portrait view." forstate:uicontrolstatenormal]; btn.titlelabel.linebreakmode = uilinebreakmodewordwrap; // depreciated - nothing replace it? cgrect r = btn.frame; r.origin.x = 0; r.origin.y = 0; r.size.width = 320; r.size.height = [btn.titlelabel.text sizewithfont:btn.titlelabel.font constrainedtosize:cgsizemake(r.size.width,100000) linebreakmode:btn.titlelabel.linebreakmode].height; // returns approx 86 , changes correctly ...
Read more