Analyze Your Monitors

Background: As a system administrator, getting statistics and insights regarding the configured monitors in your environment can be very meaningful. Getting a list of all your monitors, your scheduled monitors, your suspended monitors. Analyzing your monitor schedulers, your suspended monitors and much more.

All of these stats and more can be received after covering the following procedure:

1. From the top right part of the screen, press on Add Data->Add Log. Choose ‘Local’ as your Source Type and define the logPath as follows: ${xpolog.root.path}/conf/verifiers/{string}.xml

2. Set the log pattern of the log to the following:

<?xml {regexp:Monitor Name,refName=Message,name=\"([^\"]+).}{regexp:Monitor Query,refName=Message,searchQuery=\"([^\"]+)}{regexp:Type,refName=Message,type=\"([^\"]+).}{regexp:state,refName=Message,ScheduleOp.state=\"([^\"]+).}{regexp:cronexp,refName=Message,cronexp=\"([^\"]+).}{regexp:Sender,refName=Message,MailAccountFromId=\"([^\"]+).}{regexp:Recipients,refName=Message,MailAccountToId=\"([^\"]+).}{regexp:Subject,refName=Message,MailSubject=\"([^\"\u005B]+).}{string:Message}</Xpolog>

Open

Open

3. Save the log and set its name to ‘monitors_list’

4. Monitor Statistics: You can find below variety of queries for multiple usecases which may serve you to get a prespective regarding your monitors.

4.1 Get a list of your monitors with their queries: type="SearchVerifier" IN log.monitors_list | count | group by monitor name, monitor query | order by monitor name asc | display only Monitor Name, Monitor Query

4.2 Get a list of your active monitors with their schedulers:

type="SearchVerifier" and state = 1 IN log.monitors_list | count | group by monitor name, monitor query, cronexp as Scheduler | order by monitor name asc | display only Monitor Name, Monitor Query, scheduler

4.3 Get a list of your non-scheduled monitors:

type="SearchVerifier" and state = null IN log.monitors_list | count | group by monitor name, monitor query | order by monitor name asc | display only Monitor Name, Monitor Query

4.4 Get a list of your suspended monitors:

type="SearchVerifier" and state = 2 IN log.monitors_list | count | group by monitor name, monitor query | order by monitor name asc | display only Monitor Name, Monitor Query

4.5 List of monitors which are configured with an email alerts, including parameters regarding the monitor state, sender, recipients and mail subject:

sender != null IN log.monitors_list | count | group by monitor name, monitor query, state in query format ("1","Scheduled","2","Suspended",*,"Non-Scheduled"), sender, recipients, subject | order by Monitor Name asc | display only Monitor Name, Monitor Query, State, Sender, Recipients, Subject

4.6 Monitor numbers - scheduled, suspended and non-scheduled:

IN log.monitors_list | countif "state=1" as Scheduled, countif "state=2" as Suspended, countif "State = NULL" as Non-Scheduled