Wondering if anyone out there has any experience using regex on the variables tab in the ntevl probe. I'm very interested in trying to use this to grab certain info out of the Event Log event description on certain IDs to use within the alarm that is generated. I've had alot of experience using the variables tab with regex in the logmon probe and have been able to get successful results. I sort of expected the variables section in the ntevl probe to work similarly, but I'm just having an awful time trying to get it to work.
Here is my scenario:
Let's say I'm looking for an Application log entry with an ID of 600 (I'm completely making this up...)
In this example, the ID 600 Application event log message has the following information in it:
You have reached an error.
Server name: SERVER
This is a detailed description of the error you encounted. You should probably do something about this.
Basically, what I want to do with the variables tab is use regex to look for the "URL" line and then have the url be captured. I know how I would accomplish this in the logmon probe -- have in the match expression something like /*^URL:\s(.*)$/ and then on the variables tab actually point to the regex capture. ($1) This does not seem to be how the variables work in the ntevl probe.
Does anyone have any experience with this or shed any light on this for me at all? I've looked through the probes documentation and it really provides no insight at all.