Linux/SSH File Event Monitor
Learn how to Monitor Individual Files on Your Linux-based Network Devices
About the Linux/SSH File Event Monitor

The Linux/SSH File Event Monitor keeps track of individual file size, contents, and much more. It will send alerts that are customized to your settings. A username and password are required and they must be for an account that has sufficient rights to access the file and perform the selected checks.

Configuring the Linux/SSH File Event Monitor

To begin, enter the full path to the file you want to monitor.

File Path Text Box

The first option will send you an alert of your choice if the event monitor cannot establish a secure connection to SSH.

Connection Settings

The next option will alert you if the file is either missing or present. Users who are monitoring for an error log file may find the file presence option useful.

File Presence Settings

The third option provided by the Linux/SSH File Event Monitor is super customizable: use it to receive a notification of your choice if the file size has increased, decreased, changed at all, or stayed the same since the last time the event monitor ran. Use this to receive notice of any change or lack thereof that's happened to the file since the last event monitor run.

Change in Size Settings

The next option watches the file's last modified date. You can get custom alerts if it either changed or stayed the same since the last time the event monitor checked.

Last Modified Settings

You can also receive alerts if the file is larger than a size you specify. Enter the file sizes that will trigger each level of alert.

Size Settings

Expanding the box labeled "Check the contents of the file" reveals advanced file monitoring options. When expanded, the option to alert if the file contains specified text appears. Enter the text that you want to monitor, then configure the next three options. You can choose to show the line the specified text was found on, as well as the previous and/or proceeding lines of text. There's also an option to cancel alerts for lines that also contain a different section of text that you specify.

Content Check

Also under the advanced settings is the option to alert if the file does not contain text that you specify. Under this option, you can choose to only check text that is new since the last time the event monitor ran. Under this, there are options for how many lines of text you want to display in the event monitor results.

More Content Check Settings

Finally, choose whether or not to include date/time tokens in the file name. Also, choose whether or not to enable Solaris compatibility.

Final Settings

Summary

This tutorial taught you how to set up a Linux/SSH File Event Monitor. To view more documentation on this event monitor, check out its Technical Resources guide. More Linux event monitor tutorials are coming soon, so make sure you keep an eye on the Features page in the coming weeks.

More IT Monitoring Features