Purpose of this page is to provide some detailed technical backgournd information for data collectors in classic Buisiness Process Monitoring. For more generic FAQs, please check FAQ Business Process Monitoring (classic).
Application Log Monitoring
Aggregation per Day
Monitoring application logs per day evaluates the log messages that were created on a calendar day (NOT the last 24h!). Alert records are created during the day only if the thresholds for yellow or red alerts were exceeded. Green alerts are not created throughout the day, only after the day was completed.
Note: Different from key figure "Critical Messages", for key figure "Application Log Content" the field message number has to be filled with a numeric value. Wildcards are NOT allowed in any case.
You are monitoring logs with object A, subobject B for critical messages of type ERROR and class C. Data collection happens at 10:00 and at 22:00 every day. 5 messages in a day should raise a red alert. In your managed system, a log for object A, subobject B is written at 09:45. It contains one error message of class C. The data collection at 10:00 will find the log, but will realize that the thresholds are not exceeded for yellow or red, so no alert record is created. The data collection at 22:00 will find again that the thresholds are not exceeded and no alert record is created. The data collection on the next day at 10:00 will see that now the previous day was completed, no further error messages of class C were created. It will now raise the green alert record for the previous day with the measured value 1.