Additional content generator tokens
The SNMP Trap, Event Log, and File Watching monitors support supplemental tokens that can be referenced in a content generator to provide additional information in the action message. These tokens can be divided into two categories: Numeric Tokens and Property Tokens.
Numeric tokens
Numeric Tokens allow you to retrieve specific text matches (or captures) located by a regular expression search. The syntax for Numeric Tokens is:
%capture[#]%
For example, consider a file watched by the File Watching monitor, which contains the following entry:
1/30/2006 7:45:08 AM ERROR: The application failed to start. REASON: Required resource myapp.dll could not be located.
Within the File Watching Monitor, the following regular expression was entered:
ERROR\: (.*?) REASON\: (.*)
In this example, the %capture[1]% Token resolves to: "The application failed to start." and the %capture[2]% Token resolves to: "Required resource myapp.dll could not be located."
Assuming an information action was configured correctly, this information would be included in the body of the message.
Variables are enumerated in the same order they are defined in the RegEx. When more than one RegEx Search Scenario is configured for a Monitor, variables are enumerated starting in the first Regular Expression and counting through the last Regular Expression. For example:
- First Regular Expression:
%capture[1]%, %capture[2]%, %capture[3]%
- Second Regular Expression:
%capture[4]%, %capture[5]%
, and so on.
Property tokens
Property tokens allow you to access additional parameters describing an event log entry, a file entry, or an SNMP Trap. The syntax for property tokens is %capture[property_name]%
.
For example:
%capture[timewritten]%
(Event Log Monitor specific)%capture[bindings]%
(SNMP Trap Monitor specific)%capture[offset]%
(File Watching Monitor specific)
Additional content generator property tokens are available to the Event Log, File Watching, and SNMP Trap Monitors.
Event Log tokens
The following table contains the content generator property tokens available to Event Log monitors.
Token Name |
Sample Return Value |
---|---|
%capture[category]% |
2 |
%capture[computername]% |
MISWKSTN |
%capture[logfile]% |
System |
%capture[sourcename]% |
W3SVC |
%capture[timewritten]% |
20040209102741.000000-300 |
SNMP Trap tokens
The following table contains the content generator property tokens available to SNMP trap monitors.
Token Name | Sample Return Value |
---|---|
%capture[agent-addr]% |
10.1.2.3 |
%capture[community]% |
public |
%capture[enterprise]% |
1.3.6.1.4.1.674.10892.1 |
%capture[generic-trap]% |
enterpriseSpecific (6) |
%capture[specific-trap]% |
1053 |
%capture[time-stamp]% |
9212200 |
%capture[1.3.6.1.2.1.1.0]% |
Dell OpenManage Temperature Status [snmp: trap] is down |
%capture[bindings]% |
mib-2.system.0: SNMP Trap Monitor :: Dell OpenManage Temperature Status[snmp: trap] is down |
%capture[bindings-raw]% |
1.3.6.1.2.1.1.0: SNMP Trap Monitor :: Dell OpenManage Temperature Status[snmp: trap] is down |
File Watching tokens
The following table contains the Content Generator Property Tokens available to File Watching monitors.
Token Name |
Sample Return Value |
---|---|
%capture[offset]% |
23698 |
%capture[1.3.6.1.2.1.1.0]%
displays the value of the specified OID entered within the square brackets [ ]. A wildcard character (*) cannot be used to specify an OID prefix.