Kod 3-misol: etishmayotgan hodisalarni tekshirish
# syslog-ng metama'lumotlari
# filtr: mos ("Ish.*boshlandi") yoki mos ("Ish.*to'liq") yoki \
#
filtr (f_thresholds);
mening %alarms_by_job;
mening %jobs_by_signal;
while(
) {
mening %xabar = parse($_);
# Agar ish boshlangan bo'lsa, signalni o'rnating, shunda u 10 daqiqada tugamasa, agar ($message{message}
=~ /Ish ([0-9]+) boshlangan/) {
# set_signal o'zi yaratgan skaler nomini qaytaradi $alarms_by_job{$1} =
$variable_server->set_alarm("+600"); $jobs_by_alarm{$alarms_by_job{$1}} =
$1;
}
if($message{message} =~ /Ish ([0-9]+) bajarildi/) {
mening $ishim = $1;
if($variable_server->get_scalar($alarms_by_job{$job}) {
# agar signal hali ham faol bo'lsa, uni o'chiring; biz yaxshimiz
$variable_server->clear_signal($signals_by_job{$job});
$jobs_by_alarm{$alarms_by_job{$job}} oʻchirish; $alarms_by_job{$job}
o'chirish;
}
boshqa {
# signal faol emas: ish tugadi, lekin kech tugadi. $jobs_by_alarm{$alarms_by_job{$job}}
oʻchirish;
$alarms_by_job{$job} o'chirish; queue_alert("Ish $ish
kech tugadi!");
}
}
if($message{message} =~ /TIMEOUT: (\S+) (\S+)/) {
mening ($ turi, $ nomi) = ($1, $2);
# Vazifalardan biri 10 daqiqada tugamadi, qaysi birini ko'ring
# ish edi va ogohlantirish yuboring.
queue_alert("Job $jobs_by_alarm{$name} 10 daqiqadan beri ishlayapti!");
}
}
