Special Offer

Zabbix Monitoring Course Discount $11.99
https://www.udemy.com/course/zabbix-monitoring/?couponCode=607976806882D016D221
Offer expires in hours. Be quick and share with your friends and colleagues.

Special Offer

Grafana Course Discount $13.99
https://www.udemy.com/course/grafana-tutorial/?couponCode=D04B41D2EF297CC83032
Offer expires in hours. Be quick and share with your friends and colleagues.

Special Offer

Prometheus Course Discount $9.99
https://www.udemy.com/course/prometheus/?couponCode=EB3123B9535131F1237F
Offer expires in hours. Be quick and share with your friends and colleagues.

Special Offer

Threejs Course Discount $9.99
https://www.udemy.com/course/threejs-tutorials/?couponCode=416F66CD4614B1E0FD02
Offer expires in hours. Be quick and share with your friends and colleagues.

Item Preprocessing with Regex

Video Lecture

Description

In this lecture, I add a pre-processing step to the item that instructs the agent to read the windows failed logon events.

The regular expressions demonstrated in this video are,

Regex	Output	Description
(.*)	\0	Returns only the first line of the complete failed logon event text.
Account Name:\t\t(.*)	\1	Returns the 1st occurrence of the Account Name in the log text, that created the event.
Account Name:(.|\n)*\tAccount Name:\t\t(.*)	\2	Returns the 2nd occurrence of the Account name in the log that created the event.

Useful Links

Item value preprocessing

Regex 101