Re: [TEC] more unix logfile adapter fun

Hi John

Would  you need to specify it like this :-

%s+|%s|%[99]s+|%s|%s|%s|%s|%s|%s|%s|%s|%s*

Rgds, Craig

>>> John_Guadagnino@xxxxxxx 24/02/2005 11:49:09 >>>
tec 3.9, fixpack 1

the adapter's guide Appendix B Format specifications section (page
188~189) tells me that I can truncate the length of a constant by using
the printf-like %[length]s(+|*) structure ... I just tried it and it
didn't work ... here's my format pattern:


FORMAT PFI_Logfile
%s+|%s|%99s+|%s|%s|%s|%s|%s|%s|%s|%s|%s*
origin DEFAULT
hostname DEFAULT
severity MINOR
sub_source PRINTF("hq.apps.pfi.%s.acp", hostname)
msg_date $1
processMsgCode $2
description $3
criticality $4
application_id $5
subsys_id $6
component $7
interface $8
family $9
msg_type $10
obj_key_id $11
run_id $12
msg PRINTF("Application %s failure code %s at %s", interface,
processMsgCode, msg_date)
END


in my previous discussion on the list, the description field ($3) was
giving my trouble because it was a very long string with lots of
embedded quotes ... so I am trying to simply snip off the first 99
characters because they contain some valuable data and the quotes don't
start (usually) until well after character position 100 in that field.

This format compiled without a problem & events are being generated,
but when the event gets sent to TEC, the description field has not been
truncated as expected .. it has the full 600+ characters with all the
stoopid embedded quotes causing the event to fail parsing again.

Has anybody had success using the character length restriction as
indicated in the adapters guide?  Or do you see any obvious mistakes
I've made here?

tia,

John Guadagnino
Gap Inc.




**********************************************************************
*****   IMPORTANT INFORMATION    *****
This document should be read only by those persons to whom it is 
addressed and its content is not intended for use by any other 
persons.  If you have received this message in error, please notify 
us immediately.  Please also destroy and delete the message from 
your computer.  Any unauthorised form of reproduction of this message 
is strictly prohibited.

St George Bank Limited AFSL 240997 or its subsidiaries ASSIRT Pty Ltd 
AFSL 240979, Advance Asset Management Limited AFSL 240902, PACT 
Accountants Investment Group Pty Limited AFSL 240693, St George Life 
Limited AFSL 240900, ASGARD Capital Management Limited AFSL 240695 
and Securitor Financial Group Limited AFSL 240687 is not liable for 
the proper and complete transmission of the information contained in 
this communication, nor for any delay in its receipt.
**********************************************************************