- 7 minutes to read

Managing Content Files

Take complete control of your content-based log file monitoring—set thresholds, perform remote actions, and manage alert states for pattern-detected events across all your text-based log files.

Manage your active content-based log file monitoring with Remote Actions—investigate detected patterns, manage alert states, and adjust monitoring parameters without server access.

Each content file configuration appears as a Resource in Nodinite Monitor Views. The Log File Parser Monitoring Agent runs on your server to continuously scan log files for configured patterns. This page explains the available management actions for content-based monitoring resources.

Tip

To understand content monitoring concepts and configuration, see Monitoring Content Files.

Content File Resources
Example: Content-based log file configurations displayed in a Monitor View

Available Remote Actions

Content file monitoring resources appear under the Log File Events Category. You can perform these Remote Actions from Monitor Views:

Filter by Category
Filter Monitor View by "Log File Events" category to display content-based monitoring resources

Content File Actions Menu
Remote Actions menu for content-based monitoring resources

  • Edit Thresholds - Adjust monitoring parameters in real-time
  • Error Report - View detected patterns with file context and download options
  • Clear Errors - Reset alert states and ignore historical events
  • Show Log Files - Display monitored files with individual file management

Info

All management actions are logged to the Audit Log for compliance tracking.

Error Report

View comprehensive details about detected content patterns, including file context, matched text, and download options.

Show Error Report Action
Error Report menu item in the Actions button

Pattern Detection Details

When content patterns are detected, the Error Report displays:

Error Report Content View
Example: Error report showing detected content patterns with file context

Report Contents

  • Matched patterns - Exact RegEx matches found in log files
  • File context - Source file names, timestamps, line numbers
  • Pattern details - Which specific patterns triggered the alert
  • File access - Download individual files or create ZIP archives

Download Options

Save all detected content as ZIP

Save as ZIP
Create comprehensive archive of all files containing detected patterns

Expand for detailed analysis

Pattern Details
Detailed view of detected patterns with full context and file information

Review monitoring thresholds

Evaluation Thresholds
Current threshold settings for the content monitoring configuration

Clear Error(s)

Reset alert states and ignore historical pattern detections to focus on new events.

Clear Errors Action
Clear Errors menu option in the Actions button

Confirmation and Execution

The system requests confirmation before clearing historical alerts:

Clear Errors Confirmation
Confirmation dialog for clearing historical error states

Successful completion

Clear Success
Confirmation of successful error state reset

Note

Clear operations rarely fail. Common reasons for failure include:

  • Agent server pending reboot or restart
  • Service account permission issues
  • Agent update in progress

If issues persist, wait 2-3 minutes and retry, or contact your Nodinite administrator.

Show Log Files

Display all currently monitored files with individual file management capabilities.

Show Log Files Action
Show Log Files menu option in the Actions button

Monitored File List

Active Monitored Files
Example: List of files currently being monitored for content patterns

Note

If you've configured a Clear Date Time, the file list may appear empty or contain fewer files based on your time filtering settings.

Individual File Management

Each monitored file offers these management actions:

Individual File Actions
Actions menu available for each monitored log file

Download Log File

Retrieve individual log files for offline analysis:

Download File
Download option for individual log files

Bulk download option

Save All as ZIP
Download all current files as a single ZIP archive

Delete Log File

Remove processed log files to manage disk space:

Delete File
Delete option for individual log files

Edit Time-Based Thresholds

Adjust monitoring parameters and configuration settings directly from the Web Client without agent restart.

Edit Thresholds Action
Edit thresholds menu option in the Actions button

Configurable Properties

Edit Properties Modal
Modal interface for editing content monitoring configuration

File and Pattern Settings

  • Root folder - Base directory path for log file monitoring (local or UNC path)
  • File name filter - RegEx pattern for file selection (e.g., \.xml$, error_\d{8}\.log)
  • Include child folders - Enable recursive subdirectory scanning
  • Application - Associate configuration with specific [Application][Applications] for organizational grouping

Time-Based Filtering

  • Time option - Filter files by timestamp:
    • Modified after Clear Date Time - Monitor only files modified after specified timestamp
    • Created after Clear Date Time - Monitor only files created after specified timestamp
    • None - Monitor all matching files regardless of timestamp
  • Lines have a DateTime - Enable if log lines contain parsable timestamps (used for advanced filtering)
  • Clear Date Time - ISO 8601 format timestamp to ignore events before this time
    Format: yyyy-mm-ddThh:MM:ss.ms+/-timezone (e.g., 2019-05-17T13:31:00.123+02:00)

Note

Timed match feature is disabled for content-based monitoring configurations. Timed match applies only to Correlated Events monitoring where transaction completion is tracked with timeout thresholds.

Save and apply changes

Click Save to verify and persist configuration changes. Allow time for the agent to synchronize the new settings.

Team Collaboration & Access Control

Role-Based Access Management

Distribute content monitoring responsibilities across teams using Roles and Monitor Views:

Example access patterns

  • Security Team - Monitor authentication failures, suspicious activity patterns
  • Application Team - Track application errors, performance issues in their services
  • Operations Team - Access all content monitoring for infrastructure oversight
  • Business Users - View business event patterns without server access requirements

Delegation Benefits

  • No server credentials needed - Teams view content alerts through Web Client interface
  • Audit compliance - All access and actions automatically tracked in Log Audits
  • Scope control - Limit team visibility to relevant applications via Monitor Views and Monitoring Agents
  • Action permissions - Control which teams can clear errors, download files, edit thresholds based on Roles assignments
  • User management - Add team members via Users administration for fine-grained access control

Example

Global organization with 200 servers monitoring application logs - 50 developers, 10 operations engineers, 15 support staff need content monitoring visibility. Previously required server access for all 75 people (security risk). With role-based content monitoring: 65 people's server access revoked (security improvement), teams self-manage relevant content alerts, all access audited for compliance.

Common Management Tasks

How do I reduce false positive alerts?

Use negative pattern filtering in your Content File Configuration:

  • Define positive pattern: ERROR | EXCEPTION | FATAL
  • Add negative pattern: ERROR: Retry attempt \d+/\d+ successful | Connection timeout retrying
  • Result: Alert on errors but ignore expected retry messages

Tip

For specialized scenarios, see How to monitor file content for advanced pattern matching techniques or How to monitor IIS log files for web server-specific configurations.

How do I handle high-volume log environments?

Optimize monitoring efficiency:

  1. Increase scan intervals - Check files every 5 minutes instead of 30 seconds for non-critical logs
  2. Use time-based filtering - Monitor only recent files based on creation/modification time
  3. Apply negative patterns - Reduce alert fatigue by filtering known non-actionable events
  4. Separate configurations - Use different monitoring rules for critical vs informational logs

Can I monitor the same file with multiple patterns?

Yes - create multiple content configurations:

  • Configuration 1: Monitor for security events (authentication failed | SQL injection)
  • Configuration 2: Monitor for application errors (ERROR | EXCEPTION)
  • Configuration 3: Monitor for performance issues (slow query | timeout | response time > 5000)

Each appears as a separate Resource with independent alerting and management.

Info

For transaction sequences (e.g., request-response pairs), see Monitoring Correlated Events which tracks multi-step log patterns across time.

How do I export content monitoring data for compliance?

Use built-in export capabilities:

  1. Error Reports - Download detected content as ZIP archives
  2. Alert history - Search and export historical pattern detections via Monitor Views
  3. Audit logs - Track all management actions via Log Audits for regulatory compliance

Next Steps

Working with existing content monitoring?

Adjust Thresholds - Fine-tune monitoring parameters
View Error Reports - Investigate detected patterns and download logs
Clear Alert States - Reset monitoring after investigating issues

Need to set up new monitoring?

Monitoring Content Files - Understand content-based monitoring concepts
Monitor Content Files - Deep dive into pattern detection and alerting behavior
Configure Content Files - Set up pattern matching and file filters