Managing Content Files
Take complete control of your content-based log file monitoring—set thresholds, perform remote actions, and manage alert states for pattern-detected events across all your text-based log files.
Take control of your content-based log file monitoring with the Nodinite Log File Parser Monitoring Agent. On this page, you will:
- ✅ Automate pattern-based alerting for ERROR, EXCEPTION, security threats, and business events
- ✅ Perform instant remote actions to investigate issues and manage alert states
- ✅ Configure smart thresholds to reduce noise and focus on actionable problems
- ✅ Empower distributed teams with role-based access to content monitoring insights
- ✅ Maintain compliance with full audit logging of all management actions
You monitor the content of one or more text-based log files using RegEx pattern matching. Each content file configuration appears as a unique Resource, with user-friendly display names from your Content File Configuration settings.
| Application Teams | IT Operations | Business Users |
|---|---|---|
| Automate error detection and eliminate manual log scanning | Gain centralized control of log monitoring without server access | Get proactive alerts for business-critical events and compliance issues |
Example: Content-based log file configurations displayed in a Monitor View
Management Features
The Nodinite Log File Parser Monitoring Agent enables comprehensive content file management:
- Pattern-based monitoring - Configure RegEx patterns for error detection, security monitoring, business event tracking
- Remote actions - Investigate issues, download logs, clear alert states from the Web Client
- Real-time configuration - Adjust monitoring parameters without agent restart
- Historical analysis - Search alert history, export compliance reports, track trends
As an Administrator with access to Monitoring Agents, you use the Remote Administration interface to:
- Add, remove, and manage Content File Configurations
- Adjust pattern matching and threshold settings
- Enable and disable monitoring per configuration
For complete configuration details, see Configuration - Content File.
| Category | Resource Name | Monitoring | Available Actions | Analytics |
|---|---|---|---|---|
| Log File Events | Pattern-based configurations | Content detection enabled | Error Reports · Clear States · File Management · Edit Thresholds | Alert history and trends |
Category: Log File Events
The Category Log File Events creates one Resource entry for each content file configuration, enabling centralized management of pattern-based monitoring.
Example: Content file configurations organized by category in a Monitor View
For detailed monitoring concepts, review Monitoring Content Files.
Available Remote Actions
You perform these Actions from Monitor Views where Remote Actions are enabled:
Remote Actions available for content-based monitoring resources
Management Actions:
- Error Report - View detected patterns with file context and download options
- Clear Errors - Reset alert states and ignore historical events
- Show Log Files - Display monitored files with individual file management
- Edit Thresholds - Adjust monitoring parameters in real-time
Info
All management actions are logged to the Audit Log for compliance tracking. When you or other Users perform operations, Nodinite maintains complete activity records.
Error Report
View comprehensive details about detected content patterns, including file context, matched text, and download options.
Example: Error Report menu item in the Actions button
Pattern Detection Details
When content patterns are detected, the Error Report displays:
Example: Error report showing detected content patterns with file context
Report Contents:
- Matched patterns - Exact RegEx matches found in log files
- File context - Source file names, timestamps, line numbers
- Pattern details - Which specific patterns triggered the alert
- File access - Download individual files or create ZIP archives
Download Options
Save all detected content as ZIP:
Create comprehensive archive of all files containing detected patterns
Expand for detailed analysis:
Detailed view of detected patterns with full context and file information
Review monitoring thresholds:
Current threshold settings for the content monitoring configuration
Clear Error(s)
Reset alert states and ignore historical pattern detections to focus on new events.
Clear Errors menu option in the Actions button
Confirmation and Execution
The system requests confirmation before clearing historical alerts:
Confirmation dialog for clearing historical error states
Successful completion:
Confirmation of successful error state reset
Note
Clear operations rarely fail. Common reasons for failure include:
- Agent server pending reboot or restart
- Service account permission issues
- Agent update in progress
If issues persist, wait 2-3 minutes and retry, or contact your Nodinite administrator.
Show Log Files
Display all currently monitored files with individual file management capabilities.
Show Log Files menu option in the Actions button
Monitored File List
Example: List of files currently being monitored for content patterns
Note
If you've configured a Clear Date Time, the file list may appear empty or contain fewer files based on your time filtering settings.
Individual File Management
Each monitored file offers these management actions:
Actions menu available for each monitored log file
Download Log File
Retrieve individual log files for offline analysis:
Download option for individual log files
Bulk download option:
Download all current files as a single ZIP archive
Delete Log File
Remove processed log files to manage disk space:
Delete option for individual log files
Edit Time-Based Thresholds
Adjust monitoring parameters and configuration settings directly from the Web Client without agent restart.
Edit thresholds menu option in the Actions button
Configurable Properties
Modal interface for editing content monitoring configuration
Adjustable settings:
- Description - User-friendly description for the content file configuration
- Clear Date Time - ISO 8601 format timestamp to ignore events before this time
Format:yyyy-mm-ddThh:MM:ss.ms+/-timezone(e.g.,2019-05-17T13:31:00.123+02:00) - Pattern thresholds - Configure when content pattern detection triggers warnings vs errors
Save and apply changes: Click Save to verify and persist configuration changes. Allow time for the agent to synchronize the new settings.
Team Collaboration & Access Control
Role-Based Access Management
Distribute content monitoring responsibilities across teams using Roles and Monitor Views:
Example access patterns:
- Security Team - Monitor authentication failures, suspicious activity patterns
- Application Team - Track application errors, performance issues in their services
- Operations Team - Access all content monitoring for infrastructure oversight
- Business Users - View business event patterns without server access requirements
Delegation Benefits
- No server credentials needed - Teams view content alerts through Web Client interface
- Audit compliance - All access and actions automatically tracked in Log Audits
- Scope control - Limit team visibility to relevant applications via Monitor Views
- Action permissions - Control which teams can clear errors, download files, edit thresholds
Example: Global organization with 200 servers monitoring application logs - 50 developers, 10 operations engineers, 15 support staff need content monitoring visibility. Previously required server access for all 75 people (security risk). With role-based content monitoring: 65 people's server access revoked (security improvement), teams self-manage relevant content alerts, all access audited for compliance.
Common Management Tasks
How do I reduce false positive alerts?
Use negative pattern filtering in your Content File Configuration:
- Define positive pattern:
ERROR|EXCEPTION|FATAL - Add negative pattern:
ERROR: Retry attempt \d+/\d+ successful|Connection timeout retrying - Result: Alert on errors but ignore expected retry messages
How do I handle high-volume log environments?
Optimize monitoring efficiency:
- Increase scan intervals - Check files every 5 minutes instead of 30 seconds for non-critical logs
- Use time-based filtering - Monitor only recent files based on creation/modification time
- Apply negative patterns - Reduce alert fatigue by filtering known non-actionable events
- Separate configurations - Use different monitoring rules for critical vs informational logs
Can I monitor the same file with multiple patterns?
Yes - create multiple content configurations:
- Configuration 1: Monitor for security events (
authentication failed|SQL injection) - Configuration 2: Monitor for application errors (
ERROR|EXCEPTION) - Configuration 3: Monitor for performance issues (
slow query|timeout|response time > 5000)
Each appears as a separate Resource with independent alerting and management.
How do I export content monitoring data for compliance?
Use built-in export capabilities:
- Error Reports - Download detected content as ZIP archives
- Alert history - Search and export historical pattern detections via Monitor Views
- Audit logs - Track all management actions via Log Audits for regulatory compliance
Next Steps
Need to configure content monitoring?
Configure Content Files - Set up pattern matching and file filters
[Monitor Content Files][] - Understand monitoring concepts and capabilities
Want to explore correlation monitoring?
Managing Correlated Events - Track transaction sequences across log files
Monitoring Correlated Events - Understand ACK/NAK correlation concepts
Need implementation examples?
Monitor IIS W3SVC Logs - HTTP errors, performance, security
Monitor File Content - General content pattern detection
Related Topics
Monitoring Content Files - Content-based monitoring concepts and features
Managing Correlated Events - Transaction sequence management and ACK/NAK correlation
Configuration - Content File - Complete setup and pattern configuration
Troubleshooting Content Monitoring - Common issues and resolution guides