Several alert types have the option to match against a regex. You can specify a Python Regular Expression to use as the match pattern so you can easily match multiple processes which may have different parameters.
Nobody likes writing regexes so here are a few examples that should cover most situations. The Python documentation also has a good intro guide and regex101 allows you to interactively test regex in your browser. In all the examples below we are matching against several processes running called /sbin/mingetty
which have parameters after them ttyn
where n
is a number from 1 to 6.
-
(.*)mingetty
- will match anything beforemingetty
-
(.*)mingetty(.*)
- will match anything before and aftermingetty
-
(.*)mingetty(\stty)[1-3]
- will match the first 3 instances but not the last 3. Here(.*)
matches/sbin/
at the start,mingetty
is specified and then any whitespace character followed bytty
(\s
matches the whitespace character). Finally the numbers 1 to 3 (i.e. 1, 2 and 3) are matched.
Comments