You can test a string or variable against a pattern, and define an output string that is conditional on the result. You can do this by using $MATCH, which has the following syntax:
$MATCH(string, pattern, true, [false])
Specify the parameters as follows:
string- Specify a literal string (for example,
TEST STRING) or a policy variable (for example<$LOGPATH>). pattern- Specify a pattern, using HPE Operations Agent pattern matching syntax. You can create user-defined variables in the pattern to use in the parameters
trueandfalse. The pattern is case sensitive. true- Specify a string to return if the string and pattern match. You can specify a literal string, or a user-defined variable, or a policy variable.
false- Optional. Specify a string to return if the string and pattern do not match. You can specify a literal string, or a user-defined variable, or a policy variable.
Separate each parameter with a comma (,). To specify a comma within a parameter, you must precede it with two backslashes (\\).
You can use $MATCH within your policies in all the available fields of the metric attributes.
You can use $MATCH within your policies in the following event attributes:
-
Application
-
Category
-
Custom Attributes
-
Close Events with Key
-
Description
-
ETI Hint
-
HPOM Service ID
-
Key
-
Type
-
Node
-
Object
-
Related CI Hint
-
Severity
-
Source CI Hint
-
Subcategory
-
TimeCreated
-
Title
Note: You can use $MATCH only once in each message attribute. You cannot use $MATCH recursively.
Example
A policy can read a number of log files. The name of the path of the log file is available in the policy variable <$LOGPATH>. If part of the log file path corresponds to an application name, you can use $MATCH to set the application event attribute as follows:
$MATCH(<$LOGPATH>,<@.application>.log, <application>, Unknown)