Hi @Bixby ,
You would have to use wildcards to be able to monitor log files/folders that change daily, as far as I know the builtin UNIX/Linux log file monitor in SCOM 2012 R2 cannot handle wildcards.
You could have a look at the following community management pack:
UNIX/Linux LogFile Monitoring Library MP
Here's a blog post the author of the above management pack wrote about Linux log file monitoring with his custom management pack:
Lifting limitations for monitoring UNIX/Linux LogFiles using SCOM
Otherwise you could also try to use a monitor based on a shell script to achieve this:
- SCOM 2012: UNIX/Linux Monitoring with Scripts
- SCOM 2012 – Linux Two-State Monitor With "Script In Script"
In SCOM 2019 the Linux log file monitoring has been enhanced with the following:
- Wild card characters in log file name and path.
- New match patterns for customizable log search like simple match, exclusive match, correlated match, repeated correlation and exclusive correlation.
- Support for generic Fluentd plugins published by the fluentd community.
On a side note, it might be worth considering an upgrade of your SCOM environment soon, the newer SCOM versions offers a lot of nice new capabilities.
----------
(If the reply was helpful please don't forget to upvote or accept as answer, thank you)
Best regards,
Leon