>I'm getting the following message...
>"Skipping schedule /etc/opt/ids/schedules/Custom.txt due to parse error."
>Where can I check for a problem?
Your best bet is to run the CLUI to attempt to activate your schedule, as the CLUI should give you a more informative message when there is a parsing error.
The sample output below from the CLUI, however, makes it obvious that we can improve the error messages so that both the file and offending line in the file are specified with a short explanation. Something on our list of enhancements.
That said...
For the output below, I modified one of my Surveillance Group's pathnames_1 template properties so that there was not a corresponding programs_1 entry:
> /opt/ids/bin/idsadmin --activate FileAndLoginMonitoringAlwaysOn
Wed Jul 30 16:02:15 2008: libtee: pid=3311 thread_id=1: ERROR: tmpl_files_progs_pairs_check: Unmatched files/progs list #1
Wed Jul 30 16:02:15 2008: libtee: pid=3311 thread_id=1: ERROR: tmpl_get_template_properties: Files/progs property error
ERROR: Unable to parse temp schedule file "/var/opt/ids/tmp/FileAndLoginMonitoringAlwaysOn.txt".
>
For this output, I added some bogus characters for a template property value:
> /opt/ids/bin/idsadmin --activate FileAndLoginMonitoringAlwaysOn
Wed Jul 30 16:15:32 2008: libtee: pid=3343 thread_id=1: ERROR: tmpl_create_file_list_link: Regular expression error
Wed Jul 30 16:15:32 2008: libtee: pid=3343 thread_id=1: ERROR: tmpl_list_store: Error creating property value file list link, line: "^/sbin/.*display$somejunkhereattheendoftheline"
Wed Jul 30 16:15:32 2008: libtee: pid=3343 thread_id=1: ERROR: tmpl_create_files_group_link: string group error
Wed Jul 30 16:15:32 2008: libtee: pid=3343 thread_id=1: ERROR: tmpl_list_store: Error creating property value file list link, line: "programs_1 | ^/usr/bin/nfsstat$ & ^/usr/sbin/syncer$ & ^/sbin/mount$ & ^/sbin/umount$ & ^/sbin/fs/.*/mount$ & ^/opt/cifsclient/bin/cifsmount$ & ^/sbin/fs/.*/umount$ & ^/opt/cifsclient/bin/cifsumount$ & ^/usr/bin/df$ & ^/usr/bin/bdf$ | ^/sbin/.*display$ some junk here at the end of the line"
Wed Jul 30 16:15:32 2008: libtee: pid=3343 thread_id=1: ERROR: tmpl_files_progs_pairs_store: Error creating list, line: "programs_1 | ^/usr/bin/nfsstat$ & ^/usr/sbin/syncer$ & ^/sbin/mount$ & ^/sbin/umount$ & ^/sbin/fs/.*/mount$ & ^/opt/cifsclient/bin/cifsmount$ & ^/sbin/fs/.*/umount$ & ^/opt/cifsclient/bin/cifsumount$ & ^/usr/bin/df$ & ^/usr/bin/bdf$ | ^/sbin/.*display$ some junk here at the end of the line"
Wed Jul 30 16:15:32 2008: libtee: pid=3343 thread_id=1: ERROR: tmpl_ro_line_process: Property values syntax error line: "programs_1 | ^/usr/bin/nfsstat$ & ^/usr/sbin/syncer$ & ^/sbin/mount$ & ^/sbin/umount$ & ^/sbin/fs/.*/mount$ & ^/opt/cifsclient/bin/cifsmount$ & ^/sbin/fs/.*/umount$ & ^/opt/cifsclient/bin/cifsumount$ & ^/usr/bin/df$ & ^/usr/bin/bdf$ | ^/sbin/.*display$ some junk here at the end of the line"
Wed Jul 30 16:15:32 2008: libtee: pid=3343 thread_id=1: ERROR: tmpl_get_template_properties: Processing error in property line: "programs_1 | ^/usr/bin/nfsstat$ & ^/usr/sbin/syncer$ & ^/sbin/mount$ & ^/sbin/umount$ & ^/sbin/fs/.*/mount$ & ^/opt/cifsclient/bin/cifsmount$ & ^/sbin/fs/.*/umount$ & ^/opt/cifsclient/bin/cifsumount$ & ^/usr/bin/df$ & ^/usr/bin/bdf$ | ^/sbin/.*display$ some junk here at the end of the line"
ERROR: Unable to parse temp schedule file "/var/opt/ids/tmp/FileAndLoginMonitoringAlwaysOn.txt".
>
The GUI also needs to be enhanced to better deal with these error conditions and give more informative error info. We have noted this for a future release.
Pierre
