SQL query to generate High syslog count alert 20223.4 version

thealternate

Hi All,

anyone can help me with SQL or SWQL query to pull out high syslog alert. Thanks!

i am having a query but that is not working in 20223.4 version . 

you help is much appreciated..

below query was working in earlier version.. Thanks!

SELECT Nodes.Caption, Nodes.NodeID FROM Nodes

inner join  Syslog as S

on nodes.Nodeid=S.Nodeid

where S.DateTime>DATEADD(day, -1, GETDATE() )

Group by Nodes.Caption, Nodes.NodeID

having COUNT(S.Msgid) >120000

stuartd

I can't really help, but in our setup the syslog table in the DB is empty.

To me that says you'll need to find where the information you want has moved to, and JOIN that instead.