Community
- Command Central
- MVP Program
- Monthly Mission
- Blogs
- Groups
- Events
- Media Vault
Products
- Observability
- Network Management
- Application Management
- IT Security
- IT Service Management
- System Management
- Database Management
Content Exchange
- SolarWinds Platform
- Server & Application Monitor
- Database Performance Analyzer
- Server Configuration Monitor
- Network Performance Monitor
- Network Configuration Manager
- SQL Sentry
- Web Help Desk
Free Tools & Trials

Receive an Alert when no Syslog Events in a Period of Time

I would like to be able to receive an alert if certain Syslog nodes do not send any logs within a specific amount of time, for an example: A firewall or other device that is regularly sending Syslog alerts.

On the "Ops Center" tab, there is the "Node Health" section that shows the Last Event time for nodes, including Syslog nodes, but there does not appear to be a way to alert based on this value. If I do not receive any data from my firewalls within 15 minutes, I would like an alert to fire, for example.

Thank you.

Find more posts tagged with

Status: None

Comments

jhynds

LEM 6.6 includes a new Node Management page which exposes the 'Last Event Received' time. Although it is not possible to create an alert based on this time, it may help to identify nodes that haven't transmitted logs in some time. It is also possible to filter based on this time, e.g. show me all nodes that have not transmitted logs for more than 24 hours.

Screenshot 2018-12-14 at 14.42.10.png