How can I set up alerts based on Syslog?
Let’s say I have a router that is sending syslogs to SolarWinds and Warning events look like this:
I want to create an alert that can be triggered by this warning. How do I set up the alert?
Thanks
You can set up alerts for syslog events by using syslog viewer. Under view, select alert/filter rules, then add new rule. Then you can set what patterns, IP's, & severity to alert on. Then you can set the alert actions. The alert actions are similar to the ones in Advanced alert manager.
Zak Kahl
Loop1 Systems
www.loop1systems.com
Which alert action in Syslog Viewer do you choose that the alert appears in the NPM alerts view?
So the syslog msgs wont appear in alerts, but will appear in the syslog view. If you want both on the same view, just add resources "active alerts" and "last xx syslog messages" to the same view. Remember a syslog may be just informational stuff, and may not be considered an alert.
http://www.loop1systems.com
I was trying to create a top level view for NOC. I really couldn't expect that helpdesk would parse Syslog messages. Luckily "Last XX Syslog Messages" web resource provides powerful filtering and was able to filter out a single Syslog message. I need this because an application I want to monitor only reports its state through Syslog messages (no MIBs or SAM components).
It's not an alert (cannot be acknowledged etc.), cannot be reflected in a group status, but it will work for now. Thanks for a hint.
