I have a syslog alert set up to send emails whenever one of my WAN circuits drop. Unfortunately, I have a VoiP administrator that reboots his systems every Monday morning, causing me to receive a bunch of useless emails. If I put a rule with a Discard action that is timed for his reboots above the rule that sends my email alerts, will the Discard rule come into action first? Does the syslog alerting search through the rules from top to bottom?
Thanks,
Erik
