The most recent content from our members.
Not sure why there are duplicate logs receiving at SW syslog, for every logs there are twice or thrice syslog are received. sent by the nodes, is there any solution to this or anything else is there that needs to be done. SW Version: 2024.4
Hello, Is it possible to create a custom alert in case in the last x hours we receive a high number of Syslogs? Thanks
Does anyone has an explanation about how to use SWQL/SQL query on creating alerts? i want to create a node alert by SQL/SWQL querys. is it possible?
How do I setup the orion syslog server and configure all my servers to forward event logs to orion? Is there a training video out there somewhere? I also want to have scheduled reports based on the event logs, specifically logon and logoff times by end users. thanks.
I have over 500 alerts set up in the syslog receiver and I'm wondering when there will be an update to it? 10.1? Seems like I've been waiting since 8.5.1. It's an extremely clunky interface.....try moving an alert from the bottom to the top when you have 500 set up. Tx.
I would like to better understand the limitations to the SNMP and SysLog viewers through NPM. We are running NPM 9.5.1, but are expeciting to upgrade to 10 sometime in the near future. Is there any way for the Trap Viewer to provide information about a received trap that is not in the variable ${Message}? Specifically, if…
Hi Guys, I have started to use the Syslog and Trap parsers quite heavily and have setup lots of rules for generating emails to our teams on specific conditions etc etc However when things break or go wrong (as they do) we tend to get 1000's of messages - syslogs especially - which can cause a lot of emails to be sent in…
I am running NPM v10, is their no way to search the actual message of the Syslogs? I am trying to find specific TCP streams from a firewall, is this not possible?
I have Windows Log Forwarder setup on my DC to forward all Logon Account failures to the NPM syslog. This seems to be working fine, however I have had to setup a SYSLOG filter rule to look for '*0x19*' in the syslog message and the action is to discard the message from syslog viewer. Again, this seems to work fine. However…
Even if I unmanage a device, it would still send Syslogs to NMP. I'm wondering if the Syslogs will look to see if a device is managed before actioning any rules. I have some Syslogs rules that kicks a script to generate a ticket in our Remedy system and I wouldn't like ticket to be created from Syslogs rules if the device…
It looks like you're new here. Sign in or register to get started.