I apologize if this is a "newbie" type question that can be answered by reading the manual... however I'm just a bit confused on Log Viewer vs Log Analyzer in Orion.
We send a lot of syslog and SNMP traps to Orion and would like to start possibly alerting on some of these items (eg: APC Struxureware sends a Device Alarm). I can see what looks like some out-of-box Cisco rules which are set up to add a tag for things like authentication failures under Traps > Default Logging Rules while on the Log Processing Configuration page.
The question I have is: when building a custom rule, is the ability to add a tag only available with Log Analyzer? And if so, what is the best way to alert w/ Log Viewer if possible. Here's what options I currently have to configure for Log Entry Actoins:
If adding tags with Log Viewer is not possible - which option should I choose if I simply want to make an alert?
Thank you Thwack community!