Log viewer alerts from syslog

I only have log viewer (not analyser) running on version  2024.1.1 and I'm trying to create an alert when a syslog message is received - trying to alert on an IP SLA threshold.

Syslog message is arriving OK and I can create a rule but it's not working - hopefully missing something simple. More detial below, thanks

Here's the syslog I get 

and I created this rule

Parents
  • So, I'm going to assume the actual message you want to alert on does say "exceeded" as that makes a lot more sense than using "cleared"!!

    I think what you're doing here will only put a message in the "Message Center".   I don't see a related alert in what you did.   If there was a related "Alert", you should see it, like the "ERR_DISABLE" linked alert in this screen cap...

    So, if its an alert you want, and not just a message, click on the "Create a new alert that fires" and set up an alert?

Reply
  • So, I'm going to assume the actual message you want to alert on does say "exceeded" as that makes a lot more sense than using "cleared"!!

    I think what you're doing here will only put a message in the "Message Center".   I don't see a related alert in what you did.   If there was a related "Alert", you should see it, like the "ERR_DISABLE" linked alert in this screen cap...

    So, if its an alert you want, and not just a message, click on the "Create a new alert that fires" and set up an alert?

Children