You need to create a new rule in the Syslog Viewer.
Open the Orion Syslog Viewer and select File -> Settings.
Click the Alerts / Filter Rules tab.
Click Add New Rule.
Click Severity / Facility tab.
From Message Severity box, untick Critical, Error and Warning checkboxes. This rule will apply to all other Syslog messages.
Click Alert Actions tab.
Click Add New Action. Select Discard the Syslog Message. Click OK.
All Syslog Messages will be discarded except Critical, Error and Warning.
Thanks. I set up the rule just like that and I am still getting Informational messages. Also, when I select messages in the Viewer and try to acknowledge them, they will not delete from the list.
One other thing. I see that syslog daty is getting written to the Orion database, but I looked at the SyslogRules table and under the EngineID field is a value of "0". Shouldn't that be a "1"?
Yet another question, please. The syslog viewer help guide states that one should be able to clear the messages from the viewer by clicking on the "X" next to the message. There are no "X" es in my viewer?
1.) I have tested this rule and it does work. If you are still getting informational syslog messages, it may be due to the engine ID issue. Please try restarting the Syslog service to see if this resolves the issue.
2.) You can acknowledge syslog messages via the Syslog page in the web console. Syslog messages wil remain in the database however, until the retention time has expired.
3.) Yes, syslog messages should have the same Engine ID as your polling engine. Please check the Engines table to see what polling engines you have registered and what IDs they have.