3 Replies Latest reply on Dec 4, 2008 10:08 AM by lchance

    how to construct a historical syslog report?


      I am trying to construct a historical syslog report with counts of message severity grouped by the hour. I have the data fields that I want except for the time summarization. How can I set that up?

        • Re: how to construct a historical syslog report?

          Here's a report I use - hope this helps. The FILTER for 10.16x.x.x is for my own use.

          SELECT  TOP 10000 Nodes.Caption AS NodeName,SysLog.IP AS Source_IP_Address,SysLog.Hostname AS Hostname,SysLog_SysLogSeverities.SeverityName AS Severity,COUNT(SysLog.Message) AS COUNT_of_Message FROM ((SysLog INNER JOIN SysLogFacilities SysLog_SysLogFacilities ON (SysLog.SysLogFacility = SysLog_SysLogFacilities.FacilityCode)) INNER JOIN SysLogSeverities SysLog_SysLogSeverities ON (SysLog.SysLogSeverity = SysLog_SysLogSeverities.SeverityCode)) LEFT OUTER JOIN Nodes ON (SysLog.IP = Nodes.IP_Address)  WHERE  (  (   NOT (SysLog.IP LIKE '10.16%')) AND   (   (Nodes.Caption <> 'myOrionServerName')))  GROUP BY Nodes.Caption, SysLog.IP, SysLog.Hostname, SysLog_SysLogSeverities.SeverityName  

          ORDER BY 2 ASC, 5 DESC