User guide
Setting Up Event Filters for SYSLOG Events Configuring System Logs (NMS System Log Server)
9-27
AlliedView NMS Administration Guide (Setting Up Fault Management)
6. Click OK.
To add more actions, click and add more action types and details. Cancel any filters or actions by clicking Cancel as
they appear in context. The resulting alert filters and actions can be reordered by drag and drop.
To delete an alert filter, select a filter from the list and then click from the Alert Filter panel. Any associated action will
also be deleted.
To load a set of alert filters from a file, click Load From File. A dialog box prompts for the file path to read the filters from.
Click Load to load the filters.
To save a set of alert filters (for later use or as a backup), click Save. A dialog box prompts for the file path to write the filters
to. Click Save to save the filters.
Brings up the Save <type of information> to File form. Save the trap parsers as a file. The default path is to the conf directory. This
allows the configured trap parser to be used again and as a backup.
Note: When saving these files, the AlliedView NMS sets as the default directory the <NMS Home>/state
directory, so for example the file path:
../conf/event.filters
is being saved in the
conf directory by going up one level from the state directory (..) and then down to the conf
directory. If the user enters in the form only a file name, that file is being saved in the default
state directory.
If any changes are made and the window is closed without clicking Apply, a prompt will appear asking whether to make the
changes.
9.5.5 Setting Up Event Filters for SYSLOG Events
Section 9.6 describes how to configure system logs. To configure the event filter for system logs, you set the Category field
(shown in Figure 9-16) with the string “SYSLOG-” and the Event Type. For all event types that have been configured, the
string “SYSLOG-*” would be entered. You would then continue to configure the type of action.
9.6 Configuring System Logs (NMS System Log Server)
Logs are indications of various changes that occur in the managed devices on a network. To assist in troubleshooting net-
work problems and in monitoring the overall health of the network, it is important to monitor certain logs as they are
received from the network devices. Proper management of these system logs (also called SysLogs), is controlled by the
NMS System Log Server feature, and the feature helps in monitoring and troubleshooting your network.
Up until NMS release 11.0 SP5, this feature worked as follows:
• All SysLog messages were stored in the NMS database if enabled.
• Only events that were reported by discovered devices were processed by the NMS and stored.
In NMS release 11.0 SP5, the following changes are made:
• Incoming events from non-discovered devices can also be received. Since the administrator may not want syslog infor-
mation to be stored on the NMS database, there is also the option for SysLogs to be stored in a local file.
• The Status Monitoring GUI has a System Log tab added to the “Application Logs” option, allowing the local file to be
viewed, as well as the option to export the local file to the client’s browser or NMS server. Refer to 3.9.
The relationship between the components that provide system logs is as follows:
• The log types that are displayed in the System Log Events tree node (Under Network Events) are those being stored in
the database, and are controlled through configuring the system log server, described in 9.6.1.