Users Guide
b) Click Next.
6. In the Severity section, select the severity level of the alert for which this policy must be activated.
a) To select all the severity categories, select the All check box.
b) Click Next.
7. In the Actions section, select one or more check boxes to initiate the following actions when the policy is run:
• Send email to a designated recipient by selecting the Email check box, and specifying data in the fields.
• Configure SNMP alerts by clicking Enable next to the SNMP Trap Forwarding check box. In the SNMP Configuration dialog
box, enter or select data. See Configure SMTP, SNMP, and Syslog alerts.
• Configuring Syslog properties.
• Select the Ignore check box to ignore the alert message and not activate the alert policy.
• Send SMS to a telephone number by entering a phone number in To.
• Control the power of the device by power cycling, turning on, or turn off the device. To shut down an OS before performing
power control actions, select the Shut down OS First check box.
• Run a remote command by clicking Enable next to Remote Script Execution:
• In the Remote Command Setting dialog box, type or select information to set up the remote commands you want to run.
See Execute remote commands and scripts.
• From the drop-down menu, select the script you want to run when this alert policy is run. You can set up running the remote
command also as described in Managing OpenManage Enterprise appliance settings.
• Mobile: Send notifications to the mobile phone(s) registered with this OpenManage Enterprise version. See OpenManage Mobile
settings.
8. Click Next.
9. In the Summary section, details of the alert policy you defined is displayed. Carefully read through the information.
10. Click Finish.
The alert policy is successfully created and listed in the Alert Policies section.
Related information
Alert policies
Forward audit logs to remote Syslog servers
Forward audit logs to remote Syslog servers
To monitor all the audit logs of OpenManage Enterprise from Syslog servers, you can create an alert policy. All the audit logs such as user
login attempts, creation of alert policies, and running different jobs can be forwarded to Syslog servers.
To create an alert policy to forward audit logs to Syslog servers:
1. Select Alerts > Alert Policies > Create.
2. In the Create Alert Policy dialog box, in the Name and Description section, enter a name and description of the alert policy.
a) The Enable Policy check box is selected by default to indicate that the alert policy will be enabled once it is created. To disable
the alert policy, clear the check box. For more information about enabling alert policies at a later time, see Enable alert policies.
b) Click Next.
3. In the Category section, expand Application and select the categories and subcategories of the appliance logs. Click Next.
4. In the Target section, the Select Devices option is selected by default. Click Select Devices and select devices from the left pane.
Click Next.
NOTE: Selecting target devices or groups is not applicable while forwarding the audit logs to the Syslog server.
5. (Optional) By default, the alert policies are always active. To limit activity, in the Date and Time section, select the 'from' and 'to'
dates, and then select the time frame.
a) Select the check boxes corresponding to the days on which the alert policies must be run.
b) Click Next.
6. In the Severity section, select the severity level of the alerts for which this policy must be activated.
a) To select all the severity categories, select the All check box.
b) Click Next.
7. In the Actions section, select Syslog.
If Syslog servers are not configured in OpenManage Enterprise, click Enable and enter the destination IP address or the hostname of
Syslog servers. For more information about configuring Syslog servers, see Configure SMTP, SNMP, and Syslog alerts.
8. Click Next.
72
Monitoring device alerts