A Syslog Messages monitor checks information in log messages across IP networks. Syslogs are sent by many operating systems and infrastructure devices, most notably Unix-based systems and security devices.
As with SNMP traps, syslog messages are the logical equivalent to an alert from the vendor's perspective and are sent from the device to Onsite Manager.
Syslog Facilities
All
Kernel messages
User-level messages
System daemons
Security/authorization messages
Messages generated internally by syslogd
Line printer subsystem
Network news subsystem
UUCP subsystem
CRON facility
Clock daemon
Security/authorization messages
FTP daemon
NTP subsystem
Log audit
Log alert
Local use 0 - local use 7
Syslog Severity
All
Emergency
Alert
Critical
Error
Warning
Notice
Informational
Debug
What You Can Do
You can:
Collect information about Unix systems and applications they host.
Receive critical security information from firewalls.
To add a monitor for Syslog Messages
Do one of the following:
To add the monitor to a policy, in Service Center, click Service Delivery > Policies > Monitoring. Click the name of the monitoring policy. Click the Monitors tab.
To add the monitor to a device directly, in Service Center, click Configuration > Alerting > Monitor & Alert Rules. From the Site list, select the site where the device is located. From the Device list, select the device to which you want to add a monitor.
Click Add Monitor.
Select Syslog Messages from the list.
Click Add Monitor.
In the Monitor tab, type a title for the monitor.
Optionally, type a description for the monitor.
Ensure the Enabled check box is selected.
Select a Facility from the drop-down list.
Select a Severity from the drop-down list.
Type part of a syslog message in the Syslog Message box.
To configure an alert, see Setting Alert Actions.
Click Save.