HPE Community
IMC
1752600 Members
4221 Online
108788 Solutions
New Discussion

Re: iMC Syslog Email Alerts

 
LindsayHill
Honored Contributor

‎05-23-2014 04:33 PM

‎05-23-2014 04:33 PM

Re: iMC Syslog Email Alerts

Cool, we'll work through it then. When you've grabbed those screenshots, we should be able to figure out the right templates that you'll need.

Enjoy the break
__
@northlandboy
0 Kudos
Rick Johnson_6
Occasional Advisor

‎05-29-2014 06:18 AM

‎05-29-2014 06:18 AM

Re: iMC Syslog Email Alerts

As far as formats go, I believe it is in the evtx format.  If there is a specific way to check, I'm unaware on how to do it.  Here are some screenshots of events from a couple of the servers I have set to forward warning and above events to IMC.  I'm attaching a Word document with two screenshots as they appear in IMC.

 

 

 

 

0 Kudos
LindsayHill
Honored Contributor

‎05-30-2014 08:48 PM

‎05-30-2014 08:48 PM

Re: iMC Syslog Email Alerts

OK, so I'd probably start with a couple of templates like this:

 

To pick up Warning Application events:

"* MSWinEventLog * Application * Warning $(Hostname) 0 $(Message)"

 

Warning System events:

"* MSWinEventLog * System * Warning $(Hostname) 0 $(Message)"

 

You can do something similar with Critical events.

__
@northlandboy
0 Kudos
Rick Johnson_6
Occasional Advisor

‎06-02-2014 04:53 AM

‎06-02-2014 04:53 AM

Re: iMC Syslog Email Alerts

Thank you very much!  I'll give that a try.  I'm sure it's a matter of getting the templates right; however, I wasn't sure of what variables to use.  I will post the results.

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.