How to alert on the absence of logs from one or more log sources using TIBCO LogLogic LMI
Article ID: KB0077320
Updated On:
| Products | Versions |
|---|---|
| TIBCO LogLogic Log Management Intelligence | all versions |
Description
Users can create message volume alerts for one or more log sources. The same alert type can be used for alerting when one or more log sources completely cease sending logs to LMI for a specified period of time. Use the solution below to implement that configuration.
Issue/Introduction
This article explains how to create an alert for monitoring when one or more log source cease sending logs to LMI.
Resolution
1. Click Alerts->Manage Alert Rules.
2. Click the Add new alert button.
3. Select Message Volume Alert on the Type tab.
4. Check the box on the General tab labeled Zero Message Alert.
5. Specify the name, reset time, timespan and priority.
6. On the Devices tab specify which sources you want the alert to monitor.
7. Specify syslog/SNMP alert receivers on the Alert Receivers tab.
8. Specify email recipients if desired on the Email Recipients tab.
9. Click Save.
2. Click the Add new alert button.
3. Select Message Volume Alert on the Type tab.
4. Check the box on the General tab labeled Zero Message Alert.
5. Specify the name, reset time, timespan and priority.
6. On the Devices tab specify which sources you want the alert to monitor.
7. Specify syslog/SNMP alert receivers on the Alert Receivers tab.
8. Specify email recipients if desired on the Email Recipients tab.
9. Click Save.
Feedback
Yes
No
Powered by
