Syslog KB
From Documentation
Contents |
Overview
The primary aim of the Syslog knowledge base in Sentinel3G is to provide notification of important system messages using monitoring that is consistent across various UNIX, Linux and Windows platforms. Due to differences between the various operating systems we monitor, complete consistency is not always achievable. This document describes the general content of the Process knowledge base, and the discrepancies between them on different platforms.
Syslog Knowledge Base Version
| Version | Availability Date | Min Sentinel Version |
|---|---|---|
| 1.0 | 6th Feb, 2006 | 4.4 |
Syslog Knowledge Base
Error Messages Class
| Sentry | AIX | HPUX | Linux | SCO | Solaris | Tru64 | Windows |
|---|---|---|---|---|---|---|---|
| Syslog | √ | √ | √ | √ | √ | √ | √ |
- NOTE
- Process Knowledge Base includes the Process Management Console, provided as an action against the Processes sentry class.
¹ On certain OSes the Processes sentry is turned off by default. Certain instances are provided as examples (nmdb, smdb) only, but should be changed to reflect the system on which the KB is installed. Note also that system services (daemons) are normally monitored via the Services sentry, so check in the Services folder before adding processes to be monitored.
Sentry Details
Overview
| Sentry | Class | Agent | Poll Time | States | Logging |
|---|---|---|---|---|---|
| Syslog | Error_Messages | Syslog | 30s | √ |
Sentry State Details
Syslog Sentry
- Availability
- AIX, HPUX, Linux, SCO, Solaris, Tru64, Windows
States
| State | Severity | Condition | Escalation |
|---|---|---|---|
| Critical | critical | $severity == "critical" | delete after acknowledgement |
| Severe | severe | $severity == "severe" | delete after acknowledgement |
| alarm | alarm | $severity == "alarm" | delete after acknowledgement |
| warning | warning | $severity == "warning" | delete after acknowledgement |
| info | info | $severity == "information" | delete after acknowledgement |