From the Alarms tab you can view details of the alarms that have been generated.
The Alarms tab has one panel that displays Alarm status.
This workflow shows the overall process for configuring event sources. It also shows where configuring alarms and alerts settings are located in the process.
|Role||I want to...||Documentation|
View and modify event sources.
Acknowledge and map events sources.
Add and configure parser mappings for a Log Decoder
*View event source alarms.
Troubleshoot event source management.
*You can perform this task here.
The Alarms tab presents the details for Event Sources that are currently in violation of a policy and threshold. Only Event Sources in violation of a policy appear in the list. After the event source returns to a normal state, the corresponding alarm disappears from the list.
|1||Displays the IP, IPv6, or Hostname of the event source that is alarmed.|
|2||Displays the type of the alarmed event source. For example, winevent_nic (for Microsoft Windows) or rhlinux (for Linux).|
|3||Displays the event source group that contains the event source for which the alarm has been triggered.|
|4||Displays the type of threshold that was triggered: High or Low|
|5||Displays the conditions of the threshold that was triggered. For example:|
5,000,000 events in 5 minutes
|6||Displays the number of events in the threshold time period causing the alarm.|
Displays the initial time the event source went into an alarmed state.
Displays the elapsed time since the event source entered an alarmed state.
Displays the Log Collector last collecting from this event source.
Displays the Log Decoder last receiving from this event source.
Displays the alarm type. Alarm type is either Manual or Automatic:
Select the Filter icon to display the Filter menu:
Select either Automatic or Manual: