We have a requirement which is highlighted below.
We have noticed that below event ID is triggered on the server when the Windows activation is failed.
Event ID: 8198
As we have only configured logmon for Dell_OMSA servers. Could you please help us to configure below requirement (IBM).
Release : 20.3
Component : UIM LOGMON 4.11/4.20
Here is the watcher section from the ntevl.cfg showing the Windows_activation profile.
active = yes
description = Event log messages with source 'Windows Activation'
level = from eventlog
logs = application
severity = 1
source = /.*Security-SPP.*/
category = *
event_id = 8198
user = *
computer = lvxxxxxxx39
message = /.*License Activation.*/
send_alarm = yes
alarm_message = $source($event_id - $category): $message
i18n_token = as#system.ntevl.src_id_cat_1
send_subject = no
suppress = no
exclusive = no
qos_count = no
qos_interval = 3600
runcommandonmatch = 0
Here is the email of the ntevl alarm base don the nas AO Profile created for an action of EMAIL.