Integrate the sysloggtw and logmon probe in CA UIM to alarm on selected syslog events/messages since sysloggtw does not have a filter capability.
How to integrate the sysloggtw and logmon probes to alarm on selected syslog events/messages.
The sysloggtw acts as a gateway from the Syslog "world" into Nimsoft. Most network-devices, such as routers, switches, bridges and so on, reports events using SNMP as well as using the well-known syslog format. Your network admin can configure 1 or more devices to send syslog data to the NMS hub. The sysloggtw will listen to port 514/udp when running in a receive mode. All incoming syslog messages will be acted upon using the defined receive mode:
- Generate Nimsoft Alarm
- Generate SYSLOG-IN (for post-processing) messages
- Log to file
The sysloggtw is also capable of receiving Nimsoft alarm messages from e.g. the NAS auto-operator that will be converted to a syslog message and passed onto remote syslog daemons.
You may combine the sysyloggtw with logmon to post-process incoming syslog messages. Some devices e.g., Cisco routers may add an index to each message. Use logmon to reformat the text and severity levels instead of having sysloggtw determining the alarm level according to the syslog priority.
See attached Word doc for instructions: "sysloggtw configuration"