How to customize Aria Operations for Logs Alert by adding a variable in title of the alert name
search cancel

How to customize Aria Operations for Logs Alert by adding a variable in title of the alert name

book

Article ID: 374219

calendar_today

Updated On:

Products

VMware Aria Suite

Issue/Introduction

This article has the purpose to illustrate users how to add a variable in Aria Operations for Logs Alert

Environment

Aria Operations for Logs 8.X

 

Resolution

1-In Aria Operations for Logs,  go to Alert -> Alert definitions-> look a the right side of the menu, and click the bottom "CREATE NEW"

2-On the top of the screen, you will find a field where you will add the name of the alert, it says "Enter Alert Name", please add  your custom name then add the variable by using the syntax: NAME-OF-THE-ALAERT on  ${hostname }

example: FailedESXILoginAttempt

3- In the Query section, add  your custom filters from your  query

4 -In the  Trigger Conditions section, you could try

For time period , add (the time desired ) and add in group by "hostname" This includes the hostname in the email but it will remove the log entries. 

or

For time period (the time you desired ) leaving in a blank group by will send the email with the log entries but no value of what host triggered the alert.

Powered by Wolken Software