You see no syslog events on event console in OneClick for one SpectroSERVER.

Each environment handles syslog differently.  Here we see:

• 5 fault tolerant landscapes all on 24.4.10
• rsyslog and trapX are distributed i.e.

• • rsyslog is running on secondary SpectroSERVERs. 
  • TrapX/SDM is running on each primary SS and sends traps to only that landscape.

• All traps go through Trapx and not just syslog.
• Sysedge models are used in OneClick to represent the secondary SpectroSERVER / syslog source.

The sysedge model representing the secondary SS sending the syslogs did not exist for the problematic landscape. All other landscapes were represented with a sysedge model and showed alarms.  

We modelled manually a new sysedge model to represent the secondary SpectroSERVER.

https://techdocs.broadcom.com/us/en/ca-enterprise-software/it-operations-management/spectrum/24-3/administrating/Rsyslog-messages-in-Spectrum.html

There are no logs with rsyslog to verify what traps are processed so a TCPdump will be helpful here.

AlertManager debug is also useful and showed the problem here.