Sometimes, logs being monitored do not conform to the requirements to parse a hostname or ip address from the syslog header but the user still wants an alarm to be generated should there be a match.
Set the Enable_SouthboundGateway attribute 0x116296e on the Host_systemEDGE model to No.
Edit the $SPECROOT/SS/CsVendor/Ctron_Gen_HOST/Host_systemEDGE/EventDisp file and change the entry for 0x116002f to the following:
0x0116002f E 50 A 3, 0x0116002f
Update the SpectroSERVER cache. Now, when SPECTRUM receives a logMonMatchtrap from this Host_systemEDGE model, a CRITICAL alarm will be asserted on the Host_systemEDGE model.