search cancel

UIM sysloggtw probe configuration

book

Article ID: 34681

calendar_today

Updated On:

Products

DX Unified Infrastructure Management (Nimsoft / UIM) CA Unified Infrastructure Management On-Premise (Nimsoft / UIM) Unified Infrastructure Management for Mainframe CA Unified Infrastructure Management SaaS (Nimsoft / UIM)

Issue/Introduction

How to integrate the sysloggtw and logmon probes in UIM to alarm on selected syslog events/messages, since sysloggtw does not have a filter capability.

Cause

- guidance

Environment

Release:
Component: UIMSYL

Resolution

The sysloggtw probe acts as a gateway from the Syslog "world" into UIM. Most network devices, such as routers, switches, bridges and so on, report events using SNMP as well as using the well-known syslog format.

Your network admin can configure one or more devices to send syslog data to the NMS hub.

The sysloggtw will listen to port 514/udp when running in a receive mode.

All incoming syslog messages will be acted upon using the defined receive mode:

- Generate Nimsoft Alarm
- Generate SYSLOG-IN (for post-processing) messages
- Log to file

The sysloggtw is also capable of receiving Nimsoft alarm messages from the NAS auto-operator that will be converted to a syslog message and passed on to remote syslog daemons.

You may combine the sysyloggtw with logmon to post-process incoming syslog messages.

Note that some devices e.g., Cisco routers may add an index to each message. In such cases, use logmon to reformat the text and severity levels instead of having sysloggtw determine the alarm level according to the syslog priority.

Additional Information

See attached Word doc for detailed instructions: "sysloggtw configuration"

Attachments

1558534024959TEC000004466.zip get_app