Table of Contents
Advertisement
filter f_alarm { facility(local[0+<conf.DB_facility>]) and level(info)
and match('ALARM') and match('<your string>'); } ;
Example to filter ALARM message with the string "kernel panic":
filter f_kpanic { facility(local[0+<conf.DB_facility>]) and level(info)
and match('ALARM') and match('kernel panic'); };
Example to filter ALARM message with the string "root login":
filter f_root { facility(local[0+<conf.DB_facility>]) and level(info)
and match('ALARM') and match('root login'); };
5) To eliminate SSHD debug messages:
filter f_sshd_debug { not program('sshd') or not level(debug); };
6) To filter the syslog_buffering:
filter f_syslog_buf { facility(local[0+<conf.DB_facility>]) and
level(notice); };
To define actions use this statement (note that the statement should be one line):
destination <identifier> {destination-driver([params]); destination-
driver([param]);..};
where:
•
•
•
AlterPath ACS Command Reference Guide
Administration
a. Define Actions.
identifier - Has to uniquely identify this given destination.
destination driver - Is a method of outputting a given message.
params - Each destination-driver may take parameters. Some of
them required, some of them are optional.
167
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
Need help?
Do you have a question about the AlterPath ACS and is the answer not in the manual?