F Syslog Collector Package Policy - Novell SENTINEL LOG MANAGER 1.0.0.5 - ADMINISTRATION GUIDE 03-31-2010 Administration Manual

Hide thumbs Also See for SENTINEL LOG MANAGER 1.0.0.5 - ADMINISTRATION GUIDE 03-31-2010:

Installation manual (38 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

page of 168

/ 168
Contents
Table of Contents
Bookmarks

Table of Contents

Syslog Collector Package Policy

Event sources, Connectors, and Collectors can be auto-created based on policy information

contained in installed Syslog Collector packages. These policies are specified in special properties

of the connection modes in a SYSLOG connection method. A connection mode might contain an

Applications, UniqueMatchingRule, or UniversalSyslogCollector property. These are described

below:

NOTE: Only one of these properties should be specified.

Applications: This property contains a list of comma-separated application names for the syslog

messages the Collector and connection mode can handle. Each application name in the list should be

unique for all Collectors and connection modes. If multiple Collector plug-ins contain the same

application name, only the first one spotted is used as authoritative. The log appliance logs a

message stating that an application name is defined in multiple Collectors or connection modes, and

also states, which one it selected as authoritative.

UniqueMatchingRule: This property contains a regular expression that can be used to find a

matching syslog message. A device that generates a matching syslog message is assigned to this

Collector and connection mode.

It is important that matching rules from different Collectors should never match the same message,

to avoid ambiguity about which Collector/connection mode the device that generated the matching

message should be assigned to.

UniversalSyslogCollector: This property should have a value of true. It specifies that the Collector/

connection mode with this property is used for messages whose Collector/connection mode cannot

be determined. It is the catch-all Collector and connection mode. There should be only one

Collector/connection mode with this property. If more than one Collector and connection mode

exists with this property, the log appliances logs an error and indicates which one it is using.

For the Collector and connection mode, only one of the above properties should be specified. If

more than one property is specified, the log appliance logs a message and indicates which among the

three properties it uses. It chooses the properties in the following order: 1) Applications, 2)

UniqueMatchingRule, and 3) UniversalSyslogCollector

Syslog Collector Package Policy

167

Table of Contents

This manual is also suitable for:

Sentinel log manager 1.0.0.5

F Syslog Collector Package Policy - Novell SENTINEL LOG MANAGER 1.0.0.5 - ADMINISTRATION GUIDE 03-31-2010 Administration Manual

Related Manuals for Novell SENTINEL LOG MANAGER 1.0.0.5 - ADMINISTRATION GUIDE 03-31-2010

Related Content for Novell SENTINEL LOG MANAGER 1.0.0.5 - ADMINISTRATION GUIDE 03-31-2010

This manual is also suitable for:

Table of Contents