Types of rules

Article:HOWTO64015  |  Created: 2011-12-20  |  Updated: 2011-12-20  |  Article URL http://www.symantec.com/docs/HOWTO64015
Article Type
How To


Subject


Types of rules

Monitor Solution uses rules within monitor policies to collect and evaluate metric data. Rules have six different types, called rule types. Each rule type is used for different purposes. Agent-based monitor policies support all rule types. Agentless monitor polices only support the Metric rule types and the Metric Collect rule types.

See About rules.

Table: Rules types

Rule type

Description

Metric

Uses polled metrics to gather metric data that is compared against a predetermined value. If the specified conditions of the metric data are reached then the rule becomes triggered. When rules are triggered, the severity state of the rule changes and the actions for that rule are run.

Metric Collect

Gathers metric data but does not evaluate it. Metric Collect rule types do not have any associated severity state or actions. Metric Collect is used if you want to collect data, but you do not need the rule to run actions.

NT Event

The rule type NT Event is based on Windows NT events. Whenever a Windows NT event occurs on the monitored computer, the event is evaluated against all the NT event rules. If any of the rules are triggered, the severity state of the rule changes and the actions for that rule are run.

NT Event Collect

Gathers NT Event data. The NT Event Collect is not evaluated but it does not have any associated severity state or actions. NT Event Collect is used if you want to collect NT Event data, but you do not need the rule to run actions.

Log Event

The rule type Log Event is based on log-events. Whenever a log-event triggers a rule, the severity state of the rule changes and the actions for that rule are run.


Legacy ID



v16999558_v66560238


Article URL http://www.symantec.com/docs/HOWTO64015


Terms of use for this information are found in Legal Notices