About Event Console alert filters
|Article:HOWTO64036|||||Created: 2011-12-20|||||Updated: 2011-12-20|||||Article URL http://www.symantec.com/docs/HOWTO64036|
The Event Console in Symantec Management Platform displays alerts in a grid layout. This grid may contain thousands of alerts. Alert filters let you sort the alerts so that you can analyze and manage them. You access this grid from Symantec Management Console when you click .
The Event Console in Symantec Management Platform contains several rule types that represent automated, event-based actions. The rule types include discarding, forwarding, task, and workflow rules. Discarding rules filter and discard matching alerts. Forwarding rules forward a Simple Network Management Protocol (SNMP) trap to a downstream listener. Task rules initiate Symantec Management Platform task server tasks. Before version 7.1 of the platform, a direct way to initiate a deployed workflow process was unavailable. With the addition of a workflow rule in version 7.1 of the Event Console, an event can automatically start a workflow process. This workflow process can pass along valuable event data.
Previous versions of the platform let you filter alerts into manageable subsets. However, before version 7.1 you did not have the option to save and re-use those filters. Beginning with version 7.1, you can create, save, and re-use filters.
See About alerts.
The following alert filtering tools are available on the main Event Console page:
You can access the color-coded status progress bar control using a left-mouse click. This bar appears in the Alerts pane. When you click a color section on the status bar, the grid view changes. The view shows only those alerts that match the severity level of the color that you clicked. For example, if you click yellow on the status bar, then the grid shows alerts with severity Warning. After you filter by severity level, you may have to select or Monitor Alerts Only to see the complete list of alerts again.
See Filtering alerts.
Resolve. Flags the selected alert with a check mark in the State column. When you right-click a resolved alert, you can view alert details. You can also view the available rules for discarding the alert or open the Resource Manager in a new window.
An Alert Filter Settings page for managing the filters that you save and reuse. A tool icon next to the predefined filters drop-down list opens the Alert Filter Settings page. This page is where you can create filters and save them for re-use.
Article URL http://www.symantec.com/docs/HOWTO64036