About Event Console alert filters
| Article:HOWTO64036 | | | Created: 2011-12-20 | | | Updated: 2011-12-20 | | | Article URL http://www.symantec.com/docs/HOWTO64036 |
The Event Console in Symantec Management Platform displays alerts in a grid layout. This grid may contain thousands of alerts. Alert filters let you sort the alerts so that you can analyze and manage them. You access this grid from Symantec Management Console when you click .
The Event Console in Symantec Management Platform contains several rule types that represent automated, event-based actions. The rule types include discarding, forwarding, task, and workflow rules. Discarding rules filter and discard matching alerts. Forwarding rules forward a Simple Network Management Protocol (SNMP) trap to a downstream listener. Task rules initiate Symantec Management Platform task server tasks. Before version 7.1 of the platform, a direct way to initiate a deployed workflow process was unavailable. With the addition of a workflow rule in version 7.1 of the Event Console, an event can automatically start a workflow process. This workflow process can pass along valuable event data.
Previous versions of the platform let you filter alerts into manageable subsets. However, before version 7.1 you did not have the option to save and re-use those filters. Beginning with version 7.1, you can create, save, and re-use filters.
See About alerts.
A new function with version 7.1 now lets you use advanced filters to manage alerts. The advanced filter function is available from the Event Console grid.
See About advanced search filters.
The following alert filtering tools are available on the main Event Console page:
A drop-down list of predefined filters. You can click to see a list of available filtering actions. You can also search by one of the following alert criteria:
A color-coded, left-click Status Progress Bar control. This control lets you see the number of alerts by severity level, as follows:
You can access the color-coded status progress bar control using a left-mouse click. This bar appears in the Alerts pane. When you click a color section on the status bar, the grid view changes. The view shows only those alerts that match the severity level of the color that you clicked. For example, if you click yellow on the status bar, then the grid shows alerts with severity Warning. After you filter by severity level, you may have to select or Monitor Alerts Only to see the complete list of alerts again.
See Filtering alerts.
A status bar that presents the following icons:
Details. Opens the Alert Details dialog box for the selected alert.
Acknowledge. Lets you acknowledge a selected alert. In the State column, a blue flag indicates an acknowledged alert.
Resolve. Flags the selected alert with a check mark in the State column. When you right-click a resolved alert, you can view alert details. You can also view the available rules for discarding the alert or open the Resource Manager in a new window.
If you click with a resolved alert selected, you can create a global discard filter rule or create a resource discard filter rule.
Actions. When you select an alert and click the down-arrow next to this icon, you see the options that were listed previously in this list. You also see one addition.
When you click any alert, you can manage it by changing its severity to any of the following:
An Alert Filter Settings page for managing the filters that you save and reuse. A tool icon next to the predefined filters drop-down list opens the Alert Filter Settings page. This page is where you can create filters and save them for re-use.
A search field that lets you enter custom search criteria.
The magnifying glass icon next to the search field opens the Advanced Search pane.
|
|
Legacy ID
v40218728_v66560238
Article URL http://www.symantec.com/docs/HOWTO64036
Terms of use for this information are found in Legal Notices
Thank you.