Symantec Management Platform (Notification Server)

 View Only
  • 1.  SMP log file tracing

    Posted Jan 23, 2013 02:38 AM

    Hello,

    we are going to trace a.log file of SMP 7.1 using monitoring tool. And now we need to configure this monitoring policy. For the moment this monitoring tool create alert for each message in log file with severity="1".
    Does any can advice me (or point me to some document about SMP log severities, error codes, etc) how to configure this monitoring policy to create only important alerts.

    Thanks in advance!



  • 2.  RE: SMP log file tracing

    Posted Jan 24, 2013 06:18 AM
    It seems that no one does not use monitoring tools for these purposes. it's a pity.


  • 3.  RE: SMP log file tracing

    Posted Jan 24, 2013 10:59 AM

    The traditional monitoring approach is to define a threshold for alerts, set to log only (or, if it alerts, to notify you individually).  While these are generated for several days, they are evaluated and exceptions are made. When the results seem realistic for the level of alerting you want, the alerts are moved from log to alert and notify the larger monitoring group.  This is no different than what you would do for hardware or service monitoring.

    You may be able to exclude certain Sources right away, such as anything generated by the agent vs. a server-based process.

    Does this help?



  • 4.  RE: SMP log file tracing

    Posted Jan 25, 2013 02:53 AM
    Thank you mclemson for your input! But i am searching for the document with SMP errors description! I found such document for 6.x version of Altiris but not for SMP 7.x. Or maybe someone already use same approach to monitor SMP and can to share information for which errors in SMP logs creates alerts in monitoring tool (BMC Patrol).


  • 5.  RE: SMP log file tracing

    Posted Feb 01, 2013 04:30 PM

    Can you post the document you have, or a link?  I'm not sure I've seen that document.

    Regarding what to monitor, I would install the monitor pack created by Joseph Carlson at Symantec which monitors availability by ping, bandwidth, logs, disk space, and services.  You could also monitor your SQL server and your package servers for similar statuses (services running, disk space available, responds to ping):

    https://www-secure.symantec.com/connect/downloads/altiris-server-7-monitor-pack

    As an administrator, reviewing the Altiris Log Viewer for errors is something you should do each day.  Personally I find it easier as a once a day task rather than counting on e-mails (which would do nothing except tell me I need to go look at the Altiris Log Viewer anyway).