Tip:
Highlight text to annotate it
X
In this section, we will discuss viewing
and working with Syslog data
as well as SNMP trap information through Orion®
both in the backend configuration applications and the web console.
The Syslog viewer and the Trap viewer
are two separate console applications;
however, they are very similar in function and use.
Both are accessed through the SolarWinds Orion program group
Syslogs and SNMP Traps.
The Syslog viewer is a standalone application
designed for viewing, alerting, and acknowledging Syslog messages
received from monitored devices.
The Syslog viewer consolidates Syslogs from the monitored devices
and presents them in an easily readable and searchable list
making the monitoring and management of Syslogs much easier.
Alerts can be configured against any Syslog message,
and the Syslog viewer provides a very affective filtering tool
to focus on events of interest and to see through the chatter.
The Trap viewer offers much of the same functionality for SNMP trap messages.
Alerts can be configured against any trap messages,
and trap filtering helps the user to focus on messages of interest.
Trap messages are consolidated into one view
and can be organized for easy review and monitoring.
Within both viewers there are several features accessed by the toolbar.
Messages can be viewed and filtered, as well as
searched by keywords and other parameters.
In this case, we only want to see Syslogs with
a severity of warning and above.
Various settings can be configured such as
maximum number of alerts to show, refresh rates,
data retention, display settings, and message parsing options.
Alerts can be edited directly from the viewer
through either the Settings button or the Alerts button.
Both will take you to the same interface
where rules can be added and configured.
Here you can set what criteria needs to be met
before an alarm is raised or an email is sent to be investigated.
Syslog alerts can be created to apply to only specific subnets,
DNS names, message text, severity, facility,
time of day, and even the number of messages that match
the rule in a given amount of time.
Matches can be done using either simple wildcards
or more complex regular expressions
if a more specific or complex match needs to be identified.
Both the Syslog and Trap viewers offer very affective filtering options
for wading through what can be a significant
amount of chatter to find events of interest.
Messages can be filtered on specific criteria
such as IP, host name, severity, or facility.
In addition, wildcards and message patterns can be used to filter data.
Many of these fields are static and easily selected from a list
while others are free formed text boxes with wildcard options enabled.
In support of the features directly
used to filter and manage the messages themselves,
the Syslog viewer also integrates with the Engineers Toolset
to provide easy access to standard ping, traceroute, and telnet features
to research events of interest.
Syslogs and traps can also be viewed through the web console.
Here you have basic filtering and viewing options,
but all advanced features such as alerting
are only available through the console applications.
[©2012 SolarWinds Worldwide, LLC. All Rights Reserved.]