System wide event filters overview

About the System-wide event filters page

  • It provides an overview of the system-wide applied event filters.
  • For each filter, the number of times and the name of the devices that hit the filter are recorded.
  • The page is accessible by users with at least Operator rights.
  • Administrators can delete filters and set the system-wide Syslog priority level filter.
  • Only Syslog messages with a severity level higher than the set level are processed.

The row numbers correspond to the hot spot numbers on the image.

  1. For filtering on message content, all numerical data is first removed from the text.
  2. The HitBy column shows a count and the names of all devices that have sent messages that were blocked based on the filter rule.
  3. sers with at least Administrator rights, can delete a System-wide filter rule by clicking on the Delete button.
  4. This is the system-wide Syslog severity setting.
  5. Displays the number and names of all devices that have sent Syslog messages that are blocked based on their severity level.

Syslog severity table

PS The lower the code, the more serious the message!

Code Severity Keyword Description General Description
0 Emergency emerg (panic) System is unusable. A “panic” condition usually affecting multiple apps/servers/sites. At this level it would usually notify all tech staff on call.
1 Alert alert Action must be taken immediately. Should be corrected immediately, therefore notify staff who can fix the problem. An example would be the loss of a primary ISP connection.
2 Critical crit Critical conditions. Should be corrected immediately, but indicates failure in a secondary system, an example is a loss of a backup ISP connection.
3 Error err (error) Error conditions. Non-urgent failures, these should be relayed to developers or admins; each item must be resolved within a given time.
4 Warning warning (warn) Warning conditions. Warning messages, not an error, but indication that an error will occur if action is not taken, e.g. file system 85% full – each item must be resolved within a given time.
5 Notice notice Normal but significant condition. Events that are unusual but not error conditions – might be summarized in an email to developers or admins to spot potential problems – no immediate action required.
6 Informational info Informational messages. Normal operational messages – may be harvested for reporting, measuring throughput, etc. – no action required.
7 Debug debug Debug-level messages. Info useful to developers for debugging the application, not useful during operations.