Configuring Event Processing
- Enterprise IT
- Shilpa K (Deactivated)
- Mayuresh Balaji Kamble (Unlicensed)
You can configure Event Processing Rules to process the SNMP Traps. The collected traps are processed in the SNMP Traps Receiver and the Central System. SNMP Traps Receiver receives the traps only after enabling (change the default value False to True) the key AVM:ReceiveSNMPTraps in the SummitScheduler.exe.config file. After correlation with the Events from other parameters and based on the criticality, a meaningful Event is raised to generate an Incident.
To configure Event Processing Rules:
- Select Operations > Configuration > Events > Event Processing.
- On the FILTERS pop-up page, select the Tenant and the Rule Processing System.
- Click SUBMIT. A list of configured rules is displayed on EVENT PROCESSING RULES page.
Figure: EVENT PROCESSING RULES page - Click ADD NEW on the ACTIONS panel to create a new rule.
- Under the RULE NAME tab, specify the required details. Click NEXT.
Figure: RULE NAME tab - Under CONDITIONS tab, select the required Rule conditions. Click NEXT.
Figure: CONDITIONS tab - Under ACTIONS tab, select action either to continue or discard the Events.
Figure: ACTIONS tab - Under REVIEW tab, you can view all the Rules you added.
Figure: REVIEW tab - Click SUBMIT. The new Rule is created based on the configuration.
Field Description
The following table describes the field types and their properties on the CREATE RULE page under EVENT PROCESSING:
Field | Description |
---|---|
RULE NAME | |
Rule Name | Type in the name for the Rule. |
Execution Order | Select the number to prioritize the execution of the particular Rule. |
Rule Processing System | Select the system with which you want to process the Rule. |
Active | Indicates the status of the Rule.
|
CONDITIONS | |
Source Entries | Allows you to apply the conditions to the entries as follows:
|
Log Entries | Allows you to apply the conditions to the entries as follows:
|
Enable Time/Counter Based Suppression | If enabled, you can select the time and counter for the Events. This check box is enabled whenever Event suppression is required based on Time and Count of Events. Time Span (in Mins): Specify the time for grouping the Events received between a specific time interval. Consider the specified Time Span as 5 mins and the job starts running from 09:00:00 A.M. All the similar Events received from 09:00:00 a.m. to 09:04:59 a.m. are grouped as one. Consider the specified Time Span as 5 mins, the Count Value as 10, and the job starts running from 09:00:00 A.M. If the similar Events received from 09:00:00 a.m. to 09:04:59 a.m. are equal to or greater than 10, all these similar Events are suppressed and a single Incident is created with the first received Event. |
be taken on the events as follows: Continue: By default this option is enabled to log Events with the configured Rule conditions. Discard Events: If selected, all the Events that meet the Rule conditions are discarded and no Events are logged in the Application. |
ACTIONS
This section explains all the icons displayed on the ACTIONS panel of the EVENT PROCESSING page.
SHOW LIST
Click SHOW LIST to display the LIST table showing all the configured Rules for the selected Tenant
- To modify a Rule, click the configured Rule Name. Make appropriate changes and click SUBMIT.
To display the inactive Rule, click the Include Inactive check box.
Note:
When the Rule Names are displayed under the LIST table, the ADD NEW action is displayed on the ACTIONS panel. Click ADD NEW to configure a new Rule Name.
Confluence Cloud Migration Alert: Please refer to known issues you may encounter in Confluence Cloud: https://eitdocs.atlassian.net/wiki/x/wDGwAQ