Events Processing Rules
Events processing rules are checks that are run against event logs when they are collected. Based on the conditions configured in a rule, events processing rules help you:
- Classify processed events - assign a severity rating to collected logs. This enables you to trigger actions or notifications if a certain severity log is processed. By default, events are classified using five main ratings, however, more ratings can be added
- Filter out noise (repeated events) or unwanted events - remove duplicate logs or logs that are not important for you and archive important event data only. This reduces database growth and saves storage space
- Trigger Email, SMS and Network alertsNetwork messages (known as Netsend messages) which inform recipients that a particular event has occurred. These messages are sent through an instant messenger system/protocol and are shown as a popup in the system tray of the recipient’s desktop. To setup network alerts, you must specify the name or IP of the computers where the Netsend messages will be sent. on key events - send notifications to configured recipients upon detection of certain events. You can configure an event processing rule to send notifications to recipients when the rule conditions are met
- Attempt remedial actions - run executable files, commands and scripts upon detection of specific events. This enables you to automatically perform remedial actions to mitigate or completely eliminate a detected problem
- Filter events that match specific criteria - remove event logs that are not important for you. Example, you can run a rule which filters out low severity or duplicate events
- ArchiveA collection of events stored in the SQL Server based database backed of GFI EventsManager. filtered events - event archiving is based on the severity of the event and on the configuration settings of the event processing rules. Example: you can configure GFI EventsManager to archive only events that are classified as critical or high in severity and discard all the rest.