Managing rules-set folders
In GFI EventsManager, event processing rules are organized into rule-sets and every rule-set can contain one or more specialized rules which can be run against collected logs.
Rule-sets are further organized into Rule-set Folders. This way you can group rule-sets according to the functions and actions that the respective rules perform. By default, GFI EventsManager ships with pre-configured folders, rule-sets and event processing rules that can be further customized to suite your event processing requirements.
This topic contains information about:
Contains rules tailored for Windows® servers and workstations; These include:
Contains rules tailored for the processing LINUX and UNIX system logs. These include:
|SNMP TrapsNotifications/alerts generated and transmitted by active network components (Example: hubs, routers and bridges) to SNMP server(s) whenever important events such as faults or security violations occur. Data contained in SNMP Traps may contain configuration, status as well as statistical information such as number of device failures to date.||
Contains rules tailored for SNMP Traps Messaging. These include:
|SQL Server® Audits||
Contains rules tailored for SQL Server® Audit monitoring. These include:
Contains rules tailored for Oracle Server Audit monitoring. Amongst others, these include:
|Monitoring Checks||Contains rules that enable you to monitor active monitoring messages. These include rules pertaining to the default set of monitoring checks. Monitoring checks generate event logs. These event logs can be processed by events processing rules to trigger an action or notification when a fault is detected.|
To create a new rule-set folder:
1. Click Configuration tab and select Event Processing Rules.
2. From Common Tasks, select Create folder.
3. Specify a unique name for the new rule-set folder.
To create sub rule-set folders, right-click on the parent folder and select Create new folder…
To rename or delete existing rule-set folders, right-click on the target rule-set folder and select Rename or Delete accordingly.
Deleting a rule-set folder will lead to the deletion of all the rules and rule-sets contained within the deleted folder.