In GFI EventsManager, event processing rules are organized into rule-sets and every rule-set can contain one or more specialized rules which can be run against collected logs.
Rule-sets are further organized into rule-set Folders. This way you can group rule-sets according to the functions and actions that the respective rules perform. By default, GFI EventsManager ships with pre-configured folders, rule-sets, and event processing rules that can be further customized to suit your event processing requirements.
This article contains information about:
The following table provides you with the available rules-set folders when you install GFI EventsManager. Each rule-set folder contains multiple rule-sets and/or events processing rules:
|Windows Events||Contains rules tailored for Windows® servers and workstations; These include:
|Text Logs||Contains rules tailored for the processing of web transfer protocols. These include:
|Syslog Messages||Contains rules tailored for the processing of LINUX and UNIX system logs. These include:
|SNMP Traps||Contains rules tailored for SNMP Traps Messaging. These include:
* IOS - Internetwork Operating System
* MIB - Management Information Base
|SQL Server® Audits||Contains rules tailored for SQL Server® Audit monitoring. These include:
|Oracle Audits||Contains rules tailored for Oracle Server Audit monitoring. Amongst others, these include:
Contains rules that enable you to monitor active monitoring messages. These include:
Adding a rule-set folder
To create a new rule-set folder:
- Click the Configuration tab and select Event Processing Rules.
- From Common Tasks, select Create folder.
- Specify a unique name for the new rule-set folder.
To create sub-rule-set folders:
- Right-click on the parent folder.
- Select Create new folder…
Renaming and Deleting a rule-set folder
To rename or delete existing rule-set folders:
- Right-click on the target rule-set folder.
- Select Rename or Delete accordingly.
Note: Deleting a rule-set folder will lead to the deletion of all the rules and rule-sets contained within the deleted folder.