Forum Discussion

8 years ago

Syslog "Cleared" = MEANINGLESS

Syslog Issues: #1. The person who asked to have SYSLOG present a "cleared" message.....CLEARLY does not understand that a SYSLOG is NOT A tracked condition like an OID value is....it is a SI...

syslog

Sarah_Terry

Product Manager

8 years ago

Hi Mahlon,

We send clears for Syslog events because we treat all events equally (e.g. IPMI, Windows, Syslog, UDP traps, etc.). Our philosophy is to only alert on alertable events, where alertable events usually have an underlying condition that can clear, or be resolved, or expire. However, I understand that Syslog-based events aren't the same as all other events, and that getting cleared messages may not always be desirable. You can actually configure your LogicMonitor Alert Rules to not send cleared alerts for Syslog events - there is an option for all Alert Rules to 'Send notification when alerts clear'. So if you dedicate a rule to routing Syslog events, unchecking this option gives you the flexibility to only have active and acknowledged notifications sent.

Thanks,

Sarah

Forum Discussion

Syslog "Cleared" = MEANINGLESS

Related Content

Alert Report: no "cleared" column to display?

sending Windows syslogs to Logicmonitor

New user - looking for information on parsing fields from Syslog message field

Clearing the alert filter should reset to "Any Time" not "Past Day"

disabling alerts should generate a "disabled" status, not "cleared"

Recent Discussions

Dashboard Sharing – An Inline Framing Method

2021-12-15 US Office Hours

Live Training - Tuning Datapoints and Alerts - 15th JUNE 2022 - APAC

Live Training - Introduction to Dashboards - 18th MAY 2022 - APAC

2022-05-11- APAC Product Overview -Collectors, Resources/Groups, Dashboards