Setting up alerts | Online help - EventLog Analyzer

Setting up alerts

How to: Hint on setting up alerts 

First, always check if any of the predefined alert criteria would satisfy the requirement. Proceed with custom alerts only if the requirement is very peculiar.

 

  1. Log on to GUI ⇾ Go to the "Alerts" tab ⇾ click on "Add Alert Profile" at the right-top corner

  2. In this page, enter the Alert Profile Name (this cannot be edited in the future), choose Severity, and select the devices whose logs should be considered.

  3. In "Select alert" field:

    1. Under the "Predefined Alerts" tab, choose the appropriate "Alert log type" from the drop-down box, and the suitable criteria (If further filtering of the list of criteria is required, use the "Alert Category" drop-down box).

Note: Upon clicking on "Add Criteria at the right-bottom corner, the window will be redirected to the "Custom Alerts" tab to add additional criteria as required.

 

 

    1. Under "Compliance Alerts", the criteria are grouped based on the respective compliance.

    2. Under "Custom Alerts", the user can define criteria for his unique requirements. This option is very customizable that even a single keyword in the log can be used. Note: Using "AND" operand implies that both the criteria should be satisfied and using "OR" operand implies that at least one should be satisfied.

 

Note: Alternatively, the search results in the "Search" tab can be saved on a new Alert Profile directly. This method will also give a confirmation about the correctness of the criteria.

 

  1. Alert Format Message: The details in the alert results under the "Alert" tab depends on the Macro used in this option.

  2. In Advanced Configuration:

    1. Threshold: The alert profile will be triggered only if the given number of events occur within the given time.

    2. Time Range: Only the events generated during this period will be taken into account.

  3. Alert Notification: Email/SMS details should be configured here. Also, there is an option to choose when the alerts to be delivered.

Workflow: The help document is updated with all the details https://www.manageengine.com/products/eventlog/help/StandaloneManagedServer-UserGuide/IncidentManagement/incident-workflow.html

                  New to ADSelfService Plus?

                    • Related Articles

                    • How to bulk delete the generated alerts in EventLog Analyzer?

                      Objective We understand that manually deleting individual alerts in EventLog Analyzer can be time-consuming and tedious, especially when dealing with a large volume of alerts. This document is intended to simplify that process by providing ...
                    • Error: Alerts are not getting triggered in EventLog Analyzer

                      Issue description Alerts are not recorded in EventLog Analyzer. This problem occurs due to various reasons and impacts detections. This document offers troubleshooting information to resolve this issue. Possible causes The alert profile may be ...
                    • How to modify the maximum alerts per alert profile in EventLog Analyzer

                      Objective EventLog Analyzer allows administrators to control the number of alerts triggered by a single alert profile each day. This helps avoid alert overload, reduce system strain, and ensure that only relevant alerts are generated by preventing ...
                    • What to do if the Alerts stopped triggering or is getting delayed?

                      Open the EventLog Analyzer GUI, go to the Alerts tab ⇾ click on "More tools" at the right-top corner and click on "Manage Profiles". Ensure the alert profile is enabled. Click on "Update" next to the Alert Profile name, ensure that the "Email ...
                    • Log collection failure alerts

                      Device down alert: When configured devices don't respond to pings from EventLog Analyzer, it implies either of the following: The selected Syslog devices are not sending logs to EventLog Analyzer. EventLog Analyzer has not collected logs from the ...