Share via

Receiving UNIX Syslog Messages in MOM

  • Article

MOM can monitor syslog messages forwarded from UNIX computers. This capability gives MOM more visibility to the UNIX computers in your operation.

For MOM to receive the forwarded syslog messages from UNIX computers, a rule based on a syslog port must be created.

To create a syslog port provider

  1. In the left pane of the MOM Administrator console, expand Rules, expand Advanced, and then right-click Providers.
  2. On the context menu, click New Provider, specify Application Log as the data provider type, and then click Next.
  3. For the provider name, specify Syslog port provider or another meaningful name.
  4. For the provider log type, select Syslog port, and then click Finish.

To create an event rule that uses the syslog port provider

  1. If necessary, first create a rule group and associate the rule group with a computer group.
  2. In the left pane of the MOM Administrator console, expand the rule group, right click Event Rules, and then click New Event Rule.
  3. Select Alert on or Respond to Event for (other rule types could also be used), and then click Next.
  4. In the list, select the provider name (Syslog port provider or whatever value you specified), and then click Next.
  5. When prompted, specify other necessary criteria and schedule information. If you want the rule to receive all of the syslog messages forwarded to MOM, do not specify any other criteria or schedule information.
  6. When prompted, specify alert, response, and Product Knowledge information as appropriate for your operation. You do not need to specify anything for those fields to generate an event for syslog messages.
  7. Enter a name for the rule, ensure that the Enabled check box is selected, and then click Finish.

Note Note   

In addition to deploying a rule based on a syslog port provider, the UNIX computer must be configured to send the syslog messages to a MOM agent computer. For information about configuring a UNIX computer to forward syslog messages, see Configuring UNIX Computers to Forward Syslog Messages. Assuming that the UNIX computer is configured to forward syslog messages to MOM and an event rule based on a syslog port provider has been deployed, the UNIX computer will begin forwarding the desired syslog messages to MOM.