Event Monitors and Rules


Updated: May 13, 2016

Applies To: System Center 2012 R2 Operations Manager, System Center 2012 - Operations Manager, System Center 2012 SP1 - Operations Manager

Event monitors and rules rely on the application they are monitoring to create an event of some kind in response to a problem or other interesting occurrence. The monitor or rule continuously watches the data source for an event matching specific criteria and immediately takes an appropriate response. The basic logic and configuration of event rules and monitors are similar except for the initial configuration of the data source that they are retrieving the event from.

Types of Event Monitors and Rules

The table below lists the kinds of events that can be used for monitors and rules in an Operations Manager management pack. Each is discussed in more detail in their own topic.

  • Windows Events

    Events in a Windows event log.

  • Text Logs

    Text log file that has a single line per entry. The log can be a simple text log where each line is considered a single entry or a delimited text log where a single character is used to separate different fields of data.

  • WMI Events

    Events created by Windows Management Instrumentation (WMI).

  • Syslog Events

    Events from Unix systems and other devices that send syslog messages.

  • SNMP Events

    SNMP traps that are sent to an agent or SNMP probes that are periodic requests for information from a device.

  • UNIX/Linux Shell Command Alerts

    Events that are detected through the execution of an UNIX/Linux command, script, or one-line sequence of multiple commands (using pipeline operators).