Event Class

NFS_No_Response

NIS_No_Response

Server_OK

NFS_OK

NIS_OK

Default Severity

WARNING

WARNING

HARMLESS

HARMLESS

HARMLESS

Default Rules

The UNIX log file adapter has a set of default rules that can be installed to enhance event server operation. Rules can enable the server to perform functions such as deleting events and sending e-mail to alert administrators of an unresolved problem. The rules are contained in the log_default.rls file and perform the following functions:

vDuplicate events of the following classes are filtered out and the first event repeat count is incremented:

Printer_Paper_Out

Printer_Toner_Low

Printer_Offline

Printer_Output_Full

Printer_Paper_Jam

Printer_Door_Open

vPrinter assistance can be called for when a printer condition persists for a period of time greater than 90 seconds. If any of the following conditions persist for that period of time, an e-mail message is sent to the e-mail alias tec_print in order to request assistance with the printer condition. (The tec_print alias must be added to the e-mail alias file before the messages can be delivered.)

Printer_Paper_Out

Printer_Toner_Low

Printer_Offline

Printer_Output_Full

Printer_Paper_Jam

Printer_Door_Open

vWhen a printer condition is cleared, the event server automatically closes the event that indicated a problem. If e-mail was sent out notifying the administrators of the printer problem, the server sends e-mail indicating the condition has cleared up.

vThe Su_Success and Su_Failure events indicate that a user attempted to use the su command. If a Su_Success event is received within 90 seconds of the Su_Failure event, the server assumes that the Su_Failure was a mistake and downgrades the event to HARMLESS and closes the Su_Failure event. The rules ensure that these two events are related by checking that they occurred on the same host, the user attempting this was the same, and the user that they were trying to change to was the same.

vSome of the log file events are relevant for a short amount of time. The administrators also do not want to be burdened with closing these events manually. A rule is provided that closes the following event classes after one

108IBM Tivoli Enterprise Console: Adapters Guide

Page 119 Page 121
Page 120
Image 120
IBM Enterprise Console manual Default Rules, Nfsok Nisok
Page 119 Page 121

Enterprise Console specifications

IBM Enterprise Console is a robust solution designed to centralize and streamline IT operational monitoring and management. As organizations increasingly rely on complex IT infrastructures, including cloud services, on-premise systems, and hybrid environments, the need for an effective monitoring tool has become paramount. IBM Enterprise Console addresses these needs by providing a comprehensive view of IT operations, enabling organizations to respond to incidents with agility and precision.

One of the key features of IBM Enterprise Console is real-time monitoring. The solution offers a single pane of glass through which IT teams can observe the performance of various systems and applications. This capability allows organizations to detect and respond to incidents promptly, minimizing downtime and ensuring that services remain available for end users. The console integrates seamlessly with multiple data sources, allowing for the aggregation of alerts, events, and logs from diverse IT environments.

Another significant aspect of IBM Enterprise Console is its automation capabilities. The platform supports automated workflows and incident management processes, helping to reduce the workload on IT teams. Automation not only enhances efficiency but also ensures consistency in incident response. By leveraging predefined rules and actions, organizations can standardize their operational protocols, leading to faster resolution times and improved service quality.

The IBM Enterprise Console utilizes advanced analytics and artificial intelligence to enhance operational insights. Machine learning algorithms can help identify patterns and anomalies in system performance, allowing organizations to anticipate potential issues before they escalate into critical incidents. This proactive approach to IT monitoring not only improves reliability but also fosters a culture of continuous improvement across the organization.

Security features are also integrated into the IBM Enterprise Console, allowing for the monitoring of security incidents alongside IT operations. This unified approach helps organizations to respond more effectively to security threats, enabling them to correlate operational and security data for a comprehensive view of their infrastructure.

In conclusion, IBM Enterprise Console stands out as a powerful tool for IT operations management. Its real-time monitoring, automation capabilities, advanced analytics, and integrated security features make it an ideal solution for organizations looking to enhance operational efficiency and responsiveness. By leveraging this technology, businesses can ensure that their IT environments remain stable, secure, and aligned with their strategic goals.
Top Page Image Contents