Manuals / IBM / Computer Equipment / Network Router

IBM Enterprise Console manual Rule File, Format File, Example

Models: Enterprise Console

1 194
Download 194 pages 8.78 Kb
Page 29
Image 29

Rule File

Some adapters come with a rule file describing the classes of events the adapter supports. This file is not used by the adapter itself, but serves as a mandatory link between the adapter and the event server. The event server must load this file before it is able to understand events received from the adapter. A rule file has an extension of .rls; see each specific adapter chapter for exact file names. The format of a rule file is described in the IBM Tivoli Enterprise Console Rule Builder’s Guide.

Example

The following fragment shows how an event class for reporting SNMP authentication problems could be defined in a BAROC file:

CLASS AUTHENTICATION_FAILURE ISA EVENT DEFINES {

source:default="NET";

sub_source:default="SNMP"; auth_source:STRING;

};

END

Format File

The UNIX log file, NetWare log file, OS/2, Windows, and Windows NT event log adapters can extract information from system log messages, whose format and meaning can vary widely. This capability is necessary because similar sources can produce messages in different formats. For example, different NFS (network file system) implementations might report the file system full error in different formats. As a result, you might need to match different messages to the same or different event classes. This type of matching is done with a format file.

The purposes of a format file are as follows:

vServes as the lookup file for matching messages to event classes. When the format file is being used for this purpose, all format specifications in the file are compared from top to bottom. In situations where there are multiple matching classes for a message, the last matching format specification is used. If no match is found, the event is discarded.

vServes as the source from which a CDS file is generated. See “Class Definition Statement File” on page 18 for additional information.

See Appendix B, “Format File Reference” on page 145 for details about format files.

Example

The following examples show sample entries from the format file used by the Windows NT event log adapter.

Note: The format files for the log file-type adapters are examples only; customization might be required. The message text must fit on one line and be no longer than 1024 characters.

FORMAT NT_Base

%t %s %s %s %s %s %s %s* hostname DEFAULT origin DEFAULT category $3

eventType $4 sid $5 sub_source $6 id $7

msg $8

Chapter 1. Understanding Adapters 17

Page 28 Page 30
Page 29
Image 29
IBM Enterprise Console manual Rule File, Format File, Example
Page 28 Page 30