Prefiltering NetWare Events

You can improve the performance of the NetWare log file adapter by filtering events, so that only important events are processed. This is called prefiltering and applies only to events logged to the SYS$LOG.ERR file.

To use the prefiltering mechanism, you specify the prefilter statements in the configuration file using a format similar to that used for adapter filters. The prefiltering statements (PreFilter and PreFilterMode) are described in “Configuration File” on page 56.

You must stop and restart the adapter for any changes to take effect.

The following attributes define prefilter statements:

Source

Specifies the source or module that logged the event to the NetWare server log file. You can specify up to 16 sources. Multiple sources must be separated by commas. Examples include SERVER, DS, TIMESYNC, and UPS.

EventId

Specifies the message number assigned by NetWare. You can specify up to 16 message numbers. Message numbers must be separated by commas. EventId is unique for each source.

Severity

Specifies the NetWare-defined severity of the event. You can specify up to 16 severities. Multiple severities must be separated by commas.

Locus Specifies the NetWare-defined locus. You can specify up to 16 loci. Multiple loci must be separated by commas.

Class Specifies the NetWare-defined class. You can specify up to 16 classes.

Multiple classes must be separated by commas.

The following are examples of prefiltering statements:

PreFilter:Source=SERVER;EventId=10,20,30;

PreFilter:Source=DS; Severity=11;Class=5;

Configuration File

The configuration file defines the behavior of the NetWare log file adapter. This file can contain the common keywords listed in “Configuration File” on page 9, as well as the following adapter-specific keywords:

LogSources

Specifies the ASCII log files to poll for messages. The complete path to each file must be specified, and file names must be separated by commas; no spaces or other separators can be used. A log file source need not exist when the adapter is started; it is polled when it is created.

If a file is truncated while the adapter is active, the adapter automatically sets its internal pointer to the new end of the file and continues processing all new messages that are written after the file was truncated. If during the polling interval the file is overwritten, removed, or recreated with more lines than the previous poll, only the number of lines greater than the

56IBM Tivoli Enterprise Console: Adapters Guide

Page 67 Page 69
Page 68
Image 68
IBM Enterprise Console manual Prefiltering NetWare Events, EventId, Severity, LogSources
Page 67 Page 69

Enterprise Console specifications

IBM Enterprise Console is a robust solution designed to centralize and streamline IT operational monitoring and management. As organizations increasingly rely on complex IT infrastructures, including cloud services, on-premise systems, and hybrid environments, the need for an effective monitoring tool has become paramount. IBM Enterprise Console addresses these needs by providing a comprehensive view of IT operations, enabling organizations to respond to incidents with agility and precision.

One of the key features of IBM Enterprise Console is real-time monitoring. The solution offers a single pane of glass through which IT teams can observe the performance of various systems and applications. This capability allows organizations to detect and respond to incidents promptly, minimizing downtime and ensuring that services remain available for end users. The console integrates seamlessly with multiple data sources, allowing for the aggregation of alerts, events, and logs from diverse IT environments.

Another significant aspect of IBM Enterprise Console is its automation capabilities. The platform supports automated workflows and incident management processes, helping to reduce the workload on IT teams. Automation not only enhances efficiency but also ensures consistency in incident response. By leveraging predefined rules and actions, organizations can standardize their operational protocols, leading to faster resolution times and improved service quality.

The IBM Enterprise Console utilizes advanced analytics and artificial intelligence to enhance operational insights. Machine learning algorithms can help identify patterns and anomalies in system performance, allowing organizations to anticipate potential issues before they escalate into critical incidents. This proactive approach to IT monitoring not only improves reliability but also fosters a culture of continuous improvement across the organization.

Security features are also integrated into the IBM Enterprise Console, allowing for the monitoring of security incidents alongside IT operations. This unified approach helps organizations to respond more effectively to security threats, enabling them to correlate operational and security data for a comprehensive view of their infrastructure.

In conclusion, IBM Enterprise Console stands out as a powerful tool for IT operations management. Its real-time monitoring, automation capabilities, advanced analytics, and integrated security features make it an ideal solution for organizations looking to enhance operational efficiency and responsiveness. By leveraging this technology, businesses can ensure that their IT environments remain stable, secure, and aligned with their strategic goals.
Top Page Image Contents