Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

How to generate alarms on OMNM based on syslog messages

This article applies to   This article does not apply to 
Check out resources for

Instructions

Description:
There are occasions when it is useful to generate alarms in OMNM based on some syslog event, such as when a critical link goes down.

Solution:
Before setting up OMNM to generate alarms, configure OMNM as the syslog server in the device generating the syslog messages.  Example configuration shown below for Dell switches.
logging <OMNM IP address>
Then discover the device in OMNM and ensure that the device is seen under Managed Resources.
 
The steps below show how to generate alarms in OMNM when a link goes down.  These steps can be modified to generate alarms based on any syslog event.
 
 
  1. From the OMNM GUI under Alarms click "Definitions and Rules". 
  2. Under "Event Processing Rules", hover the mouse over "Rule Name", right click, select New, Pre-Processing, and click Syslog. "Creating New Syslog Rule" window appears. 
  3. Under the General tab, specify a name to uniquely identify the rule under "Specify Rules Properties". 
  4. Type a brief description for the rule and keep the Enabled check box checked.  Click Next, Filtering tab is now highlighted. 
  5. Click "Add Filter", then under "Filter Conditions", select "Source IP" from the drop down menu, make sure "is" is selected in the next column and then type the IP address of the switch in the last column.  This IP address is the syslog source IP address, which is typically the out-of-band management IP address of the device.  You can specify different filter conditions based on the requirement and combine different filter conditions with Boolean AND or OR operation. 
  6. After specifying the filter conditions, click NextEscalation tab is now highlighted. 
  7. Click "Add Criteria", a new window "Adding New Syslog Escalation Criteria" appears. 
  8. In the new window Criteria tab is highlighted, type the matching syslog text under "Message Match Text".  For example if interface gi 1/0/1 link down event is being monitored, then type "Link Down: Gi1/0/1".  This text should match part of the syslog message string.
  9. Click the green plus sign to add the text. 
  10. Select the syslog severity from the "Event Severity" drop down menu under "Syslog Event Setup". 
  11. Click apply and then click save on the "Creating New Syslog Rule" window.  The rule just created now appears under "Event Processing Rules". OMNM is now ready to generate alarm based on the syslog event.