- Notes, cautions, and warnings
- Revision history
- Preface
- Overview
- Deployment
- Getting started
- System configuration
- Configure network settings
- Manage users, roles, and scopes
- Ending user sessions
- Directory services integration
- Login using OIDC providers
- Security certificates
- Manage console settings
- Set the login security properties
- Customize the alert display
- Configure SMTP, SNMP, and Syslog
- Manage incoming alerts
- Manage warranty settings
- Configure remote commands and scripts
- OpenManage Mobile settings
- Enable or disable alert notifications for OpenManage Mobile
- Enable or disable OpenManage Mobile subscribers
- Delete an OpenManage Mobile subscriber
- View the alert notification service status
- Notification service status
- View information about OpenManage Mobile subscribers
- OpenManage Mobile subscriber information
- Troubleshooting OpenManage Mobile
- Discovering devices
- Server-initiated discovery
- Create a device discovery job
- Protocol support matrix for discovering devices
- View device discovery job details
- Edit a device discovery job
- Run a device discovery job
- Stop a device discovery job
- Discover multiple devices by .csv import
- Global exclusion of ranges
- Specify a discovery mode for server discovery
- Create a custom discovery job for servers
- Specify discovery mode for chassis discovery
- Create a custom discovery job for the chassis
- Specify discovery mode for Dell storage discovery
- Specify discovery mode for network switch discovery
- Create a custom discovery job for HTTPS storage devices
- Create a custom discovery job for SSH devices
- Create a custom discovery job for SNMP devices
- Specify the discovery mode for multiple discovery jobs
- Delete a device discovery job
- Managing devices and device groups
- Organize devices into groups
- Create a custom static or query group
- Create a static device group
- Create a query device group
- Edit a static group
- Edit a query group
- Rename a static or query group
- Delete a static or query device group
- Clone a static or query group
- Add devices to a new group
- Add devices to existing group
- Refresh health on group
- All Devices screen device list
- All Devices screen actions
- Delete devices from OpenManage Enterprise
- Exclude devices from OpenManage Enterprise
- Run inventory on devices
- Update the device firmware and drivers by using baselines
- Refresh the device health of a device group
- Refresh health on devices
- Roll back an individual device's firmware version
- Export the single device inventory
- Performing more actions on chassis and servers
- Hardware information displayed for MX7000 chassis
- Export data
- View and configure individual devices
- Organize devices into groups
- Managing device inventory
- Managing device firmware and drivers
- Managing device deployment templates
- Create a deployment template from a reference device
- Create a deployment template by importing a template file
- View a deployment template information
- Edit a server deployment template
- Edit a chassis deployment template
- Edit IOA deployment template
- Edit network properties of a deployment template
- Deploy device deployment templates
- Deploy IOA deployment templates
- Clone deployment templates
- Auto deploy device configuration before discovery
- Create auto deployment targets
- Delete auto deployment targets
- Export auto deployed target details
- Overview of stateless deployment
- Define networks
- Edit or delete a configured network
- Export VLAN definitions
- Import network definitions
- Managing device warranty
- Managing alerts
- Managing MIB files
- Configuring profiles
- Configuration compliance
- Using jobs for device control
- Monitoring audit logs
- Monitoring reports
- Back up, restore, or migrate
- Updating the console and plugins
- Managing plugins
- Troubleshooting
- Troubleshooting connectivity
- Firmware and DSU requirements for HTTPS
- Firmware schedule reference
- Firmware baseline field definitions
- Supported and unsupported actions on proxied sleds
- Schedule job field definitions
- Alert categories after EEMI relocation
- Token substitution in remote scripts and alert policy
- Catalog Management field definitions
- Devices with unknown compliance status
- Device rediscovery running for a long time after deleting iDRAC service account
- Dell Connectivity Service : Failed with exception: Unable to get access token from DCS
OpenManage Enterprise 4.0.x User's Guide
Forward audit logs to remote Syslog servers
To monitor all the audit logs of OpenManage Enterprise from Syslog servers, you can create an alert policy. All audit logs such as user login attempts, creation of alert policies, and running different jobs can be forwarded to Syslog servers. If a server specifies the OpenManage Enterprise as a Syslog target, traps triggered on the server will be forwarded to the OpenManage Enterprise's destination Syslog server as well.
Steps
- Select .
-
In the
Create Alert Policy dialog box, in the
Name and Description section, enter a name and description of the alert policy.
- The Enable Policy check box is selected by default to indicate that the alert policy will be enabled once it is created. To disable the alert policy, clear the check box. For more information about enabling alert policies at a later time, see Create an alert policy.
- Click Next.
-
In the
Category section, expand
Application and select the categories and subcategories of the appliance logs. Alternatively, in the
Message ID section, indicate a list of messages to be sent to the Syslog by either:
- Uploading a .csv file listing the messages to be filtered. (Sample available on the UI)
- Entering a list of message IDs separated by commas.
- Click Next
-
In the
Target section, the
Select Devices option is selected by default. Click
Select Devices and select devices from the left pane. Click
Next.
NOTE:Selecting target devices or groups is not applicable while forwarding the audit logs to the Syslog server.
-
(Optional) By default, the alert policies are always active. To limit activity, in the
Date and Time section, select the 'from' and 'to' dates, and then select the time frame.
- Select the check boxes corresponding to the days on which the alert policies must be run.
- Click Next.
-
In the
Severity section, select the severity level of the alerts for which this policy must be activated.
- To select all the severity categories, select the All check box.
- Click Next.
-
In the
Actions section, select
Syslog.
If Syslog servers are not configured in OpenManage Enterprise, click Enable and enter the destination IP address or the hostname of Syslog servers. For more information about configuring Syslog servers, see Configure SMTP, SNMP, and Syslog.
- Click Next.
- In the Summary section, details of the alert policy you defined are displayed. Carefully read through the information.
- Click Finish.
Results
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\