Event Configuration
Event Groups controls the severity level of network events.
| Event Group | Description |
|---|---|
log_event | Log to event database. |
warn_event | Log to event database. Flag as a warning event. Display on Events Dashboard under "Status Exceptions". |
crit_event | Log to event database. Flag as a critical event. |
By default, Entities are assigned to the warn_event group, except interfaces.
See: Enabling Interface Events
Use Auto Grouping rules to configure Event Groups.
Examples
-
Flag all events in core-routers group as critical events
assign * * * any group core-routers = crit_event -
Assign interfaces to the appropriate event level
assign interface * * any group core-links = crit_event
assign interface * * any group serial-links = warn_event -
Log all interface events
assign interface * * = log_event
Enabling Interface Events
Interface events are not logged by default because a typically large network will constantly have edge ports going up and down, logging thousands of events per day.
To enable interface event logging, interfaces must be added to an appropriate event group using Auto Grouping rules.
Status and Threshold Alerting
"WARNING: No matching entities in log_event, warn_event, or crit_event"
This warning message is displayed when a configured alert rule does not match anything in the database, because the appropriate child entities have not been assigned to an Event Group. This warning is typically displayed when attempting to configure interface status alerts, although it can occur in other circumstances.
Use Auto Grouping rules to assign interfaces to Event Groups, making them available for Status and Threshold alerting.