NetXMS Support Forum

Dear NetXMS Community

we use syslog parser to generate network device error events immediately on expression match.

However, some syslog errors comes every second and only the first error message have to generate the event immediately and all further errors that comes to the same device for the next three hours have to be ignored.
The problem is that we don´t want to wait 3 hours or 20 of the syslog errors, it must generated with the first match and after this syslog parser have to ignore the following errors for the next 3 hours.

How we have to use the match attributes "repeat Count", "repeatInterval" and "reset" to solve this? Any ideas?

thanks in advance

Hello NetXMS Community,

we are using syslog parser for Cisco port security violation.

In the cisco syslog message is only mac adress and interface information for syslog parser (int info is equal to interface description in netxms).

Example:   
10:45:06: %PORT_SECURITY-2-PSECURE_VIOLATION: Security violation occurred, caused by MAC address "aaaa.bbbb.cccc" on port GigabitEthernet0/21.

Is there any way to get the interface description (interface alias in netxms) in addition to the mac address and the port?

I have no idea to wich place i should use scripting to match "interface description" with "interface alias" for the event.

Do you have any ideas?

best regards

Hello,

we are testing NetXMS since one week and have a lot of nodes connected to 1300 different switches.
To not get too many notifications for Sys_Node_Down, we set the Expected interface state = "Ignore" with the exception of the Up-/Downlinks.

Now we want to get notified if an interface is disabled by port security or other reasons.

Unfortunately, the Sys_IF_Disabled event works only when Expected interface state is "Up" or "Down".

Is there any other solution to create the Sys_IF_Disabled event or do we have to configure DCIs with Instance discovery?

best regards
Largon