[INUG-Users] Multiple severity for events based on device

Wed Oct 3 11:19:14 EDT 2007

Hostname regex might work.  Although that could quickly become 
useless.  I'm running v7, but I don't see how X in Y would work.  
I'll probably just use a lookup table, as it's the easiest way to 
deal with it.  I was hoping to avoid it, but it may be the only 
choice.

Paul

>>> "Gothmolly" <gothmolly at gmail.com> 10/3/2007 10:54 AM >>>
Hostname based regex ?

In v 7 you could do an X in Y style alert ?

On 10/3/07, PAUL WILLIAMSON <pwilliamson at mtb.com> wrote:
>
> Does anyone have a way to handle one event as different severities based on
> the server experiencing the event?  Specifically, this event:
>
> 537: NT AUTHORITY\SYSTEM: Logon Failure: Reason: An error occurred during
> logon User Name: Domain: Logon Type: 3 Logon Process: Authz Authentication
> Package: Kerberos Workstation Name: <server> Status code: 0xC000040A
> Substatus code: 0x0 Caller Use
>
> For some servers, this is extremely important to capture and present to our
> NOC analysts for immediate investigation.  For other servers, this sort of
> error happens with some regularity and is not of much concern.  Short of
> maintaining a lookup table in the proble or using a policy in Impact, what
> other options exist?
>
> Paul
>
> ************************************
> This email may contain privileged and/or confidential information that is
> intended solely for the use of the addressee. If you are not the intended
> recipient or entity, you are strictly prohibited from disclosing, copying,
> distributing or using any of the information contained in the transmission.
> If you received this communication in error, please contact the sender
> immediately and destroy the material in its entirety, whether electronic or
> hard copy. This communication may contain nonpublic personal information
> about consumers subject to the restrictions of the Gramm-Leach-Bliley Act
> and the Sarbanes-Oxley Act. You may not directly or indirectly reuse or
> disclose such information for any purpose other than to provide the services
> for which you are receiving the information.
> There are risks associated with the use of electronic transmission. The
> sender of this information does not control the method of transmittal or
> service providers and assumes no duty or obligation for the security,
> receipt, or third party interception of this transmission.
> ************************************
>
> _______________________________________________
> Sent by the netcoolusers.org "users" mailing list
> Post: users at netcoolusers.org 
> Unsubscribe: users-unsubscribe at netcoolusers.org 
> Search: http://lists.netcoolusers.org/archives/users/ 
>
>

-- 
Back to the Earth I screamed, and no one listened.
Back to the Earth I lived, and they all followed.
_______________________________________________
Sent by the netcoolusers.org "users" mailing list
Post: users at netcoolusers.org 
Unsubscribe: users-unsubscribe at netcoolusers.org 
Search: http://lists.netcoolusers.org/archives/users/ 

************************************
This email may contain privileged and/or confidential information that is intended solely for the use of the addressee.  If you are not the intended recipient or entity, you are strictly prohibited from disclosing, copying, distributing or using any of the information contained in the transmission.  If you received this communication in error, please contact the sender immediately and destroy the material in its entirety, whether electronic or hard copy.  This communication may contain nonpublic personal information about consumers subject to the restrictions of the Gramm-Leach-Bliley Act and the Sarbanes-Oxley Act.  You may not directly or indirectly reuse or disclose such information for any purpose other than to provide the services for which you are receiving the information.
There are risks associated with the use of electronic transmission.  The sender of this information does not control the method of transmittal or service providers and assumes no duty or obligation for the security, receipt, or third party interception of this transmission.
************************************
-------------- next part --------------
HTML attachment scrubbed and removed