Forums  Register  Login  My Profile  Inbox  Address Book  My Subscription  My Forums 

Member List  Search  FAQ  Ticket List  Log Out

 

Syslog Noise Reduction

  		Logged in as: Guest
Users viewing this topic: none
  Printable Version
All Forums >> [Networking & Security] >> GFI EventsManager >> Syslog Noise Reduction Page: [1]
Login
Message << Older Topic   Newer Topic >>
Syslog Noise Reduction - 5.Feb.2008 10:51:53 AM   
Tmueller

 

Posts: 40
Score: 0
Joined: 4.Jan.2007
Status: offline 		I tried to create a syslog noise reduction rule with the following Raw Message:
%Bad protocol version identification 'Big-Brother-Monitor-3.30' from x.x.x.x% .    The event processor ignored this rule because of the " '  ' " (single quotation marks) within the raw message.     I got it to work by creating the rule to only include the %Big-Brother-Monitor-3.30% text.    It works this way, but I would prefer the rule to include all the above text.

Is there anyway to modify the rule to include the entire text?

Post #: 1
RE: Syslog Noise Reduction - 7.Feb.2008 4:26:34 AM   
Mark Busuttil

 

Posts: 4836
Score: 0
Joined: 16.Oct.2005
Status: offline 		Hello,

Have you tried to enter the following raw message:

%Bad protocol version identification %Big-Brother-Monitor-3.30%

Thanks!

_____________________________

Regards,
Mark Busuttil

GFI Software Ltd - www.gfi.com
Messaging, Content Security & Network Security Software
GFI: MailEssentials - MailSecurity - MailArchiver - FAXmaker - LANguard – WebMonitor

(in reply to Tmueller)
Post #: 2
RE: Syslog Noise Reduction - 7.Feb.2008 12:48:17 PM   
Tmueller

 

Posts: 40
Score: 0
Joined: 4.Jan.2007
Status: offline 		That worked!   I knew that you could separate %'s using a comma - different statements on the same line, but I did not know you could use mulitple %'s in a single statement.

Thanks!

(in reply to Mark Busuttil)
Post #: 3
RE: Syslog Noise Reduction - 12.Feb.2008 4:23:33 AM   
Mark Busuttil

 

Posts: 4836
Score: 0
Joined: 16.Oct.2005
Status: offline 		Thank you for your update!

_____________________________

Regards,
Mark Busuttil

GFI Software Ltd - www.gfi.com
Messaging, Content Security & Network Security Software
GFI: MailEssentials - MailSecurity - MailArchiver - FAXmaker - LANguard – WebMonitor

(in reply to Tmueller)
Post #: 4
Page:   [1]
All Forums >> [Networking & Security] >> GFI EventsManager >> Syslog Noise Reduction Page: [1]
Jump to:





New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts