Search for	Example	Results
A single word	`cat`	Topics that contain the word "cat". You will also find its grammatical variations, such as "cats".
A phrase. You can specify that the search results contain a specific phrase.	`"cat food"` (quotation marks)	Topics that contain the literal phrase "cat food" and all its grammatical variations. Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase.

Search for	Operator	Example
Two or more words in the same topic	`AND` `and` `+` (plus symbol) `&` (ampersand)	`cat AND dog` `"cat food"+milk` `"cat food"&"dog food"`
Either word in a topic	`OR` `or` `\|` (pipe)	`cat OR dog` `cat \| dog`
Topics that do not contain a specific word or phrase	`NOT` `not` `!` (exclamation point)	`NOT cat` `! dog`
Topics that contain one string and do not contain another	`^` (caret)	`cat ^ mouse`
A combination of search types	`( )` parentheses	`cat + (dog \| mouse)` `cat \| dog + (! mouse)`

Network Node Manager i Software10.30

Administer > Configure Incidents > Configure Syslog Message Incidents (ArcSight)

Configure Syslog Message Incidents (ArcSight)

The NNMi–ArcSight integration adds syslog message information to NNMi, so that NNMi users can view these syslog messages and investigate potential problems. After the ArcSight integration is enabled, NNMi receives ArcSightEvent traps that contain syslog message data. NNMi then maps this syslog information to a Syslog Message incident configuration and treats it as a syslog message in NNMi. See the Network Node Manager i Software-ArcSight Logger Integration Guidefor more information.

You can configure how you want these incidents to be displayed in the incident views provided by NNMi. The types of things you configure include name, category, and the message format.

Note When the Source Object for a Syslog Message Incident is a Port object, NNMi resolves the Source Object to the associated Interface. Because ArcSight does not store Interface data, these incidents do not appear in the ArcSight user interface. See the Network Node Manager i Software-ArcSight Logger Integration Guidefor more information about best practices for viewing these incidents.

To configure a Syslog Message incident:

Navigate to the Syslog Message Configuration form.
1. From the workspace navigation panel, select the Configuration workspace.
2. Expand the Incidents folder.
3. Select Syslog Message Configurations.
Do one of the following:
1. To create a Syslog Message incident configuration, click the New icon, and continue.
2. To edit a Syslog Message incident configuration, double-click the row representing the configuration you want to edit, and continue.
3. To delete a Syslog Message configuration, select a row, and click the Delete icon.
In the Syslog Message Configuration form, provide the required information.
Click Save and Close to save your changes and return to the Incident Configuration form.

The next time that a syslog message event of this type arrives into the database, NNMi creates an associated incident to display in the appropriate console incident views.

Send Help Center feedback