Searching the Help
To search for information in the Help, type a word or phrase in the Search box. When you enter a group of words, OR is inferred. You can use Boolean operators to refine your search.
Results returned are case insensitive. However, results ranking takes case into account and assigns higher scores to case matches. Therefore, a search for "cats" followed by a search for "Cats" would return the same number of Help topics, but the order in which the topics are listed would be different.
Words and Phrases
| Search for | Example | Results |
|---|---|---|
| A single word | cat
|
Topics that contain the word "cat". You will also find its grammatical variations, such as "cats". |
|
A phrase. You can specify that the search results contain a specific phrase. |
"cat food" (quotation marks) |
Topics that contain the literal phrase "cat food" and all its grammatical variations. Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase. |
Using Boolean Operators
| Search for | Operator | Example |
|---|---|---|
|
Two or more words in the same topic |
|
|
| Either word in a topic |
|
|
| Topics that do not contain a specific word or phrase |
|
|
| Topics that contain one string and do not contain another | ^ (caret) |
cat ^ mouse
|
| A combination of search types | ( ) parentheses |
|
- Configure Basic Settings for a Syslog Message Incident (ArcSight)
- Specify the Incident Configuration Name (Syslog Messages) (ArcSight)
- Specify Category and Family (Syslog Message) (ArcSight)
- Create an Incident Category (Syslog Message) (ArcSight)
- Create an Incident Family (Syslog Message) (ArcSight)
- Specify the Incident Severity (Syslog Message) (ArcSight)
- Specify Your Incident Message Format (Syslog Message) (ArcSight)
- Valid Parameters for Configuring Incident Messages (Syslog Message) (ArcSight)
- Include Custom Incident Attributes in Your Message Format (Syslog Message) (ArcSight)
- Specify a Description for Your Incident Configuration (Syslog Messages)(ArcSight)
Specify Category and Family Attribute Values for Organizing Your Incidents (Syslog Message) (ArcSight)
When configuring incidents, NNMi provides the Category and Family attributes to help you organize your incidents.
Preconfigured Categories
The Category attribute helps you organize your incidents. Select the category that you want to be associated with this type of incident when it appears in an incident view. Each of the possible Category values is described in the following table.
| Category | Description |
|---|---|
| Accounting | Used to indicate problems related to usage statistics and allocation of costs associated with the billing of time and services provided by devices. This category is not used by NNMi with default configurations, but it is available for incidents you define. |
| Application Status | Indicates there is a problem with the health of the NNMi software. Examples of these kinds of events include license expiration or that a certain NNMi process or service lost connection to the Process Status Manager. |
| Configuration | Indicates there is a problem with the configuration of a managed device. For example, there is a physical address mismatch. |
| Fault | Indicates a problem with the network, for example Node Down. |
| Performance | Indicates a Monitored Attribute value crossed a configured threshold. For example, Disk Space Utilization exceeds the configured threshold criteria for High Value = 90 percent . |
| Security | Indicates there is a problem related to authentication. For example, an SNMP authentication failure. |
| Status | Indicates some kind of status message. Examples of these kinds of incidents include "SNMP Link Up" or an "HSRP Group status Normal" message. |
Note You can add your own Category entries to NNMi. See Create an Incident Category (Management Events) for more information.
You can use Family attribute values to further categorize the types of incidents that might be generated. Each of the possible values are described in the following table.
| Family | Description |
|---|---|
| Address | Indicates the incident is related to an address problem. |
| Aggregated Port | Indicates the incident is related to a Split Link Aggregation or Split Link Aggregation problem. |
| BGP | Indicates the incident is related to a problem with BGP (Border Gateway Protocol). This family is not used by NNMi with default configurations, but it is available for incidents you define. |
| Board | Indicates the incident is related to a board problem. This family is not used by NNMi with default configurations, but it is available for incidents you define. |
| Card | Indicates the incident is related to a card problem. This family is not used by NNMi with default configurations, but it is available for incidents you define. |
| Chassis | Indicates the incident is related to a chassis problem. |
| Component Health |
Indicates the incident is related to Node Sensor or Physical Sensor data collected by NNMi. |
| Connection | Indicates the incident is related to a problem with one or more connections. |
| Correlation | Indicates the incident has additional incidents correlated beneath it. These incidents are associated with a duplicate count so that you can determine the number of correlated incidents associated with it. |
| Custom Poller | Indicates the incident is related to the NNMi Custom Poller feature. |
| HSRP |
(NNMi Advanced) Indicates the incident is related to a problem with Hot Standby Router Protocol (HSRP). |
| Interface | Indicates the incident is related to a problem with one or more interfaces. |
| IP Subnet | Indicates the incident is related to a problem with the IP Subnet. |
| License | Indicates the incident is related to a licensing problem. |
| NNMi Health | Indicates the incident is related to NNMi Health. |
| Node | Indicates the incident is related to a node problem. |
| OSPF | Indicates the incident is related to an OSPF problem. This family is not used by NNMi with default configurations, but it is available for incidents you define. |
| RAMS | Indicates the incident is related to a Router Analytics Management System problem. |
| RMON | Indicates the incident is related to a Remote Monitor (IETF standard, RFC 1757) problem. This family is not used by NNMi with default configurations, but it is available for incidents you define. |
| RRP |
(NNMi Advanced) Indicates the incident is related to a problem with a Router Redundancy Protocol configuration. |
| STP | Indicates the incident is related to Spanning-Tree Protocol problem. This family is not used by NNMi with default configurations, but it is available for incidents you define. |
| Syslog | NNMi does not use this Family with default configurations. It is available for incidents you define. |
| System and Applications | Indicates the incident is related to a problem with a system or application in your environment that is configured to send traps to the NNMi server, for example your corporate database application. |
| Trap Analysis |
Requires Network Node Manager iSPI Network Engineering Toolset Software (NNM iSPI NET). Indicates the incident is related to an SNMP trap storm. |
| VLAN | Indicates the incident is related to a problem with a virtual local area network. |
| VRRP |
(NNMi Advanced) Indicates the incident is related to a problem with Virtual Router Redundancy Protocol (VRRP). |
Note You can add your own Family entries to NNMi. See Create an Incident Family (Syslog Message) (ArcSight) for more information.
We welcome your comments!
To open the configured email client on this computer, open an email window.
Otherwise, copy the information below to a web mail client, and send this email to network-management-doc-feedback@hpe.com.
Help Topic ID:
Product:
Topic Title:
Feedback: