system = yes
application = yes
critical =
information =
warning =
verbose =
error =
audit_failure =
audit_success =
system = System
application = Application
security = Security
system = 1.1.11.1.3
application = 1.1.11.1.2
security = 1.1.11.1.1
logfile = ntevl.log
loglevel = 3
logsize = 1000
fetch_on_start = no
run_type = poll
poll_interval = 30
AlarmTimeOutDuration = 10
AlarmListSize = 1000
subject = ntevl
column_prefix = evl_
wmi_timeout = 1 sec
fetch_number = 1000
met_id_diff = no
enable_pos_backupfile = yes
pos_backup_interval = 10
SystemEncoding =
OutputEncoding =
delimiter = 0
remove_recurring = 0
standard_static_threshold = true
active = yes
description = Disk Fail
level = Error
logs = system
severity = *
source = Server Adminstrator
category = *
event_id = 2048
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subsystem =
suppress = no
suppression_key =
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
enable_variable_non_ascii_char = yes
no_of_threads = 1
disable_continuous_update_recordid = yes
pos_update_interval = 30
max_queue_size = 30000
wait_on_max_queue_size = 1
save_log_list_on_upgrade = yes
is_upgrade_case = no
active = yes
description = Warning message from NTFS
level = critical
logs = system
severity = 1
source = Microsoft-Windows-Ntfs
category = *
event_id = 98
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id - $time_stamp
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
active = yes
description = Warning message from NTFS
level = critical
logs = system
severity = 1
source = Microsoft-Windows-Ntfs
category = *
event_id = 140
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
active = no
description = Event log messages with source containing 'MSExchange'.
level = from eventlog
source = /MSExchange/
severity = 1
send_alarm = yes
exclusive = yes
logs = *
category = *
event_id = *
user = *
computer = *
message = *
alarm_message =
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id - $time_stamp
qos_count = no
qos_interval =
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
containing 'MSExchange'. =
send_to_axa =
tenant_id =
tags =
active = no
description = all events
level = from eventlog
send_alarm = yes
subject = ntevl
logs = *
severity = *
source = *
category = *
event_id = *
user = *
computer = *
message = *
alarm_message =
i18n_token =
send_subject = no
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id - $time_stamp
exclusive = no
qos_count = no
qos_interval =
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
send_to_axa =
tenant_id =
tags =
active = no
description = all error events
level = from eventlog
severity = 1
source = *
category = *
event_id = *
user = *
computer = *
message = *
send_alarm = yes
i18n_token =
send_subject = no
subject = ntevl
suppress = no
exclusive = no
qos_count = yes
qos_interval = 300
runcommandonmatch = 0
logs = *
alarm_message =
subsystem =
suppression_key =
time_frame =
evt_count =
evt_count_condition =
commandexecutable =
commandarguments =
separator =
send_to_axa =
tenant_id =
tags =
active = yes
description = MajorEventID
level = major
logs = system
severity = *
source = *
category = *
event_id = 6008
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id - $time_stamp
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
$message: $time_stamp =
$time_stamp =
send_to_axa =
tenant_id =
tags =
active = yes
description = MS Cluster Warning Events-New
level = warning
logs = system
severity = *
source = Microsoft-Windows-FailoverClustering
category = *
event_id = 1000,1006,1073,1105,1230,1234,1247,1248,1556,1561
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id - $time_stamp
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
send_to_axa =
tenant_id =
tags =
active = yes
description = MS Cluster Warning Events-New
level = warning
logs = system
severity = *
source = Microsoft-Windows-FailoverClustering
category = *
event_id = 1146
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
send_to_axa =
tenant_id =
tags =
active = yes
description = MS Cluster Error Events-New
level = warning
logs = system
severity = 1
source = Microsoft-Windows-FailoverClustering
category = *
event_id = 5120
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
send_to_axa =
tenant_id =
tags =
active = no
description = Warning message from Hyper-V HA
level = warning
logs = system
severity = 2
source = Microsoft-Windows-Hyper-V-High-Availability
category = *
event_id = 21501
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id - $time_stamp
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
send_to_axa =
tenant_id =
tags =
active = no
description = CriticalEventID
level = critical
logs = *
severity = *
source = *
category = *
event_id = 6008
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id - $time_stamp
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
$message: $time_stamp =
$time_stamp =
send_to_axa =
tenant_id =
tags =
active = no
description = Warning Message from e1qexpress
level = warning
logs = system
severity = *
source = e1qexpress
category = *
event_id = 27
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id - $time_stamp
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
$message: $time_stamp =
send_to_axa =
tenant_id =
tags =
active = yes
description = Warning Message from l2nd
level = warning
logs = system
severity = *
source = l2nd
category = *
event_id = 24
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id - $time_stamp
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
$message: $time_stamp =
send_to_axa =
tenant_id =
tags =
active = yes
description = Warning message from NTFS
level = warning
logs = system
severity = 2
source = Microsoft-Windows-Ntfs
category = *
event_id = 98,140
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id - $time_stamp
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
$message: $time_stamp =
send_to_axa =
tenant_id =
tags =
active = no
description = Error message from MPIO
level = warning
logs = system
severity = 1
source = mpio
category = *
event_id = 22
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id - $time_stamp
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
$message: $time_stamp =
send_to_axa =
tenant_id =
tags =
active = no
description = Warning message from MPIO
level = warning
logs = system
severity = 2
source = mpio
category = *
event_id = 17
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id - $time_stamp
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
$message: $time_stamp =
send_to_axa =
tenant_id =
tags =
active = yes
description = Error message from ServerAdministrator
level = warning
logs = system
severity = 1
source = Server Administrator
category = *
event_id = 1054
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
$message: $time_stamp =
send_to_axa =
tenant_id =
tags =
active = no
description = Event from StorageAgents
level = warning
logs = system
severity = *
source = Storage Agents
category = *
event_id = 1216
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id - $time_stamp
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
$message: $time_stamp =
send_to_axa =
tenant_id =
tags =
active = no
description = Error message from VDSBasicProvider
level = warning
logs = system
severity = 1
source = VDS Basic Provider
category = *
event_id = 1
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id - $time_stamp
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 1
commandexecutable =
commandarguments =
separator =
$message: $time_stamp =
send_to_axa =
tenant_id =
tags =
active = no
description = Expected Boot event
level = warning
logs = system
severity = *
source = *
category = *
event_id = 1074
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id - $time_stamp
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
$message: $time_stamp =
send_to_axa =
tenant_id =
tags =
active = yes
description = IP Address Conflict
level = *
logs = system
severity = *
source = Tcpip
category = *
event_id = 4199
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id - $time_stamp
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
$message: $time_stamp =
send_to_axa =
tenant_id =
tags =
active = yes
description = PhysicalDiskResource
level = critical
logs = system
severity = *
source = FailoverClustering
category = *
event_id = 1038
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id - $time_stamp
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
send_to_axa =
tenant_id =
tags =
active = yes
description = ClusterSharedVolume
level = critical
logs = system
severity = *
source = FailoverClustering
category = *
event_id = 5120
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id - $time_stamp
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
send_to_axa =
tenant_id =
tags =
active = yes
description = ResourceControlManager
level = critical
logs = system
severity = *
source = FailoverClustering
category = *
event_id = 1230
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id - $time_stamp
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
send_to_axa =
tenant_id =
tags =
active = no
description = Warning message from NTFS
level = critical
logs = system
severity = 1
source = Microsoft-Windows-Ntfs
category = *
event_id = 98,140
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id - $time_stamp
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
send_to_axa =
tenant_id =
tags =
active = yes
description = Warning message from BatteryFailure
level = critical
logs = system
severity = *
source = Server Administrator
category = *
event_id = 2188
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
send_to_axa =
tenant_id =
tags =
active = yes
description = Instrumentation Service
level = critical
logs = system
severity = *
source = Server Administrator
category = *
event_id = 1354
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
send_to_axa =
tenant_id =
tags =
active = yes
description = DiskFail
level = critical
logs = system
severity = *
source = Server Administrator
category = *
event_id = 2048
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id - $message
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
$message: $time_stamp =
send_to_axa =
tenant_id =
tags =
active = yes
description = Multi bit error
level = warning
logs = system
severity = *
source = Server Administrator
category = *
event_id = 1404
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
send_to_axa =
tenant_id =
tags =
active = no
description = Disk Warning Events from Disk
level = warning
logs = system
severity = 2
source = disk
category = *
event_id = 157
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
send_to_axa =
tenant_id =
tags =
active = no
description = Red Cloak Service Stopped
level = *
logs = system
severity = *
source = Service Control Manager
category = *
event_id = 7031
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
send_to_axa =
tenant_id =
tags =
active = no
description = Disk Warning Events from Disk
level = warning
logs = system
severity = 2
source = disk
category = *
event_id = 153
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id - $time_stamp
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
$message: $time_stamp =
send_to_axa =
tenant_id =
tags =
active = yes
description = Physical Disk Offline
level = warning
logs = system
severity = 2
source = Server Administrator
category = Storage Service
event_id = 2050
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
send_to_axa =
tenant_id =
tags =
active = yes
description = Memory device location
level = minor
logs = system
severity = *
source = Server Administrator
category = Instrumentation Service
event_id = 1405
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id - $message
send_to_axa =
tenant_id =
tags =
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
active = yes
description = log on system is full
level = warning
logs = system
severity = *
source = Server Administrator
category = Instrumentation Service
event_id = 1554
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id - $message
send_to_axa =
tenant_id =
tags =
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
active = yes
description = Battery sensor detected a warning value Sensor location
level = warning
logs = system
severity = *
source = Server Administrator
category = Instrumentation Service
event_id = 1703
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id - $message
send_to_axa =
tenant_id =
tags =
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
active = yes
description = Battery sensor detected a failure value Sensor location
level = warning
logs = system
severity = *
source = Server Administrator
category = Instrumentation Service
event_id = 1704
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id - $message
send_to_axa =
tenant_id =
tags =
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
active = yes
description = Physical disk degraded
level = warning
logs = system
severity = *
source = Server Administrator
category = Instrumentation Service
event_id = 2051
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id - $message
send_to_axa =
tenant_id =
tags =
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
active = yes
description = Warning message from ServerAdministrator
level = warning
logs = system
severity = 2
source = Server Administrator
category = *
event_id = 2094
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
ServerAdministrator =
$message: $time_stamp =
send_to_axa =
tenant_id =
tags =
active = yes
description = FanFail
level = Warning
logs = system
severity = *
source = Server Agents
category = *
event_id = 1092
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
send_to_axa =
tenant_id =
tags =
active = yes
description = Instrumentation Service
level = critical
logs = system
severity = *
source = Server Administrator
category = *
event_id = 1154
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id - $time_stamp
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
send_to_axa =
tenant_id =
tags =
active = yes
description = Check for failed or removed disk failure.
level = *
logs = system
severity = *
source = HP Smart Array
category = *
event_id = 202
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
send_to_axa =
tenant_id =
tags =
active = yes
description = Physical Disk Offline
level = warning
logs = system
severity = 2
source = Server Administrator
category = Storage Service
event_id = 1401
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
send_to_axa =
tenant_id =
tags =
active = yes
description = Problems with the controller battery
level = warning
logs = system
severity = *
source = Server Administrator
category = *
event_id = 2318
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id
send_to_axa =
tenant_id =
tags =
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
active = yes
description = Redundancy Degraded PS
level = warning
logs = system
severity = *
source = Server Administrator
category = *
event_id = 2122
user = *
computer = *
message = *
send_alarm = yes
alarm_message = $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
active = yes
description = PS 1 cable removed
level = warning
logs = system
severity = *
source = Server Administrator
category = *
event_id = 2335
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
active = yes
description = Smart array controller cache status has changed to permanently disabled
level = warning
logs = system
severity = *
source = HP Smart Array
category = *
event_id = 11
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
active = yes
description = MS Cluster Warning Events-New
level = warning
logs = system
severity = *
source = Microsoft-Windows-FailoverClustering
category = *
event_id = 1135
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id - $message
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
send_to_axa =
tenant_id =
tags =
active = yes
description = Storage Service
level = critical
logs = system
severity = *
source = Server Administrator
category = *
event_id = 2056
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id
send_to_axa =
tenant_id =
tags =
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
active = yes
description = Storage Service
level = error
logs = system
severity = *
source = Server Administrator
category = *
event_id = 2293
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id
send_to_axa =
tenant_id =
tags =
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =
active = yes
description = Processor Sensor detected a failure Value
level = Error
logs = System
severity = *
source = Server Administrator
category = Instrumentation Service
event_id = 1604
user = *
computer = *
message = *
send_alarm = yes
alarm_message = Gold $source ($event_id - $category): $message: $time_stamp
i18n_token =
send_subject = no
subject =
subsystem =
suppress = yes
suppression_key = $profile - $source - $event_id
exclusive = no
qos_count = no
qos_interval = 3600
time_frame =
evt_count =
evt_count_condition =
runcommandonmatch = 0
commandexecutable =
commandarguments =
separator =