Parser Summary

NAVIGATION  Monitor > Log Monitoring > Parser Summary

The Parser Summary page displays and optionally define alerts for all parser sets assigned to all machine IDs within the user's scope. Parser Summary can also copy parser sets assignments to multiple machine IDs.

NOTE   Copying a parser set to a machine ID on this page activates the log parser on the machine IDs it is copied to. Parsing occurs whenever the log file being parsed is updated.

NOTE   You can download a Configuring Log Parsers Step-by-Step PDF from the first topic of online user assistance.

Log Monitoring Setup

  1. Log Parser - Identify a log file to parse using a log file parser definition. A log file parser definition contains the log file parameters used to store values extracted from the log file. Then assign the log parser to one or more machines.
  2. Assign Parser Sets - Define a parser set to generate Log Monitoring records, based on the specific values stored in the parameters. Activate parsing by assigning a parser set to one or more machine IDs previously assigned that log parser. Optionally define alerts.
  3. Parser Summary - Quickly copy active parser set assignments from a single source machine to other machine IDs. Optionally define alerts.

Notification

The agent collects log entries and creates an entry in the 'log monitoring' log based on the criteria defined by the parser set, whether or not any of the notification methods are checked. You don't have to be notified each time a new log monitoring entry is created. You can simply review the 'Log Monitoring' log periodically at your convenience.

To Copy Parser Set Assignments

  1. Select a source machine to copy parser set assignments from.
  2. Select machine IDs to copy parser set assignments to.
  3. Click Copy.

To Create a Parser Set Alert

  1. Check any of these checkboxes to perform their corresponding actions when an alert condition is encountered:
  • Create Alarm
  • Create Ticket
  • Run Script
  • Email Recipients
  1. Set additional email parameters.
  2. Check the machine IDs to apply the alert to.
  3. Click the Apply button.

To Cancel a Parser Set Alert

  1. Select the machine ID checkbox.
  2. Click the Clear button.

The alert information listed next to the machine ID is removed.

Passing Alert Information to Emails and Procedures

The following types of monitoring alert emails can be sent and formatted:

  • Log Monitoring parser alerts.
  • Multiple log monitoring parser alerts.
  • Missing log monitoring parser alert.

NOTE   Changing this email alarm format changes the format for both Assign Parser Sets and Parser Summary emails.

The following variables can be included in your formatted email alerts and are passed to agent procedures assigned to the alert. A in a numbered column indicates a variable can be used with the alert type corresponding to that number.

Within an Email

Within a Procedure

Description

1

2

3

<ad>

#ad#

duration

 

 

<at>

#at#

alert time

<db-view.column>

not available

Include a view.column from the database. For example, to include the computer name of the machine generating the alert in an email, use <db-vMachine.ComputerName>

<ec>

#ec#

event count

 

 

<ed>

#ed#

event description

 

<gr>

#gr#

group ID

<id>

#id#

machine ID

<lpm>

#lpm#

Log file set criteria

<lpn>

#lpn#

Log parser set name

<lsn>

#lsn#

Log file set name

 

#subject#

subject text of the email message, if an email was sent in response to an alert

 

#body#

body text of the email message, if an email was sent in response to an alert

Create Alarm

If checked and an alert condition is encountered, an alarm is created. Alarms are displayed in Monitor > Dashboard List, Monitor > Alarm Summary and Info Center > Reporting > Reports > Logs > Alarm Log.

Create Ticket

If checked and an alert condition is encountered, a ticket is created.

Email Recipients

If checked and an alert condition is encountered, an email is sent to the specified email addresses.

  • The email address of the currently logged on user displays in the Email Recipients field. It defaults from System > Preferences.
  • Click Format Email to display the Format Alert Email popup window. This window enables you to format the display of emails generated by the system when an alert condition is encountered. This option only displays for master role users.
  • If the Add to current list radio option is selected, when Apply is clicked alert settings are applied and the specified email addresses are added without removing previously assigned email addresses.
  • If the Replace list radio option is selected, when Apply is clicked alert settings are applied and the specified email addresses replace the existing email addresses assigned.
  • If Remove is clicked, all email addresses are removed without modifying any alert parameters.
  • Email is sent directly from the Kaseya Server to the email address specified in the alert. Set the From Address using System > Outbound Email.

Copy

Click Copy to copy the parser sets of the machine ID selected using the this machine ID link to other machine IDs selected in the paging area.

Apply

Applies alert checkbox settings to selected machine IDs.

Clear All

Clears all alert checkbox settings from selected machine IDs.

Select All/Unselect All

Click the Select All link to check all rows on the page. Click the Unselect All link to uncheck all rows on the page.

Check-in status

These icons indicate the agent check-in status of each managed machine. Hovering the cursor over a check-in icon displays the agent Quick View window.

Word 50% / HTML 50% Agent is currently offline

Word 50% / HTML 50% User Logged In and Agent is Active

Word 50% / HTML 50% User Logged In and Agent is Inactive

Word 50% / HTML 50% User Not Logged In and Agent is online

Word 50% / HTML 50% User Not Logged In and Agent is Idle

Word 50% / HTML 50% The agent has been suspended

Word 50% / HTML 50% Agent has never checked in

Machine.Group ID

The list of Machine.Group IDs displayed is based on the Machine ID / Group ID filter and the machine groups the user is authorized to see using System > User Security > Scopes.

Delete

Click the delete icon next to a parser set to delete its assignment to a machine ID.

Log Set Names

Lists the names of parser sets assigned to this machine ID.

ATSE

The ATSE response code assigned to machine IDs:

  • A = Create Alarm
  • T = Create Ticket
  • S = Run Procedure
  • E = Email Recipients

Email Address

A comma separated list of email addresses where notifications are sent.

Interval

The interval to wait for the alert event to occur or not occur.

Duration

Applies only if Alert when this event occurs <N> times within <N> <periods> is selected. Refers to <N> <periods>.