hazard1yard

NTEVL 3.85

Discussion created by hazard1yard on Feb 27, 2014
Latest reply on Feb 28, 2014 by 1_keithk

I have NTEVL 3.85 running and created a couple of profiles to search for a particular Message String, all of the other fields are '*'.

 

I then went to the Alarm/Post tab and set the severity level to CRITICAL. When the alarm came in it still came in at the severity level as defined in the Windows event log. I read through the help document and found the following;

 

"Note: The critical level is supported by Windows Server 2008 only."

 

However I am running this probe on a Windows 2008 Server. For now I have a small script that runs in the NAS that escalates the event to CRITICAL severity from the NAS when it comes in based on the message string (not tested yet but I am hoping it works) but the problem I have is that one of the profiles I created in NTEVL does not rely on a message string, just the fact that an event came from a specific source and has a specific event ID. The AO preprocessing does not have a field I can use for event ID or event source.

 

 

Any ideas? Should CRITICAL level be working?

 

Thank you

Kevin

Outcomes