You can setup alarms to trigger if a specific condition is met on a syslog or snmp trap message:
For Syslogs, threshold is based on source IP, severity, facility and message content
For SNMP traps, threshold is based on source IP, trap OID and variable bindings. It is possible to combine more threshold criteria (AND logical operand is implied).
Each alarm has its severity and you can override the severity of the syslog alarm. This is useful if the default severity of a syslog does not correspond to alarm severity. For example, a fan is malfunctioning in the data center. Usually, syslog severity for fan malfunctioning is Warning, but in this case it is wise to set the higher Alarm severity.
To view all EventLog alarms, go to Alarm Module.
Here you can see the list off all alarms that occurred within the selected time period. In our case, we can see debug alarm that we previously defined in Settings.
In this view alarm occurrences are grouped. By clicking plus sign you can see each occurrence of an alarm. Occurrence indicators visualize approximate time (within selected time window) when alarm occurred. Clicking on Group toggle button alarm occurrences are no longer grouped.
You are also able to filter, sort alarms and view only active alarms according to your need.