You can setup alarms to trigger if a specific condition is met on a syslog or trap message:
Each alarm has its severity and you can override the severity of the syslog alarm. This is useful if the default severity of a syslog does not correspond to alarm severity. For example, a fan is malfunctioning in the data center. Usually, syslog for this event will have a severity warning, but in this case data center is critical so it is wise to set the alarm severity higher.
To view all EventLog alarms, go to Alarm Module.
Here you can see the list off all alarms that occurred within the selected time period. In our case, we can see Auth. warning alarm that we previously defined in Settings.
Occurrence indicators visualize approximate time (withing selected time window) when alarm occurred.
You are also able to filter, sort alarms and view only active alarms according to your need.