The following table provides the common fields of an alert object that are sent over the Syslog channel:
| Field | SD-ID (Structured Data ID) | Example | Description | |
|---|---|---|---|---|
| <###> | N/A |
116 =(14 * 8) + 4
Alert Range: 112-119 |
Priority Value: (Syslog Classifier * 8) + Syslog Severity |
|
| Syslog Classifier | ||||
| 14 | log alert | |||
| Syslog Severity | ||||
| 0 | Emergency: system is unusable | |||
| 1 | Alert: action must be taken immediately | |||
| 2 | Critical: critical conditions | |||
| 3 | Error: error conditions | |||
| 4 | Warning: warning conditions | |||
| 5 | Notice: normal but significant condition | |||
| 6 | Informational: informational messages | |||
| 7 | Debug: debug-level messages | |||
| Version | N/A | 1 | Version of syslog message | |
| Timestamp | N/A | 2003-10-11T22:14:15.003Z | Timestamp of syslog message | |
| Hostname | N/A | efa.machine.com | Hostname of EFA | |
| App Name | N/A | EFAFaultManager | Application generating syslog alerts | |
| Proc ID | N/A | - | Process ID | |
| Msg ID | N/A | - | Alert sub-type classification | |
| Sequence ID | meta | 47 | Tracks the sequence in which messages are submitted to the syslog transport. | |
| IP | origin | 10.20.30.40 | IP address (of EFA host) | |
| Enterprise ID | origin | 1916 | Extreme Networks Enterprise ID | |
| Software | origin | EFA | Software Name (of EFA host) | |
| SW Version | origin | 3.1.0 | Software Version (of EFA host) | |
| Resource | alert@1916 | /App/System/Security/Certificate | EFA Health Resource path associated to the Alert being sent. | |
| Alert ID | alert@1916 | 31000 | ID identifying the EFA Alert | |
| Cause | alert@1916 | keyExpired | Reason for the Alert (Attempt to map to IANA standards) | |
| Type | alert@1916 | securityServiceOrMechanismViolation | Indicates the Category (Attempt to map to IANA standards) | |
| Severity | alert@1916 | warning |
Severity of the EFA Alert (Critical, Major, Minor, Warning, Info) |
|
| EFA | Syslog Severity | |||
| Critical | Alert (1) | |||
| Major | Critical (2) | |||
| Minor | Error (3) | |||
| Warning | Warning (4) | |||
| Info | Informational (6) | |||
| BOMText | N/A | The application server certificate on EFA will expire soon on “Sep 12 10:00:45 2022 GMT”. | (Byte Order Mask) Textual description of the Alert | |
<116>1 2003-10-11T22:14:15.003Z efa.machine.com EFAFaultManager - -
[meta sequenceId=”47”]
[origin ip=”10.20.30.40” enterpriseId=”1916” software=”EFA” swVersion=”3.1.0”]
[alert@1916
resource=”/App/System/Security/Certificate”
alertId=”31000”
cause=”keyExpired”
type=”securityServiceOrMechanismViolation”
severity=”warning”]
[alertData@1916
certifcateType=”App Server certificate”
expiryDate=”Sep 12 10:00:45 2022 GMT”]
BOMThe application server certificate on EFA will expire soon on “Sep 12 10:00:45 2022 GMT”.