The following table provides the common fields of an alert object that are sent over the Syslog channel:
Field | SD-ID (Structured Data ID) | Example | Description | |
---|---|---|---|---|
<###> | N/A |
116 =(14 * 8) + 4
Alert Range: 112-119 |
Priority Value: (Syslog Classifier * 8) + Syslog Severity |
|
Syslog Classifier | ||||
14 | log alert | |||
Syslog Severity | ||||
0 | Emergency: system is unusable | |||
1 | Alert: action must be taken immediately | |||
2 | Critical: critical conditions | |||
3 | Error: error conditions | |||
4 | Warning: warning conditions | |||
5 | Notice: normal but significant condition | |||
6 | Informational: informational messages | |||
7 | Debug: debug-level messages | |||
Version | N/A | 1 | Version of syslog message | |
Timestamp | N/A | 2003-10-11T22:14:15.003Z | Timestamp of syslog message | |
Hostname | N/A | xco.machine.com | Hostname of XCO | |
App Name | N/A | faultmanager | Application generating syslog alerts | |
Proc ID | N/A | - | Process ID | |
Msg ID | N/A | - | Alert sub-type classification | |
Sequence ID | meta | 47 | Tracks the sequence in which messages are submitted to the syslog transport. | |
IP | origin | 10.20.30.40 | IP address (of XCO host) | |
Enterprise ID | origin | 1916 | Extreme Networks Enterprise ID | |
Software | origin | XCO | Software Name (of XCO host) | |
SW Version | origin | 3.3.0 | Software Version (of XCO host) | |
Resource | alert@1916 | /App/System/Security/Certificate?type=app_server_cert | XCO Health Resource path associated to the Alert being sent. | |
Alert ID | alert@1916 | 31000 | ID identifying the XCO Alert | |
Cause | alert@1916 | keyExpired | Reason for the Alert (Attempt to map to IANA standards) | |
Type | alert@1916 | securityServiceOrMechanismViolation | Indicates the Category (Attempt to map to IANA standards) | |
Severity | alert@1916 | warning |
Severity of the XCO Alert (Critical, Major, Minor, Warning, Info) |
|
XCO Alert | Syslog Severity | |||
Critical | Alert (1) | |||
Major | Critical (2) | |||
Minor | Error (3) | |||
Warning | Warning (4) | |||
Info | Informational (6) | |||
BOMText | N/A | The application server certificate on the application will expire soon on “Sep 12 10:00:45 2022 GMT”. | (Byte Order Mask) Textual description of the Alert |
<116>1 2003-10-11T22:14:15.003Z xco.machine.com faultmanager - - [meta sequenceId=”47”] [origin ip=”10.20.30.40” enterpriseId=”1916” software=”XCO” swVersion=”3.3.0”] [alert@1916 resource=”/App/System/Security/Certificate?type=app_server_cert” alertId=”31000” cause=”keyExpired” type=”securityServiceOrMechanismViolation” severity=”warning”] [alertData@1916 type="app_server_cert" expiry_data="Sep 12 10:00:45 2022 GMT"] BOMThe application server certificate on the application will expire soon on “Sep 12 10:00:45 2022 GMT”.