Introduction : OnBoard Appliance Notifications

OnBoard Appliance Notifications
The OnBoard appliance includes syslog-ng, which can be configured through either the Web Manager or the cycli utility to filter log messages sent by system daemons (such as messages from the cron daemon, crond) and by connected devices. By default, the /etc/syslog/syslog-ng.conf file monitors messages from the following two files:
Notifications can be configured to be sent to an OnBoard appliance administrator by one of the following methods:
syslog-ng allows administrators to set up additional alarm triggers to filter messages based on the messages’ facility, level or contents.
Alarm triggers must be specified in the following format:
function(‘one_or_more_criteria_connected_by_operators’);
Supported operators are and, or and not.
The following line shows the syntax for a match function.
match(‘regular_expression_matching_a_text_string’);
The following line shows the syntax for two match functions connected by the not operator.
match(‘regular_expression”) and not match(“regular_ expression’);
The following example shows the two match functions filtering for logins and excluding messages that have the username francisco; the functions are connected by the not operator.
match(‘[Ll]ogin”) and not match(“francisco’);
See the syslog-ng v1.6 reference manual at http://www.balabit.com/products/syslog-ng/reference-1.6/syslog-ng.html/index.html#filterfunc for more information.
See the following sections for how administrative users can configure notifications and alarms and email: