Submit a ticketCall us

Get a crash course on Network Monitoring delivered right to your inbox
This free 7-day email course provides a primer to the philosophy, theory, and fundamental concepts involved in IT monitoring. Lessons will explain not only how to perform various monitoring tasks, but why and when you should use them. Sign up now.

Home > Success Center > Kiwi Syslog Server > Kiwi Syslog Server Administrator Guide > Add rules, filters, and actions > How rules, filters, and actions work

How rules, filters, and actions work

Rules determine what actions Kiwi Syslog Server takes when it receives a message, and which messages trigger these actions. For example, you can create rules to:

  • Log all messages to a file.
  • Send an email if the message has a high priority level.
  • Run a script if the message includes specific words or phrases.

Rules consist of the following elements:

  • Filters determine which messages trigger the actions. If a rule does not include any filters, all messages are acted on.
  • Actions determine what happens when a message passes all of the filters.

You can define up to 100 rules. Each rule can include up to 100 filters and 100 actions.

How rules are applied

When a message is received, rules are applied to the message in order, starting with the rule at the top of the list. When a rule is applied to a message:

  1. The message is matched against each filter in that rule, starting with the filter at the top of the list.
    • If the message passes a filter (all conditions in the filter return TRUE), it is matched against the next filter in that rule.

    • If the message does not pass a filter, processing stops for that rule and Kiwi Syslog Server applies the next rule.

  2. If the message passes all filters, each action is performed. Actions are performed in order, starting with the action at the top of the list.

    When all actions within that rule have been performed, Kiwi Syslog Server applies the next rule.

Default rule

When you install Kiwi Syslog Server, a rule named Default is created automatically. This rule applies two actions to all messages:

  • Displays each message on the Kiwi Syslog Service Manager console.
  • Logs each message to the SyslogCatchAll.txt file, which is located in the \Logs directory of the Kiwi Syslog Server installation folder.

Next steps

To define how Kiwi Syslog Server processes and responds to messages, complete the following tasks:

Last modified
11:02, 2 Mar 2017

Tags

Classifications

Public