Submit a ticketCall us

AnnouncementsAre You “Flying Blind?”

When it comes to your complex IT infrastructure, you want to ensure you have a good grasp of what’s going on to avoid any fire drills that result from guesswork. Read our white paper to learn how proactively monitoring your IT environment can help your organization while giving you peace of mind.

Get your free white paper.

Home > Success Center > Kiwi Syslog Server > Kiwi Syslog Server Documentation > Kiwi Syslog Server Administrator Guide > Add rules, filters, and actions > How rules, filters, and actions work

How rules, filters, and actions work

Rules determine what actions Kiwi Syslog Server takes when it receives a message, and which messages trigger these actions. For example, you can create rules to:

  • Log all messages to a file.
  • Send an email if the message has a high priority level.
  • Run a script if the message includes specific words or phrases.

Rules consist of the following elements:

  • Filters determine which messages trigger the actions. If a rule does not include any filters, all messages are acted on.
  • Actions determine what happens when a message passes all of the filters.

You can define up to 100 rules. Each rule can include up to 100 filters and 100 actions.

How rules are applied

When a message is received, rules are applied to the message in order, starting with the rule at the top of the list. When a rule is applied to a message:

  1. The message is matched against each filter in that rule, starting with the filter at the top of the list.
    • If the message passes a filter (all conditions in the filter return TRUE), it is matched against the next filter in that rule.

    • If the message does not pass a filter, processing stops for that rule and Kiwi Syslog Server applies the next rule.

  2. If the message passes all filters, each action is performed. Actions are performed in order, starting with the action at the top of the list.

    When all actions within that rule have been performed, Kiwi Syslog Server applies the next rule.

Default rule

When you install Kiwi Syslog Server, a rule named Default is created automatically. This rule applies two actions to all messages:

  • Displays each message on the Kiwi Syslog Service Manager console.
  • Logs each message to the SyslogCatchAll.txt file, which is located in the \Logs directory of the Kiwi Syslog Server installation folder.

Next steps

To define how Kiwi Syslog Server processes and responds to messages, complete the following tasks:

Last modified

Tags

Classifications

Public