Submit a ticketCall us

Announcing NPM 12.2
With NPM 12.2 you can monitor your Cisco ASA firewalls, to monitor VPN tunnels for basic visibility and troubleshooting tunnels. NPM 12.2 also uses the SolarWinds Orion Installer so you can easily install and upgrade one or more Orion Platform products simultaneously.
See new features and improvements.

Home > Success Center > Log & Event Manager (LEM) > Exclude specific account from a rule

Exclude specific account from a rule

Table of contents
Created by Jason Dee, last modified by MindTouch on Jun 23, 2016

Views: 77 Votes: 1 Revisions: 6

Overview

This article details how to exclude a specific account from a rule so you are not receiving email alerts for that account.

Environment

LEM all versions

Steps

  1. Go to Build > Rules.
  2. Click on the gear icon and choose Edit on the rule you need to modify.
  3. Expand Events on the left side and highlight the applicable Event Name used in the Correlations section.
  4. Drag the DestinationAccount field from the Fields section beneath Events to a new line under Correlations.
  5. Click on the Equal sign to change it to Not Equal.
  6. Enter the account name you wish to exclude and surround it with asterisks (wildcards).
  7. Save the rule and click Activate Rules.

 

Here is an example of what this looks like using the Account Lockout rule:

 

 

Note that you may not necessarily be using the DestinationAccount field in every case. If you're not sure, find the event using nDepth and verify which field the account name is under.

 

 

 

Last modified
20:00, 22 Jun 2016

Tags

Classifications

Public