Submit a ticketCall us

Putting Your Logs Where They Belong with the New SolarWinds Log Manager for Orion

The new SolarWinds® Log Manager for Orion® finally puts your log data right where it belongs, in the heart of your Orion console. Gain insight into the performance of your infrastructure by monitoring your logs in a unified console allowing you to see a wealth of information about the health and performance of your network and servers.

Reserve a Seat for Wednesday May 23rd 11am CDT | Reserve a Seat for Tuesday May 22nd 10:30am GMT | Reserve a Seat for Tuesday May 22nd 1pm SGT / 3pm AEST

Home > Success Center > Log & Event Manager (LEM) > LEM filter does not trigger with User Defined Group condition

LEM filter does not trigger with User Defined Group condition

 

Overview

Attempting to create a filter, where a User-Defined Group is used.

For example, UserLogOff.DetectionIP = GroupTest

Where Group Test has a list of computer names to compare in the condition.

However, no events appear in the new filter.

Environment

LEM 6.3.1

Cause 

If the symbol * is missing, then the condition in the filter will not work.

Resolution

  1. As a test, create a filter that has only one of the servernames within the condition.

    Example: UserLogOff.DetectionIP = *ComputerA*

    Where ComputerA is one of the names that is in the User-Defined Group: GroupTest

    Make sure that this condition works.

  2. If the condition works, then check the column DATA in the User-Defined Group. In this case the GroupTest may only have in the data section: ComputerA. Which is not correct. The data portion should have: *ComputerA*     
  3. Edit the entries in the User-Defined Group, and add the * symbol before and after your data parameters.
  4. Save the changes to your group, and then check on the filter again. User should see that the events have started coming in.

 

Last modified

Tags

Classifications

Public