we have a firewall device that is submitting syslog events to zenoss but no eventClassKey is set. Is there a way to set the eventClassKey using the mappings rather than having 15 defaultmapping's 1 for each type of syslog entry .
You can edit $ZENHOME/Products/ZenEvents/SyslogProcessing.py. Up near the top the list of parsers is defined. You can see how the eventClassKey and other bits are extracted from other syslog format then create one for this firewall type.
If you could let us know what kind of firewall device it is, and what mapping you created it might be useful to others as well.
_______________________________________________ zenoss-users mailing list [email protected] http://lists.zenoss.org/mailman/listinfo/zenoss-users
