Solved

Kiwi Alerts Issue with Cisco 2960 switch

Posted on 2014-07-21
4
473 Views
Last Modified: 2014-07-23
I am trying to setup Kiwi Alerts for my Cisco devices.  I would like the Kiwi Server to accept ALL logging levels except DEBUG, BUT only email me if there is a REAL issue with a device.

I currently have 10 TVs connected to the 2960 switch and everytime they are turned on or off I get an alert because the interfaces have gone either UP or DOWN.

How can I stop getting emails when these interfaces go up or down while still getting alerts for true emergencies?
0
Comment
Question by:BSModlin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 50

Expert Comment

by:Don Johnston
ID: 40210107
Change the notification to level 2.

emergencies = 0
alerts = 1
critical = 2
errors = 3
warnings = 4
notifications = 5
informational = 6
debugging = 7
0
 
LVL 18

Accepted Solution

by:
Akinsd earned 500 total points
ID: 40210757
To achieve logging all notifications to syslog except for debug (level 7) and only receive email alerts when events are critical, you will need a combination of solutions.

The default trigger feature in Kiwi Syslog is based on frequency of message and not severity of message.

You can experiment with adding a new filter and set the actions you want in the filter. I haven't done this setup before so I can't really confirm if it works or not but may be worth trying - See attached screen shot.
Syslog
Your other  alternative is to forward the messages to a messaging system for additional processing. You will then create rules and email notification from that system.
As a matter of fact, you may be able to use your existing email rules. When the messages coming, identify unique or distinguishing words in the message and move the email as desired.

I hope this helps.
0
 

Author Comment

by:BSModlin
ID: 40212546
Perfect... thank you.. and how can i get each device to display on its own drop down correctly?
0
 
LVL 18

Expert Comment

by:Akinsd
ID: 40213246
I mentioned that I haven't used this particular setup before but I think the filter will be applied to all the devices.

I use the basic setup and only send critical messages to syslog unless I'm troubleshooting. The hard drive can fill up pretty quickly the higher you go on the syslog levels
0

Featured Post

What, When and Where - Security Threats from Q1

Join Corey Nachreiner, CTO, and Marc Laliberte, Information Security Threat Analyst, on July 26th as they explore their key findings from the first quarter of 2017.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is in response to a question (http://www.experts-exchange.com/Networking/Network_Management/Network_Analysis/Q_28230497.html) here at Experts Exchange. The Original Poster (OP) requires a utility that will accept a list of IP addresses …
Outsource Your Fax Infrastructure to the Cloud (And come out looking like an IT Hero!) Relative to the many demands on today’s IT teams, spending capital, time and resources to maintain physical fax servers and infrastructure is not a high priority.
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question