Kiwi Alerts Issue with Cisco 2960 switch

I am trying to setup Kiwi Alerts for my Cisco devices.  I would like the Kiwi Server to accept ALL logging levels except DEBUG, BUT only email me if there is a REAL issue with a device.

I currently have 10 TVs connected to the 2960 switch and everytime they are turned on or off I get an alert because the interfaces have gone either UP or DOWN.

How can I stop getting emails when these interfaces go up or down while still getting alerts for true emergencies?
BSModlinAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Don JohnstonInstructorCommented:
Change the notification to level 2.

emergencies = 0
alerts = 1
critical = 2
errors = 3
warnings = 4
notifications = 5
informational = 6
debugging = 7
0
AkinsdNetwork AdministratorCommented:
To achieve logging all notifications to syslog except for debug (level 7) and only receive email alerts when events are critical, you will need a combination of solutions.

The default trigger feature in Kiwi Syslog is based on frequency of message and not severity of message.

You can experiment with adding a new filter and set the actions you want in the filter. I haven't done this setup before so I can't really confirm if it works or not but may be worth trying - See attached screen shot.
Syslog
Your other  alternative is to forward the messages to a messaging system for additional processing. You will then create rules and email notification from that system.
As a matter of fact, you may be able to use your existing email rules. When the messages coming, identify unique or distinguishing words in the message and move the email as desired.

I hope this helps.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
BSModlinAuthor Commented:
Perfect... thank you.. and how can i get each device to display on its own drop down correctly?
0
AkinsdNetwork AdministratorCommented:
I mentioned that I haven't used this particular setup before but I think the filter will be applied to all the devices.

I use the basic setup and only send critical messages to syslog unless I'm troubleshooting. The hard drive can fill up pretty quickly the higher you go on the syslog levels
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Switches / Hubs

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.