Sending Log Messages to an Event-Management Database
With this procedure, TLC queries the Audit Logger File Store for log messages to be saved as Events in a specified Event-Management Database (see How does Log-Message Normalization work?). To normalize each log message, TLC uses the Normalization Rules assigned to each Asset Group containing the Monitored Asset that represents the message's Log Source (see Assigning Normalization Rules to Asset Groups), as well as any rules assigned to the Asset itself (see Table 49).
To send log messages from the Audit Logger to an Event-Management Database:
|
1.
|
In the side bar, select Events > Audit Logger. |
|
2.
|
In the Audit Logger, select the Query tab. |
|
3.
|
From the Output drop-down, select Database. |
TLC adds a Database drop-down to the Query Criteria tab.
|
4.
|
From the Database drop-down, select the Event-Management Database to which the log messages will be exported. |
|
Note
|
If you select the Clear check box, TLC will delete all Events in the selected database before importing the messages from the Audit Logger.
|
|
5.
|
Enter your other criteria for the query (see Table 78). |
When the process completes, click OK in the Information dialog.