Event Log Attributes

Use Event Log attributes to create situations about actual records that are written to the Application, DNS Sever (V300 only), Security, and System logs, such as date and time of the event and event identification information. Event Log is a multiple-instance attribute group. You cannot mix these attributes with those of any other multiple-instance group.


Category The classification of the event as defined by the source. Valid format is a text string of up to 32 characters.

Category (Unicode) The classification of the event as defined by the source in UTF8. Valid format is a text string of up to 52 bytes.

Computer The name of the computer where the event occurs. Valid format is a text string of up to 16 characters. For example, to express DEV1, enter DEV1.

Date (V200) The date the event you are monitoring is logged. Valid format is a text string (MM/DD/YY). For example, enter 08/09/97 to express August 9, 1997.

Description A description of the event you are monitoring. Valid format is a text string of up to 64 characters. For example, enter a description such as Monitoring memory usage for DEV1.

Description (Unicode) The event detailed description in UTF8. Valid format is a text string of up to 1128 bytes.

Entry Time The date and time the event you are monitoring is logged. Standard 16-character date/time format (CYYMMDDHHMMSSmmm), where:

C

Century (0 for 20th, 1 for 21st)

YY

Year

MM

Month

DD

Day

HH

Hour

MM

Minute

SS

Second

mmm

Millisecond

Use simple text strings as described above. For example, enter 0971009130500000 to express October 9, 1997, 1:05:00 pm.

Event ID The identification code of the event you are monitoring. Valid format is a numeric string.

Log Name The name of a log. Valid format is a text string of up to 32 characters. For example, enter application for the Application log.

Log Name (Unicode) Log Name in UTF8. Valid format is a text string of up to 392 bytes.

Server Name The name of a server. Valid format is a text string of up to 64 characters.

Source The name of the application or component that logged the event you are monitoring. Valid format is a text string of up to 32 characters.

Source (Unicode) The software that logged the event, which can be an application name or a component of the system in UTF8. Valid format is a text string of up to 52 bytes.

Time (V200) The time the event you are monitoring is logged. Valid format is a text string (HH:MM:SS). For example, enter 13:05:30 to express 1:05pm and 30 seconds.

Timestamp The date and time the Tivoli Enterprise Management Server samples the data. Standard 16-character date/time format (CYYMMDDHHMMSSmmm), where:

C

Century (0 for 20th, 1 for 21st)

YY

Year

MM

Month

DD

Day

HH

Hour

MM

Minute

SS

Second

mmm

Millisecond

Use simple text strings as described above. For example, enter 0971009130500000 to express October 9, 1997, 1:05:00 pm.

Type The severity level of the event you are monitoring. Valid format is a case-sensitive text string of up to 16 characters (as described in the Event Type column). Possible values are:

Event Type

Description

Error

Serious, such as 'device driver not loading'

Warning

Cautionary, but not serious, such as 'low on disk space'

Information

Noteworthy, but not serious, such as 'successful operation achieved by an application'

Success

Indicates a successful procedure, such as 'an attachment to a shared printer'

Failure Audit

Failure of a procedure, such as 'a user attempting a procedure without correct privileges'

For example, Error indicates the severity level of the event you are monitoring is serious.

User The name of the user whose information you are monitoring. Valid format is a text string of up to 32 characters.

User (Unicode) The user's name in UTF8. Valid format is a text string of up to 52 bytes.