Monitored Logs Attributes

Monitored Logs attributes represent log settings that affect future log entries, such as the maximum log size and when old entries should be deleted. Monitored Logs is a multiple-instance attribute group. You cannot mix these attributes with those of any other multiple-instance group.


% Usage The percentage of the log used. Valid values are positive integers in the range of 0 to 100 (expressing a percentage). For example, to express 50% usage, enter 50.

Usage: The following situation notifies you when the Security Log reaches 50% of the capacity you set as a maximum:

*VALUE *Log Name *EQ Security *AND *VALUE *Capacity *EQ 50

Current Size The current size of a specific log in bytes. Valid values are positive integers in the range 0 to 4194240 (expressing an integer). For example, to express 512 bytes as the current size of a specific log, enter 512.

Usage: The following situation notifies you when the size of the Application Log is greater than 512 bytes:

*VALUE *Log Name *EQ Application *AND *VALUE *Current Size *GT 512

Date Last Modified The date the file was last modified. Valid format is a text string of up to 16 characters. For example, enter 13:05:30 to express 1:05pm and 30 seconds.

Date Time Last Modified The date and time when the file was last modified.

Log Name Use this attribute to create a situation where you want to specify a specific log to monitor or exclude events written to a specific log. Valid format is a text without case-sensitivity with a range from 1 to 32 characters. For example, to express Security for the name of the log, enter Security.

Usage: The following situation monitors all events logged to the Security Log:

*VALUE *Log Name *EQ *Security

Log Name (Unicode) Use this attribute to create a situation where you want to specify a specific log to monitor or exclude events written to a specific log. Valid format is a text string of up to 392 bytes.

Log Type Unique integer that identifies the Event Log type. This value determines which log table to call.

Max Size The maximum size of the log file in bytes. Valid values are positive integers in the range 0 to 4194240 (expressing an integer). For example, to express 512 bytes for the maximum size of the log file, enter 512.

Usage: The follow situation notifies you when the Application Log reaches 512 bytes:

VALUE *Log Name *EQ *Application *AND *VALUE *Max Size *EQ 512

Path A location on a disk drive. Valid format is a text string without case-sensitivity in the range from 1 to 256 characters. For example, to express C:\EVENTLOG\SYSLOG as the path for the System log, enter C:\EVENTLOG\SYSLOG.

Usage: Use this attribute to create a situation that monitors a log in a specific location on a disk drive.

*VALUE *Log Name *EQ System *AND *Path *EQ C:\EVENTLOG\SYSLOG

Path (Unicode) A location on a disk drive. Valid format is a text string without case-sensitivity in the range from 1 to 392 bytess.

Record Count The number of records in a log. Valid values are positive integers in the range 0 to 4194240 (expressing an integer). For example, to express 55 for the number of records in a log, enter 55.

Usage: The following situation notifies you when the System Log contains 55 or more records:

*VALUE *Log Name *EQ *System *AND *Record Count *GE 55

Retention Use this attribute when you want to be notified when a specific log reaches the number of days you specified in the Overwrite Event Older Than section of the Event Log Settings panel.

To specify this number on the Event Log Settings panel, perform the procedure that follows.

1. Click Start from the menu bar.

The Start menu displays.

2. Select Programs and then Administrative Tools.

3. Open the Event Viewer.

4. Select Log, then Log Settings.

5. Click the Overwrite Events Older Than button and enter a number.

To verify this number, check the Retention field in the Monitored Logs report.

Usage: The following situation notifies you when the events logged to the Application Log reach the seven day maximum retention:

*VALUE *Log Name *EQ *Application *AND *VALUE *Retention *EQ 7

Server Name The name of the managed system. Valid format is a text string of up to 64 characters.

Timestamp The date and time the Tivoli Enterprise Monitoring Server samples the data. Standard 16-character date/time format (CYYMMDDHHMMSSmmm), where:

C

Century (0 for 20th, 1 for 21st)

YY

Year

MM

Month

DD

Day

HH

Hour

MM

Minute

SS

Second

mmm

Millisecond

Use simple text strings as described above. For example, enter 0971009130500000 to express October 9, 1997, 1:05:00 pm.

Time Last Modified The time when the log was last modified.