Alert-Specific Request Parameters

You must specify the alert rules for each specific alert type you are managing.

Alert Rules are defined using the alertRules Common Request Parameter. The following section contains alert-specific parameters for each of the alert types. The alert types are Adaptive Baseline, Cisco PIX/ASA Messages, Message Volume, Network Policy, Pre-defined Search Filter, Ratio Based, System, VPN Connections, VPN Messages, and VPN Statistics.

Alert-Specific Request Parameters usage must follow several rules:

  • All Alert-Specific Parameters can be implemented in any order. LogLogic recommends that you implement the alert rules in a consistent order and format to make managing the alert rules easier.
  • Alert-Specific parameter values must include double quotation marks around the entire alert rule. For example:

    “param1/valueA//param2/valueC”

  • If the name of a device or the parameter value includes a forward slash (/), such as HP/UX, IBM i5/OS, or Accept/Total, you must replace the forward slash with %2F. (The F is case-sensitive.)

    Examples: HP%2FUX, IBM i5%2FOS, or Accept%2FTotal

  • Use forward slash marks as delimiters when specifying alert rules. Use a single forward slash mark (/) as a delimiter to define multiple values for a parameter. Use double forward slash marks (//) as delimiters for parameters. For example:

    param1/valueA//param2/valueC/valueD//param3/valueE

    where param1, param2, and param3 are parameters and valueA, valueC, valueD, and valueE are values for param1, param2, and param3, respectively.

    The example assigns the following name/value pairs:

    • param1 = valueA
    • param2 = valueC, valueD
    • param3 = valueE