Event Log alerts allow you to receive critical system information through notifications such as email, pager and so forth. It is important to understand that all System Health features of EventSentry log errors and warnings to the application event log which makes it imperative to have event log filters setup that forward warnings and errors to you.
EventSentry ships with a number of default packages containing mostly exclude filters. These exclude filters have been setup to cut down on the number of false positives you would receive compared with a single include filter that forwards all errors and warnings.
When setting up your filter rules, you can basically take two different approaches:
1.Receive all warnings and errors except for certain warning and error events that are non-critical
2.Receive only selected events
This is similar to the approach you have to take when configuring firewalls: You can either configure the firewall to let everything through but block certain services, or block everything and only let certain services through.
We recommend that you take the first approach and configure EventSentry to send you all Errors and Warnings and exclude non-critical Warnings and Errors you might be getting.
The reasoning behind this is quite simple - it is almost impossible to know in advance what events you will be receiving from your servers. By only including events that you anticipate, you are potentially loosing out on being notified when a serious and unexpected error occurs. |