jcfaleltdef (Windows only)
- Organization of this page
Function
Defines the profile of a remote monitoring event log trap on the specified monitored host. The definition is overwritten whether the profile on the specified monitored host is running or has stopped.
To perform a batch reload, use the jcfaleltdef command to overwrite multiple running remote monitoring event log traps, and then use the jcfaleltreload command to batch-reload the profiles.
Note that a maximum of five commands can be executed concurrently.
The following conditions must be satisfied to execute this command:
-
The IM Configuration Management service is running.
-
There is a remotely monitored host in the remote monitoring configuration.
-
A remotely monitored host has already collected host information.
Format
jcfaleltdef -f remote-monitoring-event-log-trap-action-definition-file-name -o monitored-host-name [-filter filter] [-h logical-host-name]
Execution permission
Administrator permissions
Storage directory
Manager-path\bin\imcf\
Arguments
- -f remote-monitoring-event-log-trap-action-definition-file-name
-
Specifies the name of an action definition file.
Specify the action definition file name as the full path or a relative path from the current directory with a maximum of 256 bytes. When specifying a relative path, do so in such a way that the full-path name with the directory name will not be more than 256 bytes.
The action definition file can be placed in any directory, and any file name can be specified.
- -o monitored-host-name
-
Specifies the name of the monitored host for a remote monitoring event log trap whose profile you want to define. Note that the OS on the monitored host must be Windows.
- -filter filter
-
Specifies the log type to filter on when the system has been set up to collect only event logs from a remotely monitored host.
When this option is specified, only event logs that match the specified log type are transferred to the manager. Specify this option to control the amount of log file data that is transferred from a remotely monitored host to the manager.
Use a character string in the following table to specify the log type. Note that the character strings are not case sensitive.
Specifiable log type
Log type of event logs to be filtered
Error
Error, Critical
Warning
Warning
Information
Information, Verbose
Audit_success
Security Audit Success
Audit_failure
Security Audit Failure
To specify multiple log types, use a comma (,) as a separator. Do not insert a space before or after the comma.
- -h logical-host-name
-
Specifies the name of the logical host on which you want to execute the command. If this option is omitted, the logical host name specified for the JP1_HOSTNAME environment variable is set. If no logical host name is set for JP1_HOSTNAME, the physical host name is set.
Return values
0 |
Addition successful |
4 |
Invalid argument |
6 |
Unable to connect to the server |
7 |
Invalid host information |
10 |
Error in obtaining exclusive edit rights |
14 |
Invalid DB |
17 |
Invalid permission |
18 |
Input/output error |
21 |
Upper limit for number of concurrent executions reached |
255 |
Internal error |
Other value |
Other error |
Example 1
Add a profile on host1:
jcfaleltdef -f actionDefinition.conf -o host1
Example 2
Filter to obtain only the error, warning, and failed-audit event logs when a profile has been added on host1:
jcfaleltdef -f actionDefinition.conf -o host1 -filter Error,Warning,Audit_failure