6.3.27 Event filter definition file (ssoevtfilter.conf)
In the event filter definition file, define whether to filter the incidents to be issued to NNMi. This definition file is used to prevent the issuance of unnecessary incidents.
When off is specified in the threshold-event or status-event key in the ssocolmng action definition file (ssocolmng.def) and ssoapmon action definition file (ssoapmon.def), incidents are not issued even if off is specified in the event filter definition file.
- Organization of this subsection
(1) Format
The following shows the format of the event filter definition file.
(2) Description
The following table describes the content of the definition in the event filter definition file.
Key name |
Value |
---|---|
incident-name# <<off>> |
Specify whether to filter the specified incident. on: Filters the incident. off: Does not filter the incident. |
(3) Example
The following is an example of defining the event filter definition file.
(4) Writing a definition in a field
The following describes how to write a definition in a field:
-
In each field, write an incident name delimited with a colon (:) and a value on one line.
-
Write the incident name at the top of the line.
-
You can write a tab or 1 or more spaces after the colon (:).
(5) Application of definitions
If you have changed the definition of an incident in the event filter definition file, you must execute the daemon process that notifies NNMi of the incident to re-read the definition file. The following table describes incidents, the daemon processes that require re-reading of the definition file, and the re-reading methods.
Event name |
Incident name# |
Daemon process requiring re-reading |
Re-reading method |
---|---|---|---|
|
Incident name beginning with SSO_Resource |
ssocolmng |
|
|
Incident name beginning with SSO_Process |
ssoapmon |
|
Service status change event |
Incident name beginning with SSO_Service |
||
Application status change event |
Incident name beginning with SSO_Application |
(6) Incident not subject to event filtering
The table below describes the incident that is not subject to the filtering based on the event filter definition file. Even if the incident is defined in the event filter definition file, the definition is invalid, and the incident will be issued.
Category |
Incident name |
Description |
---|---|---|
Resource collection |
SSO_Resource_DB_Size_Warning |
A threshold for a collection database was exceeded. |
(7) Notes
Note the following when writing definitions in the event filter definition file:
-
If the definition file includes multiple definitions specifying the same incident name, the definition written last is assumed to be valid, and the other definitions are ignored.
-
The incidents that are not defined in the definition file are treated according to the default settings.
-
If an error is detected in a definition, only the line that contains the error is skipped, and reading continues from the next line.
-
The settings specified in this definition file are also applied to SNMP trap events issued by SSO.