Event Monitors and Rules
Event monitors and rules rely on the application they are monitoring to create an event of some kind in response to a problem or other interesting occurrence. The monitor or rule continuously watches the data source for an event matching specific criteria and immediately takes an appropriate response. The basic logic and configuration of event rules and monitors are similar except for the initial configuration of the data source that they are retrieving the event from.
The table below lists the kinds of events that can be used for monitors and rules in an Operations Manager management pack. Each is discussed in more detail in their own topic.
Events in a Windows event log.
Text log file that has a single line per entry. The log can be a simple text log where each line is considered a single entry or a delimited text log where a single character is used to separate different fields of data.
Events created by Windows Management Instrumentation (WMI).
Events from Unix systems and other devices that send syslog messages.
SNMP traps that are sent to an agent or SNMP probes that are periodic requests for information from a device.
Events that are detected through the execution of an UNIX/Linux command, script, or one-line sequence of multiple commands (using pipeline operators).