Platform

    Get real-time insights and automation for comprehensive, seamless monitoring with agentless architecture.

    Platform Overview
  • Infrastructure
    monitoring
  • Cloud monitoring
  • Digital experience
  • AIOPS

      • Solutions

      Whether you work in MSP, Enterprise IT or somewhere in between, the solution is clear.

      Solutions Overview
    By Initiative
    By Industry

      About us

      Get to know LogicMonitor and our team.

      About us
    Get to know us
    Connect
    Services

      Documentation

      Read through our documentation, check out our latest release notes, or submit a ticket to our world-class customer service team.

      View Resources
    Support

    Product Documentation

    EventSource Testing

    Last updated on 31 May, 2023

    After configuring an EventSource, you can run tests to ensure events are filtered and captured as you intended. After configuring an EventSource, you can perform test runs to ensure events are being filtered and captured as you intended.

    The test results for Log File, SNMP Trap, Syslog, and Windows Event Logging collection methods identify which events are and are not captured based on the test parameters and filters defined for the EventSource.

    The test results page can display the following information:

    InformationDescription
    Matched message(s)Messages meeting the test parameters and filters are defined in the EventSource configuration will display.
    Filter StatisticsAll filter expressions that resulted in one or more messages being excluded from matching results are displayed, as well as the actual number of messages. The number of messages hyperlink displays the number of messages filtered (up to 50 per filter).
    Unrecognized Message StatisticsThis section is only returned for Syslog EventSources and identifies any messages that could not be parsed and could not be classified as meeting or failing to meet filter criteria.

    Note: Script Events are tested from the Collector Attributes settings of the EventSource and have a different test output format.

    Requirements for Testing an EventSource

    EventSource testing requires collector version 28.400 or later.

    Testing an EventSource

    1. Navigate to Modules > My module Toolbox, and select the EventSource you want to test.
    2. Select the Edit icon.
    3. On the Filters tab, select Test Event Logging.
    4. Depending on the EventSource collection method, do the following:
      • Log Files:
        1. In the Search Resources field, enter the resource.
        2. From the Logfile Path dropdown, select the path you want to test.
        3. In the Read last lines field, enter the number of lines to scan in the log file.
      • SNMP Trap and Syslog:
        1. In the Search Resources field, enter the resource.
        2. From the Test will timeout after dropdown, select a time for the test to timeout at.
        3. From the Stop test after matching messages dropdown, select a number of matching messages for the alert to stop at.
      • Windows Event Logging:
        1. In the Search Resources field, enter the resource.
        2. In the Start Time field, select a date and time for the event.
        3. In the Range dropdown, select a time range.
    5. Select Run Test.
    In This Article