Platform

    Get real-time insights and automation for comprehensive, seamless monitoring with agentless architecture.

    Platform Overview
  • Infrastructure
    monitoring
  • Cloud monitoring
  • Digital experience

      • Solutions

      Whether you work in MSP, Enterprise IT or somewhere in between, the solution is clear.

      Solutions Overview
    By Initiative
    By Industry

      About us

      Get to know LogicMonitor and our team.

      About us
    Get to know us
    Connect
    Services

      Documentation

      Read through our documentation, check out our latest release notes, or submit a ticket to our world-class customer service team.

      View Resources
    Support

    Product Documentation

    Testing EventSources

    Last updated on 16 July, 2020

    Overview

    Once you’ve configured an EventSource, you can perform test runs to ensure events are being filtered and captured as you intended. EventSource testing can be performed when you’re initially setting up the EventSource—or any time in the future as troubleshooting needs arise.

    Note: The EventSource testing feature requires Collector version 28.400 or a higher numbered version.

    Testing an EventSource

    Testing functionality is available by clicking the Test Event Logging button found in the Filters area of an EventSource’s configurations, as shown next.

    Testing functionality is available by clicking the Test Event Logging button found in the Filters area of an EventSource's configurations

    Note: The testing of Script EventSources works a bit differently than for other EventSource types. Script EventSources are tested from the Script Event Collector Attributes area of the EventSource and, due to the nature of how scripts operate, the format of test output is different as well.

    Depending upon the type of EventSource you are testing, you’ll be prompted for varying test parameters. For Log File EventSources, you’ll need to identify the device, log file path, and the number of lines to scan in the log file. For SNMP Trap and Syslog EventSources, you’ll listen for events as they occur in real time, specifying a sending device and the conditions under which the test will end. For Windows Event Logs, you’ll specify a device and date/time range for which the test should check the logs (up to a 10-minute time period).

    Depending upon the type of EventSource you are testing, you'll be prompted for varying test parameters

    Test Results

    The test results for Log File, SNMP Trap, Syslog, and Windows Event Log EventSources identify which events would—and would not—be captured based on the test parameters and filters defined for the EventSource.

    Test results identify which messages would and would not match based on EventSource filters

    The test results page displays up to three sections:

    • Matched message(s). In this section, messages meeting the test parameters and filters defined in the EventSource configurations will display.
    • Filter Statistics. In this section, all filter expressions that resulted in one or more messages being excluded from matching results are displayed, as well as the actual number of messages. Clicking the number of messages hyperlink will open a new window that displays the actual messages filtered (up to 50 per filter rule).
    • Unrecognized Message Statistics. Only returned for Syslog EventSources, this section identifies any messages that couldn’t be parsed and therefore couldn’t be classified as meeting or failing to meet filter criteria.
    In This Article