Set the Enable_SouthboundGateway attribute 0x116296e on the Host_systemEDGE model to No.
Edit the $SPECROOT/SS/CsVendor/Ctron_Gen_HOST/Host_systemEDGE/EventDisp file and change the entry for 0x116002f to the following:
0x0116002f E 50 A 3, 0x0116002f
Update the SpectroSERVER cache. Now, when SPECTRUM receives a logMonMatchtrap from this Host_systemEDGE model, a CRITICAL alarm will be asserted with the following similar event:
Jul 23, 2009 3:15:15 PM EDT
Device ackjo04-8 of type Host_systemEDGE reported that a LogMonitorMatch event has occurred.
Matched Text: Jun 8 14:48:00 VoiceLab_Server_Switch 1389704: Jun 08 13:27:51.245 UTC : %TEST-0-test: This is another test
Monitored File: C:/test/test.txt
How to disable the South Bound Gateway alert forwarding on a Host_systemEDGE model for the Log File Monitor trap
When using the Host_systemEDGE model for Log File Monitoring, by default, SPECTRUM will try to parse the matched log file for a hostname or ip address to forward to a model in the SPECTRUM database. If SPECTRUM is unable to parse a Hostname or ip address from the log file, SPECTRUM will generate an event to that fact and not generate an alarm.
Sometimes, logs being monitored do not conform to the requirements to parse a Hostname or ip address from the syslog header but the user still wants an alarm to be generated should there be a match.
(Legacy KB ID CNC TS32365 )