MELD_TYPE message classification

Document ID : KB000094862
Last Modified Date : 12/06/2018
Show Technical Document Details
Question:
We are trying to add UC4 table to SPLUNK. We used MELD table.
However CATEGORY and MELD_TYPE columns is difficult to interpret.
I need to know what do it means: CATEGORY = 20 MELD_TYPE = 30 I need to know all possible values and how to translate those numbers.
Answer:
In AE message system, we have 3 message contexts:
1. Message - Information Security - Monitoring: Successful
2. Message - Warning
3. Message Error Security - Monitoring: failed

You can query in the database the message in MELD with MELD_Type = 30, it relates to context 1:Message - Information and Security - Monitoring: Successful.
We can suggest one parameter for mapping is Message Number.
 
MELD_TYPE = 30 is for information messages
MELD_TYPE = 31 for warning messages
MELD_TYPE = 32 for error messages