Specifications

ManualsBrandsCabletron Systems ManualsComputer equipmentETWMIM

191

192

193

194

195

196

197

198

199

200

Console 1.x Pattern − Parses files generated by Console 1.x•

Console 2.0 Pattern − Parses files generated by Console, and its current plugins.•

Fields

This table lists the field types that identify the column in which a particular element of parsed

information should be placed. Selecting a field type full pattern is enclosed within angle brackets (< ,

>) to signify beginning and end. A newline (\n) is assumed at the end in this case, but could be made

required. Words within percentage symbols represent the column in which a piece of parsed

information should be put. The percentage symbol words used here are listed as follows:

%pri% = Priority string•

%pdate% − Parsed Date − Console is capable of interpreting several date formats. Use this

field with %ptime% for most standard date/time formats. If this does not present the date

correctly, use the following fields to parse the individual elements in the date.

•

%date% − parses date elements and places the parsed information into the Date/Time column.•

%month%, %day%, %year% − separately parsed date elements. The parsed results are placed

in the Date/Time column.

•

%ptime% − Parsed Time − Console is capable of interpreting several time formats. Use this

field with %pdate% for most standard date/time formats. If this does not present the time

correctly, use separate fields to parse the individual elements in the time.

•

%time% − parses the time elements and places the parsed information into the Date/Time

column.

•

%hour%, %min%, %sec%, %ampm% − separately parsed time elements. The parsed results

are placed in the Date/Time column.

•

%cat% − Category provides a means for sorting events (e.g., Poller, Application, Error)•

%sev% − Severity•

%user% − Username associated with the event.•

%ip% − Host IP Address associated with the event.•

%type% − Type (Event or Trap)•

%event% − a more specific keyword/phrase (i.e. “Contact Lost”, “Contact Established”)•

%info% − The information string.•

%discard% − information that is not used. This is information that is skipped over to parse the

next piece.

•

Delimiters

This table lists the characters that are used in the selected file to separate information types. The list

contains two types of whitespace delimiters (\w for whitespace and \t for tab). Use the \t when a single

tab separates elements in the sample line. Whitespace can be used when the separator in the sample

line is a tab, a series of tabs or series of spaces. Reserved characters must be preceded by a backslash

(\)., The following delimiters are available:

\r − return•

\t − tab•

\n − new line•

\w − whitespace•

, − comma•

. − period•

: = colon•

; − semicolon•

− − dash•

Pattern

Automated Security Manager Help

Custom Pattern Configuration Window 187