Im in the process of making GFI redundant in our network through implimenting LANDesk operating system log monitoring.
I was curious if anyone has managed to do this successfully, we are currently using 8.8 and i have not been able to find any documentation or general talk of using LD for this.
At the moment i have setup 35 alerts based on the EvenID codes we are currently looking for with GFI - 531, 532 etc each as a seperate event. Completed basic Name / Desc / Polling Int @ std 10 minutes, in the OS log portion i have checked both warning and critical security check boxes and set the 'match substring' to the code i am looking for.
Added all the events, selected an email notification action and time as always.
I have successfully had service monitors working as a test with citrix IMA services and receive emails using the same action so i know its not an email config issue, the report log itself is not showing any hits for the alerts i have set.
So far i have not been able to trigger an event based on this ruleset, im not sure what i could be missing here, but the lack of doco is proving difficult, has anyone had success with this?
Any help would be greatly appreciated, Cheers - Ben