I have created a Syslog Alarm that I receive via email, but I’m not receiving any information that tells me which device the alarm came from. I have enabled every keyword. Here is what I currently have configured for the Action Override:
$alarmName The name of the alarm.
$alarmSource The component (such as a device) that raised the alarm.
$alarmSourceName
$alarmSubcomponent The subcomponent (such as an interface) that raised the alarm.
$severity The alarm severity.
$type The value returned is always "Alarm".
$trigger Indicates whether the trigger was a trap or event.
$server The NetSight server IP address.
$time The date and time when the event or trap occurred.
$message The event message.
$eventType The event type (event or trap).
$eventSeverity The event severity.
$eventCategory The event category.
$eventTitle The event message.
$deviceIP The IP address of the device that is the source of the alarm.
$deviceIpCtx The device IP and Context.
$deviceNickName The device nickname.
$deviceBootProm The BootProm version on the device.
$deviceFirmware The firmware version on the device.
$deviceStatus The device status.
$snmp The device SNMP credentials
$sysName The system name.
$sysLocation The system location.
$sysContact The system contact.
$sysDescr The system description
$sysUpTime The system uptime.
$chassisId The chassis ID.
$chassisType The chassis type.
$trapName The trap name.
$trapEnterprise The Enterprise for this trap (Extreme, snmpTraps, rmonEventsV2, dot1dBridge) as defined in the trapd.conf file.
$trapOid The trap OID.
The ones that are working are:
$alarmName The name of the alarm.
$alarmSource The component (such as a device) that raised the alarm.
$type The value returned is always "Alarm".
$trigger Indicates whether the trigger was a trap or event.
$server The NetSight server IP address.
$time The date and time when the event or trap occurred.
$eventType The event type (event or trap).
$eventSeverity The event severity.
