Home
  •  

Monitor Enterprise Random Password Manager and Management Pack's Non Informational Event

LiebermanSoftware.ERPMMP.RPMNonInformationEventRule (Rule)

Knowledge Base article:

Summary

Monitor Enterprise Random Password Manager and Management Pack's Non Informational Event.

Causes

Any time an non information event is logged in the application event log related to ERPM or its management pack, this alert will be generated.

Resolutions

Look at the alert context for detail information regarding whether / how to fix the problem.

Element properties:

TargetMicrosoft.Windows.Server.Computer
CategoryCustom
EnabledFalse
Alert GenerateTrue
Alert SeverityWarning
Alert PriorityNormal
RemotableTrue
Alert Message
ERPM Alert: Non Information

Event Number: {1}
EventLevel: {2}
EventSource: {3}
Event Description: {0}

Member Modules:

ID Module Type TypeId RunAs 
DS DataSource LiebermanSoftware.ERPMMP.EventDataSourceModuleType Default
Alert WriteAction System.Health.GenerateAlert Default

Source Code:

<Rule ID="LiebermanSoftware.ERPMMP.RPMNonInformationEventRule" Enabled="false" Target="Windows!Microsoft.Windows.Server.Computer" ConfirmDelivery="true" Remotable="true" Priority="Normal" DiscardLevel="100">

  <Category>Custom</Category>

  <DataSources>

    <DataSource ID="DS" TypeID="LiebermanSoftware.ERPMMP.EventDataSourceModuleType">

      <PublisherName>^Enterprise Random Password Manager.*</PublisherName>

      <EventLevel>4</EventLevel>

      <LogName>Application</LogName>

      <ComputerName>$Target/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>

      <EventLevelExpression>

        <SimpleExpression>

          <ValueExpression>

            <XPathQuery Type="Integer">EventLevel</XPathQuery>

          </ValueExpression>

          <Operator>NotEqual</Operator>

          <ValueExpression>

            <Value Type="Integer">4</Value>

          </ValueExpression>

        </SimpleExpression>

      </EventLevelExpression>

    </DataSource>

  </DataSources>

  <WriteActions>

    <WriteAction ID="Alert" TypeID="SystemHealth!System.Health.GenerateAlert">

      <Priority>1</Priority>

      <Severity>1</Severity>

      <AlertOwner/>

      <AlertMessageId>$MPElement[Name="LiebermanSoftware.ERPMMP.RPMNonInformationEventRule.AlertMessage"]$</AlertMessageId>

      <AlertParameters>

        <AlertParameter1>$Data/EventDescription$</AlertParameter1>

        <AlertParameter2>$Data/EventDisplayNumber$</AlertParameter2>

        <AlertParameter3>$Data/EventLevel$</AlertParameter3>

        <AlertParameter4>$Data/PublisherName$</AlertParameter4>

      </AlertParameters>

      <Suppression>

        <SuppressionValue>$Data/EventDisplayNumber$</SuppressionValue>

        <SuppressionValue>$Data/PublisherName$</SuppressionValue>

      </Suppression>

      <Custom1/>

      <Custom2/>

      <Custom3/>

      <Custom4/>

      <Custom5/>

      <Custom6/>

      <Custom7/>

      <Custom8/>

      <Custom9/>

      <Custom10/>

    </WriteAction>

  </WriteActions>

</Rule>