Adding or editing event receivers

This topic provides instructions on adding and editing event receivers.

To learn about event receivers, see Managing-event-receivers.

On the Admin > Network Admin > Event Receivers page, do the following:

  1. Click Add in the menu to add a new event receiver, or select the Edit action to modify an existing event receiver.
    The Add Event Receiver page or Edit Event Receiver page is displayed.

  2. Enter or modify information in the following fields:

    Field

    Description

    Host Name/IP Address

    Specify the host name or IP address of the server that you want to add as an event receiver

    Annotation

    (Optional) Describe the purpose of event receiver.

    Enabled

    (Optional) Select this option to enable the event receiver. By default the event receiver is enabled.

    Severity

    (Optional) Select one or more severity levels of which you want to forward the events to the event receiver.
    By default, the events with all severity levels except Info are forwarded.

    Category

    (Optional) Select the category of the events that you want to forward to the event receiver. By default, events with all categories are forwarded.

    Protocol

    Select the protocol using which you want to forward events to the event receiver.
    Valid values are: TLS (default) and UDP.

    Port

    Select the port number on which the event receiver should receive the events.
    Default is 6514 (TLS) and 514 (UDP).

    Syslog Message Format

    Select the message format in which you want to forward events to the event receiver.
    Valid values are: RFC 5424 (default) and ArcSight Common Event Format.

    Syslog Header Host Name

    (Optional) Specify the IP address or host name of the TrueSight Network Automation application server to use in the HEADER part of the syslog message. 

    Timeout (required only for TLS protocol)

    Specify the time period (in minutes) after which the Network Automation application server stops making attempts to connect to the event receiver. Default is 2 mins.
    Note: If you enter a timeout of 0 or a higher value than specified by the operating system, the connection is timed out according to timeout limit specified by the operating system. If you enter a value which is less than the value specified by the operating system, connection is timed out according to the value you enter.

  3. Click Save.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*