Log events

As an administrator, use events to alert yourself about an issue before your users notice it. Alerts are generated in the form of events in BMC Helix Operations Management. Use the alert events to proactively identify problems, resolve problems before the users are adversely affected, and ensure continuous availability for the users. 

Related topics

Monitoring and managing events

Log events are generated in BMC Helix Operations Management when the conditions that you configure in alert policies are satisfied.

Example: Generated events for a static event policy

Let's consider the following examples to understand how many events are generated for an alert policy for static thresholds. For an alert policy to detect anomalies, one event is generated. For one minute, no change is made to the event whether or not more anomalies are reported for the alert policy. However, after a minute is over and an anomaly is identified for the same alert policy, the Repeated count value of the same event is updated. This value is updated only one time in a minute.

To view log events

  1. In BMC Helix Log Analytics, click Alerts.

  2. Click Events.
    The Events page in BMC Helix Operations Management is displayed. The class of these events is Log Event. Filter the events by the Log Event class to view events generated by using alert policies. For more information about events, see Monitoring and managing events.

    Important

    You can view events only if the user group that you belong to has access to the device that generates log data. As an administrator, use BMC Helix Operations Management to grant access for the user group to the device. For more information, see Setting up access control and Configuring authorization profiles.

    To view these events in BMC Helix Dashboards, navigate to Dashboards > Manage Dashboards > Log Analytics, and click the Self Monitoring dashboard.

After an alert policy is executed, events are generated in BMC Helix Operations Management based on the selection criteria and user groups in the policy.


Analyzing logs by using log events

When you configure alert policies and the condition configured in a policy is satisfied in the logs, events are generated in BMC Helix Operations Management. The class of these events is Log Event. To continuously track such events, use the Self monitoring dashboard available in the Log Analytics folder in BMC Helix Dashboards. In the  Search Parameters   field of the event under  Others, there is the link to launch BMC Helix Log Analytics. When you click this link, it opens the Explorer in BMC Helix Log Analytics to show associated logs. These logs are filtered based on the criteria mentioned in Policy Selection Criteria and the fields selected in the Group by field of the alert policy. If the host name is present as a configuration item (CI) for a service in BMC Helix AIOps , you can monitor the generated events in BMC Helix AIOps. For a CI of a service or the host name, these events are correlated in BMC Helix AIOps.

AIOpsEntities.png


Automatically closing log events

The generated events are not closed automatically. Use event policies in BMC Helix Operations Management to close alert events automatically. For example, create an event policy with time-based configurations to close the events that have not been modified in the last two hours. For more information, see Closing events automatically.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*