The Message Handler is a distributed component of Traverse which accepts syslogs, SNMP traps, Windows events or any other text messages and then searches for specified patterns in these messages. When a pattern match is found, the message string is transformed and a severity assigned to it, then it is forwarded to the DGE.
Various Data Sources for the Message Handler
The Message Handler is extensible, and new data sources can be added easily into this framework. By default, the Message Handler has built-in functionality for:
ism
parsing files
reading from TCP sockets
SNMP traps
Windows events
The processed messages from the Message Handler are displayed on the TraverseEvent Manager console and can trigger actions and notifications specified for that DGE or DGE extension.
Configuration Summary
The built in data sources use default settings installed with each DGE or DGE extension. These settings control the selection and transformation of messages collected by the DGE or DGE extension. Using the default settings is recommended for first time use.
The first four data sources are enabled as soon as the DGE or DGE extension is installed. No further configuration required. The Windows event data source requires an extra step to manually enable it after installing the DGE or DGE extension.
You can filter the messages displayed on the Event Manager console and used to trigger actions or notifications. By default all messages are displayed. Message filtering is set by DGE or DGE extension using Administration > Other > Event Management (SNMP Trap, Syslog, Windows EventLog) page.
