Security Logs service
This service monitors the SNMP traps and syslog messages that are transmitted to the monitoring probe. Appliances and applications that run on a computer, such as a server, can be configured to record events to the probe.
This service cannot use Self Healing.
During the monitoring process, this service listens for SNMP traps and log messages that are transmitted to the probe. The service then interprets these events and displays the appropriate status based on the regular expressions that you define. The service also supports wide characters.
You must configure the monitored device to send syslog messages to the IP address of the Windows probe. The IP address of the device that is registered in N-able N-central must be the same as the IP address that sends SNMP traps to the probes.
| Service Type | Syslog |
| Instances on a Device | 1 |
| Device Class | Server - Generic, Workstation - Generic, Other, Printer, Scanner/Camera, Switch/Router, and Server - Windows |
| Monitored By | Windows probe |
| Scan Interval | 5 minutes |
Status details
| Status Detail | Description |
|---|---|
| Regular Expressions (1 to 6) | The threshold values for the regular expressions that you specified on the Service Details tab. |
| The line count matched regex... | The number of lines in the log file that the keyword has been located and returned by the agent. This information appears for each regular expression on the status details screen for the service, any applicable reports, and any triggered notifications, except for numeric pages. |
| The first line matched | The first 250 characters of the first line in the log file containing the matching keyword returned by the agent. This information appears on the service's status details screen, any applicable reports, and any triggered notifications, except for numeric pages. |