Example: Creating a Monitoring Policy to Track 'SU' Command Usage on UNIX Systems

This sample covers creating a monitoring policy to track the usage of the 'su' command and to receive email notifications when the command is used.

Procedure

  1. From the CommCell Browser, expand Policies.
  2. Right-click Monitoring Policies and then click New Monitoring Policy.

    Follow the instructions in the New Monitoring Policy wizard.

  3. On the Please select the type of monitoring policies you would like to create page, select SysLogs.
  4. On the Please specify criteria page, select Specify criteria and then click Add.

    In the Create Criteria dialog box, specify the filtering attributes for the policy:

    1. For the Description filtering attribute, select the contains operator and type su.
    2. To set the specified criteria as a major event, under User Assigned Severity, select Warning.
    3. Click OK.
  5. On the Alert Details page, click Add to set up an email alert using the monitoring criteria as the alert trigger.