Skip to main content
Skip table of contents

Common Event Manager

Using the Rule Builder Common Event Browser, you can view the complete list of more than 40,000 common events. Use the predefined common events wherever possible. You can use the Common Event Manager to add, delete, and maintain the many different types of common events, and the classifications in which they reside. Common Events have a Risk Rating attribute that helps the Platform Manager determine how to handle an event properly. Common Events are specific to Rule Building, which uses rules developed to identify and extract, or parse specific, useful information from log messages. If you need to create a new common event, use the following guidelines:

  • Common events should be generically named so that they can be re-used for a wide variety of devices. For example, if a common event is being created for a log message that describes a successful connection to an FTP server, the common event should be named so that the FTP server type is irrelevant.
    • Good Name: FTP Connection Succeeded
    • Bad Name: Gene6 FTP Connection Succeeded
  • Common event names should always have the first letter of each word capitalized to make viewing common events in analysis tools more consistent.
JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.