Work with Event Descriptions panel

The Work with Event Descriptions panel allows you to define and work with Event Descriptions.

An Event Description is a specification that defines how to identify the IBM i events in which you are interested.

How to Get There

Enter 9=Event Descriptions for an entry in the Work with Event Sources panel.

Field Descriptions

Event Source

The name you use to refer to this Event Source within Powertech SIEM Agent. It does not need to match the name of any object on the system; it is a name you invent for your reference.

This name is required to be a valid OS name.

Position to Name

Type a value here to position the list to the first Event Description whose name begins with the characters you typed.

Opt

Enter a valid option from the list of options provided on the list panel.

2=Change
Opens the Change Event Description panel, where you can modify the properties of an existing Event Description.
3=Copy
Opens the Copy Event Description panel, where you can create a new Event Description by copying the properties and content of an existing Event Description.
4=Delete
Deletes the event.
5=Display
Opens the Display Event Description panel, where you can display the Event Description properties.
6=Toggle Active
Opens the status of the event from active (1) to inactive (0), or vice versa.
7=Fields
Opens the Work with Fields panel, where you can manage Event Description fields.
8=Subtypes
Opens the Work with Event Subtypes panel, which allows you to define and work with Event Subtypes for a particular Event Description.
9=Rules
Active

Indicates whether the Event Description is available for processing. When an Event Description is not active, the event it identifies will not be processed.

Name

The name you use to refer to this Event Description within Powertech SIEM Agent. For events that originate in a journal, this name must be comprised of the Journal Code and Entry Type of the journal entry. For message queue events, this name must be a message ID.

Description

A short description you assign to the Event Description.

Command Keys

F3=Exit

Exit the program.

F5=Refresh

Discards changes and remains on this panel.

F6=Create

Creates a new item.

F11=View

Toggles the panel between different views.

F12=Cancel

Discards changes and returns to the prior panel.