Important Notice: Our web hosting provider recently started charging us for additional visits, which was unexpected. In response, we're seeking donations. Depending on the situation, we may explore different monetization options for our Community and Expert Contributors. It's crucial to provide more returns for their expertise and offer more Expert Validated Answers or AI Validated Answers. Learn more about our hosting issue here.

Why does my EventClassInstance not match an event?

event eventclassinstance
0
Posted

Why does my EventClassInstance not match an event?

0 CommentsAdd a Comment

1 Answer

0

When doing even mapping the eventClassKey must match the name of the EventClassInstance. Open the event (which I’m guessing has a class of /Unknown) and look at its eventClassKey. make the name of your EventClassInstance the same. If you need to be more specific then add the regex (i.e. there will be more than one mapping with the same name). If you want to process all events with a EventClassInstance name it defaultmapping and it will be run if no other EventClassInstance match. You can sequence mappings with the same name in the sequence tab of a mapping. The eventClassKey is often the name of a process (it’s what is called the tag of a syslog message).

0 CommentsAdd a Comment

Related Questions

What is your question?

*Sadly, we had to bring back ads too. Hopefully more targeted.

Experts123