Table of Contents | ||||
---|---|---|---|---|
|
Introduction
The tags beginning with {2-level parser name
} dmp.commvault
identify events generated by {product type} belonging to {Company-site} Commvault.
Valid tags and data tables
The full tag must have {X} 4 levels. The first two are fixed as {2-level parser name
}dmp.commvault
. The third level identifies the type of events sent. The fourth level indicates the event subtype.
These are the valid tags and corresponding data tables that will receive the parsers' data:
Product / Service | Tags | Data tables |
---|
{Service name}
{tag name}
{data table name}
{tag name}
Commvault |
|
|
|
|
For more information, read more About Devo tags.
How is the data sent to Devo?
Logs generated by Commvault must be sent to the Devo platform via the Devo Relay to secure communication. See the required relay rules below:
Rule for events with "AuditTrail: message"
Source port - Any available port
Source data -
AuditTrail:
Target tag -
dmp.commvault.audit.event
Target message -
\\\\d0
Stop processing - ✓
Rule for events with "Alerts: message"
Source port - Any available port
Source data -
Alerts:
Target tag -
dmp.commvault.alert.event
Target message -
\\\\d0
Stop processing - ✓
Table structure
These are the fields displayed in this table:these tables:
dmp.commvault.audit.event
Field | Type | Field transformation | Source field name | Extra fields | ||
---|---|---|---|---|---|---|
eventdate |
|
|
| |||
machine |
|
|
| |||
OP_id |
|
|
| |||
audit_time |
|
|
| |||
severity_level |
|
|
| |||
comm_cell_name |
|
|
| |||
user_name |
|
|
| |||
operation |
|
|
| |||
details |
|
|
| |||
company_name |
|
|
| |||
utc_timestamp |
|
| utc_timestamp_str | |||
hostchain |
|
|
| ✓ | ||
tag |
|
|
| ✓ | ||
rawMessage |
|
|
| ✓ |
dmp.commvault.alert.event
Field | Type | Field transformation | Source field name | Extra fields | ||
---|---|---|---|---|---|---|
eventdate |
|
|
| |||
machine |
|
|
| |||
alerts_id |
|
|
| |||
alert_time |
|
|
| |||
alert_severity |
|
|
| |||
job_id |
|
| job_id_description job_id_main | |||
comm_cell_name |
|
|
| |||
alert_name |
|
| alert_name_description alert_name_main | |||
company_name |
|
|
| |||
utc_timestamp |
|
| utc_timestamp_str | |||
alert_description |
|
|
| |||
type |
|
|
| |||
detected_criteria |
|
|
| |||
detected_time |
|
|
| |||
comm_cell |
|
|
| |||
user |
|
|
| |||
property_alert_modifications |
|
|
| |||
client_group |
|
|
| |||
comments |
|
|
| |||
status |
|
|
| |||
client_str |
|
|
| |||
sub_client |
|
|
| |||
agent_type |
|
|
| |||
instance |
|
|
| |||
backup_level |
|
|
| |||
backup_set |
|
|
| |||
start_time |
|
|
| |||
scheduled_time |
|
|
| |||
end_time |
|
|
| |||
error_code |
|
|
| |||
failure_reason |
|
|
| |||
protected_counts |
|
|
| |||
failed_counts |
|
|
| |||
library_name |
|
|
| |||
media_agent_name |
|
|
| |||
media_space_left |
|
|
| |||
storage_policies_used |
|
|
| |||
copy_name |
|
|
| |||
copied_data_size |
|
|
| |||
pruned_jobs_count |
|
|
| |||
msg_tok_sep_values |
|
| msg_tok_sep | |||
hostchain |
|
|
| ✓ | ||
tag |
|
|
| ✓ | ||
rawMessage |
|
|
| ✓ |