Syslog Adapter configuration and script files describes the files that you need to use when configuring the Syslog Adapter. If you edit any of these files, you must use the sm_edit utility. The utility will save the local copies to the appropriate subdirectories under the BASEDIR/smarts/local directory. “The sm_edit utility” on page 43 provides more information.

Table 1. Syslog Adapter configuration and script files

Directory under BASEDIR/	Filename	User editable	Description
smarts/rules/icoi-syslog/	my_hook_syslog.asl	Yes	Basic template for processing a syslog file.
smarts/rules/icoi-syslog/	syslog_mgr.asl	Yes	Rule set for parsing each syslog message.

The Syslog Adapter creates events by parsing the contents of syslog files. You can use it to parse the contents of any text file with entries of the format:

month day time hostName applicationName [process_id]:text_message

If the format of your syslog file is different from the above format, you can edit my_hook_syslog.asl and syslog_mgr.asl to parse the entries accordingly.

The Syslog Adapter can parse the contents of a file and it can tail a file. When the Syslog Adapter tails a file, it skips the existing content and uses only content added to the file while the adapter is running.

The Adapter Platform includes a basic template for processing a syslog file. This file is BASEDIR/smarts/rules/icoi-syslog/my_hook_syslog.asl.

After ensuring that the Adapter Platform Server and the Global Manager are up and running, complete the following procedures to configure the Syslog Adapter:

1. Check the location of the Syslog file to be sure it is appropriately placed for your operating system.

2. Change the parameters in the local copy of my_hook_syslog.asl to match your needs.

3. Start the Syslog Adapter.