New Rules can be added to the existing list wih the following steps.

• Click the New Rule link under the required category. Entry to all the fields except Rule Name are optional. Event ID is a required field to identify the Event but can be left empty in few exceptional cases, such as when you want to monitor all the Events that are of the Event Type, say, Error or Information. Here the filter will be based on the Event Type.

• Type a unique Rule Name.

• Enter the Event ID to be monitored. This is the unique identifier for the Event Logs.

• Enter the Event Source. This is the software name that logs the event.

• Enter the Event Category. Each Event Source defines its own category such as data write error, date read error and so on and will fall under one of these categories.

• Type the User Name to be filtered. Each Event Log is based on the user who had logged-on when the Event occurred.

• Choose the Event Types to filter the Event Logs. This will typically be one among Error, Warning, Information, Security Audit Success and Security Audit Failure.

• Enter the string to be compared with the log message. This will filter the Events that contain this string in the log message.

• Choose a Severity for the alarm to be generated in OpManager for this event.

• Click Add Rule to create the new Event Log Rule.