Rule instances are created from rules. You can create one or more instances of a rule. Just as with Creating Rules, the Creating Rule Instances functionality is not available to users. It is only available for System Administrators (Superusers). A few examples are discussed below.
To create an instance of a rule
1. Click the Add Instance button of the rule from the list as shown below.
The web page uses the diagram from the rule and provides options for adding the required fields as shown below.
Note: The N/T ( N times in T period seconds ) specifications apply to instances too.
2. Double click the EMAIL node and in the field enter the appropriate email address.
3. Double click the unix_auth_failed_login node and select the suitable server group or groups from the drop-down list.
4. Click . The rule is created.
Example 2 - To create an instance for a failed login rule to apply to a syslog server and to send email to admin@syslog.com
1. Follow the steps outlined in the previous section so that you may get an instance as follows.
Example 3 - To create instance to apply to an SNMP server and send email to admin@snmp.com
Follow the steps outlined earlier to get the following instance workflow
Note: Alert notifications can be syslog, email or snmp.
To delete an instance of a rule
1. Select the instance of the rule.
2. Click . The instance delete confirmation dialog is displayed.
3. Click Yes.
Caution: Exercise this function with care. The process cannot be undone. All data is deleted.