From Sentinel Main, click Collection > Event Sources.
Select the desired criteria to filter event sources.
You can use one or more of the following options to filter the event sources:
To filter the event sources by name, type a name value in the filter text box, then click Filter.
Matching is case insensitive. The name value can contain wildcard characters. Use * to match zero or more characters and use ? to match one character. If no wildcard characters are specified in the name value, it is assumed that the name value is intended to mean contains <name value>, or *<name value>*.
For example, an event source value of abc is interpreted as *abc*. Some examples of common filter types are:
If the event source name starts with abc, enter the filter value as abc*.
If the event source name ends with abc, enter the filter value as *abc.
If the event source name contains abc, enter the filter value as abc or *abc*.
The Event Source table displays the list of event sources whose names match the value entered in the filter input box.
To view the event sources based on the health status, select the Healthy, Warning, Error, or Offline check boxes.
The Event Source table displays the list of event sources with the selected health states.
If none of the health states are selected, health state filtering is not performed. It is essentially equivalent to selecting all four health states.
In the Event Source section, click the Next, Previous, First, and Last arrow links to scroll through all the event sources. The event source section displays 30 Event Sources per page.
To view the event search result for an event source, select the event source from the list and click the Search link.
A search is performed using the universally unique identifier (UUID) of the event source (for example, rv24:"2CBFB8A0-F24B-102C-A498-000C").
If multiple event sources are selected for search, the rv24:<UUID> expressions are combined with the OR operator in the search filter expression.
To display the event sources connected to particular Collector Managers, select one or more Collector Managers from the Collector Managers section.
If none of the Collector Managers are selected, event source filtering is not performed based on the Collector Managers. This is not the same as selecting all Collector Managers, because it also includes event sources that are not connected to any Collector Manager.
To select or deselect Event Source Servers, select the check boxes next to the Event Source Servers.
To display only event sources connected to particular Event Source Servers, select one or more Event Source servers from the Event Source Servers section.
If none of the Event Source Servers are selected, event source filtering is not performed based on the Event Source servers. This is not the same as selecting all Event Source Servers, because it also includes event sources that are not connected to any Event Source Server.
To select or deselect Event Source Servers, select the check boxes next to the Event Source Servers.
To display only those event sources connected to particular Collector plug-ins, select one or more Collector plug-ins from the Collectors Plug-ins section.
If none of the Collector plug-ins are selected, event source filtering is not performed based on the Collector plug-in. It is essentially equivalent to selecting all of the Collector plug-ins.
From Sentinel Main, click Collection > Event Sources.
To change the data logging status for one or more event sources, select the event sources from the list.
Click the Configure button in the table, then select edit option for the Store raw data.
Yes: If Yes is selected, the selected event sources forward events received to the Collectors they are connected to.
No: If No is selected, the selected event sources drop all the events received. Messages are not sent to the Collectors the selected event sources are connected to.
If you select a large number of event sources to change, it might take some time to complete. The Event Sources list does not show the store raw data state (Yes or No) until after the changes are complete and the display is refreshed from the database.
From Sentinel Main, click Collection > Event Sources.
Select the event sources from the list, then click the Configure button in the toolbar.
Select the Collector Plug-in option.
The Set Collector Plug-in window is displayed with the Collector Plug-in Name and Supported Devices information.
Select a new Collector plug-in, then click Set.
The event sources are connected to the selected Collector plug-in.
If you select a large number of event sources to change, it might take some time to complete. The Event Sources list does not show the new Collector plug-in until after the changes are complete and the display is refreshed from the database.