Hello - We have ZfS v7 sp1 installed on an OES sp3 box that is
dedicated to this purpose. At the moment, we only have the MMS
components installed and are monitoring 17 W2K3 servers (with the
monitoring agent installed), and 4 Solaris 8 boxes (no agents and no
SNMP fwd'ing, ping only).

What I've been trying to do is filter the traps that come through from
the windows boxes to only those the customer is interested in. The
filters defined below are working pretty well to that end, with the
following exception: The customer has RSA services installed on each of
the domain controllers and the ACE client keeps writing [hundreds of]
security messages to the application event log (as errors, not
warnings) and these keep showing up in C1 in their hundreds. There
are only the two application errors that I want to filter out: event
ids 10022 & 10304. I have tried inserting an additional filter
:Filter5.EventID=!(10022,10304) - but this has no filtering effect on
the traps. Do you have any suggestions, please?

NTTRAP.INI**************************************** *************************
[Available Filters]

Filter1.TrapType=system
Filter1.EventType=1

Filter2.TrapType=application
Filter2.EventType=1

Filter3.TrapType=security
Filter3.EventType=1

Filter4.EventID=(2,... [truncated] ...,5789)


[Actual Filters]
1=Filter1
2=Filter2
3=Filter3
4=Filter4
************************************************** ***************
SITE MGMT SERVER Properties\Rules\Conditions\Alarms:
Severity = Critical or Major
Or if the Alarm state = Non-Operational
************************************************** ***************

Thanks in advance,
Bronwyn.