6.5. Alerts and Logs

6.5.1. Alert History

The alert history provides a detailed account of all alerts and alarms on the recorder. This screen is primarily used for diagnostic purposes. Alerts that are currently active alarm conditions will appear in bold on this page. For a detailed description of alerts see Alert Codes.

The fields displayed for each Alert in the history are:

Time: The Date and Time the Alert or Alarm occurred. This information is displayed using your time zone information as configured currently.

Alert Code: Every alert occurrence has an Alert Code which can be cross referenced with the information on the Alert Codes page

Alert Text: This is the corresponding text for the alert code with the specifics about the alert occurrence substituted in for the place holders in the Alert Code’s text

Severity: The relative severity for this alert code as configured on the alert codes Page. Note that for alarms and other active alerts, you will see a separate entry in the alert history for when the alarm was resolved.

6.5.2. Active Alarms

An Alert on a NexLog system can either be an event or a state. Alerts that represent a state are also referred to as ‘Active Alerts’ or ‘Alarms’. All alarms on a NexLog system are also alerts, but an alert is not necessarily an alert. For example, Alert Code #8 “Recorder Startup” is an informational alert informing of an event, but is not an Alarm. Alert Code #6001 “RAID is degraded” is an alarm, since when the event it is informing of will remain in effect until resolution (by replacing a drive). Some alerts which are not alarms will raise an alarm if the alert occurs more frequently than a preset threshold, or will show up as an Alarm for a few minutes after occurring, but then revert automatically to a non-alarm alert.

The Active Alarms page allows you to view the Alarms that have triggered on the system but have not yet been resolved. Therefore, these alarm states are actively in progress and awaiting resolution. Some alarm states will resolve on their own, for example, an alarm complaining that the networking cable has been disconnected, will be resolved automatically once the recorder detects that a network cable has been reattached. Other alarms, such as the degraded RAID alarm, may require user intervention to resolve.

If there are any currently active alarms to show, you will see a table with one row per alarm. The columns are as follows:

Time: The date and time the alarm triggered and became active

AlertCode: The Alarm code for the alarm (See Alerts and Logs: Alert Codes)

AlarmText: The user friendly description of what the alarm represents

Times: If the same alarm triggers multiple time, they can be ‘compressed’ down to a single alarm entry. In that case the “Times” field displays how many occurrences this single entry represents.

Acknowledge: The word ‘Yes’ if the Alarm has been acknowledged, otherwise a button containing the text ‘Ack Now’ which will acknowledge the alarm

It is impossible to resolve an alarm from the Active Alarms Setup page. For an alarm to be resolved, the underlying cause must be fixed. Some alarms will automatically resolve, while others will require user intervention, such as replacing a disk drive. However, while an alarm cannot be resolved through Setup, it can be ‘Acknowledged’. When an Alarm is acknowledged it remains active and in effect, but the recorder understands that the user is aware of the issue and makes less effort to draw the user’s attention to the problem. Mainly, acknowledging an active alarm will prevent the alarm condition from causing the Front Panel’s alarm indicator to blink red. It will also silence audio alarms associated with the alarm. In addition, the “Show Acknowledged Alarms’ checkbox on this Configuration Tool page allows the user to determine whether or not acknowledged alarms should be displayed.

The final checkbox on this page is “Automatically Refresh Page” If checked, the alarms page will automatically refresh itself with the up to date status from the recorder approximately once per minute. This saves having to constantly refresh the page manually to see if any new alarms have arisen.

6.5.3. Alert Codes

Every unique alert and alarm the NexLog system can generate has an alert code. The Alert Codes Setup page allows the user to view all of the possible Alert Codes and set options for each one, such as whether or not the alert should generate an email when it occurs. The alert codes Setup page will display a table showing one available alert code on each row. At the bottom of the page are buttons for “Next Page” “Previous Page” and “Edit Alert”. The Next and Previous buttons allow the user to navigate through all the available pages of alert codes as there are too many to fit on a single page. To edit the settings for an alert, first highlight the alert code by clicking on it and then click the ‘Edit Alert’ button.

Each alert code will display the code number for the alert, followed by its textual description. In the description you will see placeholders that look like <~1~>. These are filled in with the details of a specific alert occurrence when the alert triggers and gets inserted into the alert history table. Finally, the severity is an indication of how serious of an error the alert represents. These range from ‘INFO’ meaning it’s simply an informative alert, to ‘SEVERE’ meaning that the alert condition should be addressed immediately. Each alert code is preconfigured with a reasonable severity for each alert code, but you can use the ‘Edit Alert’ button to alter the severity of any given alert to better suit your recording application.

The ‘Edit Alert’ button will load the ‘Edit Alert Code’ Page. Here you can view and modify the settings for the selected alert code. First, the Alert Code and Display Text are read-only fields showing what alert you are currently editing. If the alert is an “Active Alert” or Alarm, there will also be a “Resolved Text” field which is a user visible description of what happens when the alarm is resolved. This is also read only. After this is an Alert Severity Radio button set which allows for altering the severity of alert code. This determines the coloration of the alert in as displayed on the front panel as well as the behavior of certain features such as GPIO output on alerts which are configured elsewhere.

Repeat Warning Every X Seconds: If enabled, repeats the email notification every X seconds. (This is only in MediaWorks DX™ where alerts pop up as a dialog box)

Alert Actions: These three checkboxes determine what action the recorder takes when an alert becomes active

Audio Alarm: Plays an audible alarm from the Front Panel speaker. Option is only available for alarms.

Send Email: If this box is checked, and email is configured as per Alerts and Logs: Email, an email will be sent out anytime an alert with this alert code triggers.

6.5.4. GPIO

The following uses can be made of a GPIO board:

  • The start and stop of recording on a channel can be triggered by a GPIO board input signal. (For more information, see Recording Interfaces.) The logic of GPIO-triggered recording can be customized using the custom script feature.

  • A recorder alert can trigger a GPIO output signal. Alerts of severity 3 or 4 (Error or Severe) will by default trigger a signal on the first output pair of the board. Further customization is possible via a custom integration script available from Eventide.

Note

The optional GPIO board feature requires an add-on license key from Eventide.

To configure an alarm output, go to the NexLog Configuration Manager: Alerts and Logs menu, and select GPIO. For each GPIO board in the system there will be an entry on the page with a description of the board, like “Contec PCI-E (DIO-48D-PE),” the number of the physical slot the board in installed in, and the pin count for each board.

Click on the Edit Board button for the board you want to configure. For each Pin Block (1-A Port [1-8], 1-B [9-15], 1-C Port (Low)[16-19], etc) you can select the I/O mode to either be Input or Output.

For each input pins, you can configure channels that should record when the pin is active. This can be a single channel, or a comma-delimited list of channels. One limitation: channels can only be controlled by one pin, so you cannot set pin 1 to control 1,2,3 and pin 2 to control 2, because 2 is already configured for pin 1. When configuring a pin for input, the channels configured’s GPIO pin field on the Recording Interfaces page is set, but the detect type still needs to be manually changed to GPIO.

You can configure pins to trigger an output when an alert of a certain severity or above is triggered. The alert severities in escalating order are Info, Warning, Error, and Severe. If configured to alert on Warning or above, the pin will be off if an info alert happens but on for any other kind of alert. You can also configure a relay closure only for unacknowledged alarms of those types.

The relay can also be activated by the recorder just being powered on, it will remain active while the recorder is on and turn off when shutdown. If you want a specific alert code to trigger the output go to the Alert Codes page and find the code you want. For example, alert code 6001 is for a degraded RAID. Enter 6001 in the Alarm Code entry field and click Add.

Multiple rules can be configured for each output, and using boolean logic, these rules are OR’ed together. For example, you may configure Minimum Alert Severity to be SEVERE, and Minimum Unacknoledged Alert Severity to WARNING. In this case, an alert of type ERROR will trigger the pin, but acknowledging it will turn off the pin, but an alert of SEVERITY will cause the pin to trigger until the alert is resolved. The only rule that cannot be combined with other rules is On Power. The pin is always active while the recorder is on if On Power is set, so it does not make sense to use with other rules, as it will never turn off.

6.5.5. Logging

In addition to the Alert History Your Eventide NexLog recorder maintains some internal logs which are only useful to Eventide Technicians. For Service reasons, an Eventide Technician may request the logs from your recorder. This page provides two buttons.

The first button ‘Enable/Disable Verbose Logging’ turns on and off verbose logging. When verbose logging is enabled the size of the rolling log file is increased and certain log events that are not otherwise logged become logged. It is important to only run your recorder with Verbose Logging enabled at the request of Eventide or your Eventide Dealer’s Service personnel and to disable it when the recorder is in normal operation, as some of the verbose logging may interfere with normal behavior on busy systems.

The ‘Export’ logs button will zip up the log files on the recorder and allow you to download them to your computer to be sent to Eventide or Dealer personnel. If running from the Front Panel rather than a web browser, then this option will give you the option of writing the logs to a plugged in USB Keychain drive or other archive medium rather than downloading.

6.5.6. Email

The recorder can be configured to send email when specific alerts occur, for Quality Factor evaluations, and for Enhanced Reports.

First click the ‘Enabled’ check box on this page. Then you must configure the parameters for the SMTP server you wish the recorder to use in order to send the emails.

Setting these parameters is very similar to the normal email setup procedure on a PC, e.g., the Accounts settings in Microsoft Outlook or Outlook Express. You will need the same information for these settings as you would for normal email, and can obtain them from your network administrator (or possibly by looking at your PC email settings).

All entries requiring IP addresses can either use fully qualified domain names (FQDN) or numerical addresses. Using a FQDN (e.g., <host.domain.com>) is recommended since IP addresses frequently change. The recorder does not have to be restarted for the email settings to take effect.

From Address: What the email alerts’ ‘From’ field should read: e.g. recorder@yourdomain.com

ReplyTo address: Where the email alert should request replies be sent to e.g. support@yourdomain.com

Send Error To Address: Optional address to send email to if sending to user fails.

SMTP Host: The IP address of the SMTP server to send the email to

SMTP Login: The username the recorder should use to log in to the SMTP server

SMTP Password: The password the recorder should use to log in to the SMTP server

SMTP Localhost Name: Optional local network hostname of the SMTP server

SMTP Port: The port number the email should be sent to on the SMTP server’s IP address. 25 is standard for SMTP traffic. SMTPS traffic over SSL uses a standard port of 465. SMTP over TLS uses a standard port of 587.

Finally, the “Force TLS” checkbox should be checked if your SMTP server is configured to only allow emails to be received using TLS.

To define the email recipient for any alert or alarm, a valid email address must be configured in the user’s profile. All users with the “Admin” permission will receive these email notifications. If a user does not have the “Admin” permission but should receive email notifications, the “Enable alarm notifications via email” setting should be enable from the permissions tab of the user’s settings page.

A test email can be sent from the “Email Settings” page to verify that recipients have been properly configured. All recipients will be visible in the “To” line of the received email.

6.5.7. Audit History

Your NexLog recorder stores an audit history of important events which have occurred on the system for security auditing. Auditing is on by default and the option to turn it off is under System Security in the Users and Security section.

The Audit history can be viewed from the ‘Audit History’ page. There are two views available: Tree (Sessions) and Table (Operations). The Tree view groups audited actions into sessions by user and the Table view is a list of all operations that have been audited. In either view, entries can be clicked to see more detail.

In Table view, each row in the table represents one auditable event, and auditable events are displayed in descending order by time, with most recent first. If more than one web page is required to display all the audit history events, you will find an “Older Entries’ and “Newer Entries” buttons at the bottom of the page for navigation purposes.

Each audit history entry shows the following information:

Time: The Date and Time the audited event occurred are displayed using the currently configured time zone information for the recorder

User: The User Account which performed or attempted to perform the audited action

Success: If the action was successful, it is in black text. If it failed, it is in red.

Description: A human readable description of what happened.

Action: This describes the action that was performed. Valid action types include:

  • USER-LOGIN: The user account logged into the system. The description will also specify what client software was used (e.g. MediaWorks DX™, Soap Client, etc.)

  • USER-LOGOUT: The user account logged out of the system

  • SHUTDOWN: A request was made to shut down the recorder

  • REBOOT: A request was made to reboot the recorder

  • MONITOR-ON: The user Live Monitored a channel and listened to the audio

  • MONITOR-OFF: The user ceased live monitor the channel

  • FORCE-SUPPRESSION-ON: The user turned on call suppression for a channel

  • FORCE-SUPPRESSION-OFF: The user turned off call suppression for a channel

  • AUDIO-ACCESSED: The user played a media record

  • ADD-ENTITY: A New entity (e.g. Custom Field, User Account, etc.) was added to the recorder. The description will tell which entity type was added.

  • DELETE-ENTITY: An Entity (e.g., Custom Field, User Account, etc.) was deleted from the recorder. The description will tell which entity type and the primary key (name, number, etc.) of the entity.

  • UPDATE-ENTITY: An Entity (e.g., Custom Field, DateTime, etc.) was modified. The description will tell the Entity Type and if applicable primary key of the entity.

  • GET-ENTITY: An Entity (e.g., Custom Field, DateTime, etc.) was retrieved and viewed. The description will tell the Entity Type and if applicable the primary key of the entity

  • GET-ALL-ENTITY: All Entities (e.g., Custom Field, DateTime, etc.) were retrieved and viewed. The description will tell the Entity Type

  • SEARCH-ENTITY: An Entity was searched

  • START-RECORDING: A user forced recording to start on a channel (this usually happens from a SOAP integration with the recorder)

  • STOP-RECORDING: A user forced recording to stop on a channel (this usually happens from a SOAP integration with the recorder)

  • ROD-DISABLE: A user forced a channel into a non-recording mode (this usually happens from a SOAP integration with the recorder)

  • ROD-ENABLE: A user switched a channel back to its standard recording mode (this usually happens from a SOAP integration with the recorder)

  • OPEN-TRAY: A user ejected an archive drive

  • CLOSE-TRAY: A user injected an archive drive

  • ACKNOWLEDGE-ALERT: A user acknowledged an alert

  • SET-CHANNEL-METADATA: A user added metadata to be applied to each media record on a channel (this usually happens from a SOAP integration with the recorder)

  • SET-CALL-METADATA: A user added metadata to a specific call (this usually happens from a SOAP integration with the recorder)

  • SET-WORKSTATION-TAG: User set workstation tag for channel. (this usually happens from a SOAP integration with the recorder).

  • UNSET-WORKSTATION-TAG: User unset workstation tag for channel. (this usually happens from a SOAP integration with the recorder).

  • CHANGE-PASS: A user changed their pass (or someone else’s if they are an admin)

  • EXPORT-SYSTEM-INFO: A user took a backup of system information either to an archive drive or via download to a web browser.

  • IMPORT-SYSTEM-INFO: A user uploaded or restored system information

  • OFFLINE-DISK-FROM-RAID: A user marked a drive for removal

  • ADD-DISK-TO-RAID: A user added a new drive to a RAID

  • BOND-NICS: A user bonded 2 network interfaces together into 1 interface (this is advanced behavior for certain logger configurations and is not typical to see)

  • START-ARCHIVING: A user started archiving on an archive device

  • STOP-ARCHIVING: A user stopped archiving

  • BROWSE-ARCHIVE: A user put an archive into Browse mode for viewing with the Front Panel or with client software

  • UNBROWSE-ARCHIVE: A user took a browsed archive back offline

  • PERIOD-ARCHIVE: A user initiated a period archive to an archive drive

  • FORMAT-ARCHIVE: A user initiated a format of an archive drive

  • SET-ARCHIVE-POINTER: A user moved the archive time pointer on an archive

  • START-ARCHIVE-TRANSFER: A user started a transfer of archived data back to the recorder

  • STOP-ARCHIVE-TRANSFER: A user stopped the transfer of archived data to the recorder.

  • START-PCAP: A user started a network data capture

  • STOP-PCAP: A user stopped a network data capture

The Audit History is designed to provide an audit trail of configuration changes as well as audio access to the recorder. There are options available under Security: System Security that allow for configuration of the level of detail in the audit history. If full details are enabled, then clicking on a configuration change audit event (e.g. UPDATE-ENTITY) will display the difference between the original and new configuration that was sent to the recorder to make the request. A Close button is provided to dismiss that window.

6.5.8. Client Activity

The Client Activity page will display information about PC Clients which have recently connected to the recorder using Eventide MediaWorks DX™ or Eventide Media Agent. This information can sometimes be useful for troubleshooting client licensing issues as the client access is licensed on a per workstation basis. One client workstation is shown per row along with next/prev/go buttons for navigation as on other pages.

For each entry in the Client Activity table the following fields are shown:

  • Workstation: MAC address of the connecting client

  • User: The Username with which the client was logged into the system

  • Login Time: The date and time the login occurred

  • Logout Time: the data and time the client logged out. Blank if still logged in

  • License In use: Whether or not this client is currently holding a license.

  • ClientType: Application used to connect to the recorder

  • Client Address: The MAC address of the workstation from which the client logged in