Thank you branfarm for your reply. You are correct on your suggestion, Yet I decided to take it one step further as I got it to work and I want to make it is easier for anyone to do this.
NOTE: These steps were done on a Cisco Catalyst 2960 switch (it should work on any Cisco IOS device)
NOTE: This configuration is done for NPM product not NCM. Sorry, but I couldn't figured out how to re-categorized this post.
STEP 1: Enter the following settings on the Cisco device.
Conf t
logging {solarwinds IP}
logging on
login on-failure log
login on-success log
logging file flash:syslogSolarwinds ### Not necessary, but it's a good practice to write your syslog to file in case the switch reboots.
service sequence-numbers ### Not necessary, but it's a good practice in to have your syslog messages in a sequence
logg trap 5
logging history 4
archive ### Not necessary, but it's a good practice.
log config
logging enable
notify syslog
hidekeys
STEP 2: Enter these settings on your Solarwinds server
launch "Syslog Viewer"
Enter the IP address of the device you previously configure on the "Source IP Adress" field. This will allow you to see only the syslogs from that device. If you don't see any logs go back to STEP 1.
Go to "Syslog Server Settings" click on the "Alert/Filter" tab and "add a new rule"
Modify the following tabs:
General tab: enter the IP address of the device that you want to receive alert form.
Message tab: enter these patterns on the "Syslog Message Pattern field"
Severity/Facility tab: select theses options only
Alert Actions tab: enter your email address and make sure you enter the SMTP server settings otherwise you won't get an email alert
Test your setting by login into the switch you previously configured. You should receive a real-time email alert based on the rules you configured.
I hope this is beneficial to anyone trying to get this results.