Hi all,
I have five sites named A,B,C,D,E. All Sites have Firewalls and Switches and then servers. I configured advanced alerts for Servers and switches and then Servers. If firewall is down i received down alert mails for ,
1.firewall is down
2.Swithes is down
3.servers is down
If firewall is down , all the downstreme nodes unreachable. why the alerts came for each one?
configured Alerts shown in below,
The alerts are coming because they are unreachable due to the Firewall being down. What you can do is set up a Alert Suppression for the Site Servers when the Site Firewall is down. This way when the Firewall is down you only get the alert for the firewall and not the dependent servers.
Example below:
You can simplify your Alerting structure to use Dependencies for your Network to reduce the amount of Alerts Generated when your firewall goes down, then all devices behind it will change into an Unreachable State and only generate the single Down Node Alert. Please see this KB
