We have a set of generic alerts (CPU/Mem/Disk/Up/Down) each with an email action. We have custom properties that we use to control who the emails go out to, exceptions on each each alert (mute the whole node or one of the specific alerts). All that works fine but we have a smaller group of nodes that are very critical and would like to perform a separate action on (send an IM to a different channel for example). The only way I know how to do this would be to create many duplicate alerts with trigger logic accounting for the custom property that identifies one of these very critical nodes. So instead of 4 generic alerts I would need 8 that are basically alerting for the same thing with a slight variation. 8 alerts would be more difficult to maintain and add (imo) unnecessary complexity.
Is there a better way to do this? I was looking into an advanced sql alert that maybe would check if one of the very critical nodes was in the activealert table, but I'm not really sure if it's possible, or what the query would look like.
I've worked in zabbix and this is a fairly simple procedure, you have trigger logic for marking a node as a problem state then action logic (send email + IM if in very critical group) for determining exactly what action I want to take. I was hoping there's an easy fix I'm missing with solarwinds.
Another thought I had on it specifically for the IM example, I could create a new custom property that includes the URL(s) for the specific IM channels I want the alert to go to on each node. That's how our email custom property works but I just tested the HTTP Post action and it doesn't seem to support filling in the URL with a custom property, let alone if it would allow me to semi-colon separate them like you can with emails.
