Alert triggering when it shouldn't

This alert triggers for Windows nodes and nodes that have DG_ITNetwork***@***.org or DG_ITSystems***@***.org in the Contact field. What am I doing wrong?

Find more posts tagged with

Alerts

Accepted answers

All comments

mharvey

Using a none is the negative equivalent for any, if one of the criteria is still met it could fire off. Change the condition group to not all, which will ensure that if any of those conditions are met, the alert will not trigger. Basically take the logic you would have for including and reverse it for excluding in terms of none and not all.

Regards,

Matthew Harvey

alf33

Hmm... I guess I'm having trouble with the logic.

Is this what you're suggesting?

Trigger alert when NOT ALL of the following apply

Vendor IS NOT EQUAL to Windows

Contact IS NOT EQUAL to DG_ITNetwork...

Contact IS NOT EQUAL to DG_ITSystems...

If it was a Windows node, and it had "DG_ITNetwork..." as a Contact (but not DG_ITSystems...), then I would think the alert would trigger.

I don't want the alert to trigger if ANY of these conditions are true.

mharvey

So what you would want it

Trigger alert when NOT ALL of the following apply

Vendor is equal to Windows

Contact is equal to DG_ITNetwork

Contact is equal to DG_ITSystems

Or you would want

Trigger when ANY of the following apply

Vendor is not equal to Windows

Contact is not equal to DG_ITNetwork

Contact is not equal to DG_ITSystems

alf33

Thanks for the suggestions but I still don't see how this would work. (I guess I could just try it.)

So with this suggested logic:

Trigger alert when NOT ALL of the following apply

Vendor is equal to Windows

Contact is equal to DG_ITNetwork

Contact is equal to DG_ITSystems

If the node is Windows and there is no Contact, then the alert should fire, right?

And with this suggested logic:

Trigger when ANY of the following apply

Vendor is not equal to Windows

Contact is not equal to DG_ITNetwork

Contact is not equal to DG_ITSystems

If the node is Windows and there is no Contact, then the alert should also fire, too?

I want the alert to only trigger for nodes:

That are NOT Windows
That do NOT have DG_ITNetwork as a Contact
That do NOT have DG_ITSystems as a Contact

Thanks for your suggestions. Sorry if I'm being dense.

AlexSoul

If I were you I would simplify:

1. Remove your group of those three under "none" condition and add them straight on top, next to your "node is equal to Down"

2. Change "equal to" statements to "not equal to". In this case this will make it much more readable and simple to understand without referring back to this thread notes and documentation on what means what

In case if you need to match at least one of them to fire off an alert, then add them under group with "any" logic ... "If node is DOWN and ANY of those three below are true, then fire off an alert" simple!

As you will progress with setting up various advanced alerts - you will have enough complexity later. So, it is best to start from simple model from the beginning

Quick Links

All Categories
Recent Posts
Activity
Unanswered
Groups
Help
Best Of