Hello all! I have generic alerts going out for BGP session drops (using Protocol Status Description is not equal to Established) for all important BGP routers in my network, however I'm trying to setup alerts for specific clusters of BGP peers to alert when a circuit goes down but the interface itself doesn't flap. I've tried setting the Alert On piece to Routing Neighbors (using AND) then setting up the Scope to reflect all the Neighbor IP = multiple peers then Actual Trigger Condition to Protocol Status Description =/= Established, but that doesn't seem to do it. Alerts still go out that the BGP sessions have dropped from another alert, but this one doesn't pick it up. I've now just created a multi-tiered condition within the Trigger Condition as follows:
AND
Neighbor IP = x.x.x.x
----AND
----Protocol Status Description =/= Established
AND
Neighbor IP = x.x.x.x
----AND
----Protocol Status Description =/= Established
..etc for more Neighbors, up to 6 for a circuit/connection..
Is this the best way to set this up? Unfortunately there's not an easy way for me to test this without BGP peers actually flapping, but if anyone has any experience setting this up it'd be quite helpful so I can get it setup and ready for an eventual drop to test it
To clarify:
