I have read many posts on the ins and outs of basic and advanced alerts, but I have yet to find a post or blog that explains in detail, step-by-step fashion how the process works.
If i am correct, Basic alerts work entirely from the results of the most recent poll. In other words, a Basic node up/down alert will fire once and only once when a node is down at the time NPM polls it. Also, the node must come back up and then down again before a Basic alert can "re-fire". Is that correct?
For an advanced alert, the alert engine queries the database to see if the defined alert trigger conditions can be satisfied for ANY data currently in the database. Correct? That would mean an Advanced alert can refire on a node that is still down at the next query of the database even if it is not a "new" down event. Is that right?
In summary, let me describe a scenario and ask the community to verify how both alerting mechanisms would handle it.
Say a node goes down and stays down for 10 minutes. The node polling interval is 2 minutes. The advanced alert queries the database every minute, and the trigger condition has a 4 minutes delay (in effect two polling cycles). With those facts known, how will each type of alerting engine handle it?
How many times will each alert trigger?
Thank you for any help. Every timer i think I fully understand how NPM is accomplishing alerting, i think of a situation that I cannot fully describe.
