Greetings earthlings.
We have a large topology spanning several solar systems; when I say large I'm implying a few thousand elements, when I say solar systems I mean clusters of weak planets. Some of these planets are pathetic, and not worth getting alerts on, but using the Advanced Alert Manager we are not able to filter out these alerts. To make matters more complicated, the email address that the alerts are being sent from is not listed in the rule.
It feels as is there's a tremble in the force elsewhere, bypassing the strict rules we have in place.
My boss is growing weary of my incompetence, and I reach out to you with my robotic arms in hope that you can help solve this puzzle.
An example:
We have an alert setup to email us when a node's WAN link has exceeded 5k errors within an hour, node Hoth is a desolate node, and we don't want email alerts for this site. We have added to the trigger alert to not fire this email if the Node Name is equal to Hoth:
Trigger Alert when any of the following apply
Recv Errors - Today is greater than or equal to 5000
Xmit Errors - Today is greater than or equal to 5000
Trigger Alert when all of the following apply
Vendor is equal to Cisco
Node Name is not equal to Hoth
Trigger actions
Send email to darthdoodie@me.com
from email account:
Name: Network Performance Monitor
Reply Address: solarwinds@deathstar.com
Having this setup, we are still getting emails from noreply@deathstar.com
We have tried multiple variations of this rule, nothing is working. The fact that the reply address is different than what I set it up to be is bothering me; I even edited the message sent to add "zz" at the end of the message, but it's not showing up in my email. There must be another force here interfering with my plans again.
Thanks to any assistance other than rebel scum.
