Wanting to get email alerts for Calix E7 "Major" alarms.
The alarm side was fairly straightforward: Log analyzer> if Vendor = Calix and message contains "major": trigger the alert and forward a SNMP Trap to the T/Mon for further processing.
The issue I'm running into is with the Clear side of things. Currently, set up similar to the Major Alarm trigger: if Vendor = Calix and message contains "clear": trigger the alert/clear and forward and SNMP Trap to the T/Mon for futher processing.
The problem with this is: it doesn't associate the "Clear" alarms with the "Major" alarms; So, if a Major alarm is thrown, it will forward to the T/Mon, however, once any alarm clears (not just major alarms), it forward the clear to the T/Mon, and prematurely clears the major.
I found the "axosAlarmInstanceID" variable seems to connect the Alarm/Clear, but I'm not sure how to translate this logic into the Alert Manager/Syslog.
Any ideas on what I can do?
Thanks.
