I'm just getting started with writing my own custom reports, and I'm looking to see if the vast knowledge of this place could help me out.
We're currently trying to get a sense for how often our alerts escalate. Right now, we have a series of 24x7 alerts that start by sending an email out to admins, and then will send an email to a site that generates a phone call after about 10-15 minutes. Technically we have up to 6 escalation levels, as the system calls first on-call, then team leads, then managers and up the chain.
I'm trying to see if I can get a report of every time that escalation level has been fired, and on what machines, and who the communications were sent out to. Basically I'm looking for a log.
I'm trying to get started using a custom table, scoped to alert history where Triggered Instances are greater than 0. I've gotten a bit of luck out of this, but it really isn't shaping up to give me exactly what I want.
My columns are currently:
- Related Node Caption
- Last Triggered Date Time
- Last Executed Escalation Level
- Alerting Email (Node)
- Alerting Email (Application)
I am grouping by Message and Triggered Count.
Because of the width of the report, I've left off some columns I'd really like to track, such as who acknowledged the alert and when. Again, the idea is to make an inventory of our triggered alert actions to see when they fired.
Anyone have experience with this?