• State Not Answered
  • Locked Locked
  • Replies 27 replies
  • Subscribers 17 subscribers
  • Views 9586 views
  • Users 0 members are here
Options
Related
This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

custom query for fetching active alerts

basilfernandaz

 I am trying to query the below parameters (Active Alarms , relevant Node details , its Severity and Region etc.) ...From the documentation active alerts can be fetched from this details 

[Orion.AlertActive ] 

in the above table , i am not able to query relevant node details , severity ,, can some one help me which this creating custom query ...to fetch these properties [Active alerts , respective node id , alert severity , and region ]

Parents
  • 0

    I usually use the Event Table instead of the Alert Table. EventType 5000 is an Alert and 5001 is the Reset. The Message field contains the event message. That should get you started. 

    SELECT TOP 1000 EventID, EventTime, NetworkNode, NetObjectID, NetObjectValue, EngineID, EventType, Message, Acknowledged, NetObjectType, TimeStamp, DisplayName, Description, InstanceType, Uri, InstanceSiteId

    FROM Orion.Events
    Where EventType LIKE '%5000%' OR EventType LIKE '%5001%'
  • 0 in reply to bobmarley

    Hi , Thanks for the info , How about the severity ?

  • 0 in reply to basilfernandaz

    You can pull everything with the severity via SWQL

    SELECT
	o.AlertConfigurations.Name AS [ALERT NAME]
	,'/Orion/NetPerfMon/ActiveAlertDetails.aspx?NetObject=AAT:' + ToString(o.AlertObjectID) AS [_LinkFor_ALERT NAME]
	,o.EntityCaption AS [ALERT OBJECT]
	,o.EntityDetailsURL AS [_LinkFor_ALERT OBJECT]
	,o.RelatedNodeCaption AS [RELATED NODE]
	,o.RelatedNodeDetailsURL AS [_LinkFor_RELATED NODE]
	,ToLocal(o.AlertActive.TriggeredDateTime) AS [ALERT TRIGGER TIME]
	,o.AlertActive.TriggeredMessage AS [ALERT MESSAGE]
	,CASE o.AlertConfigurations.Severity
		WHEN 0 THEN 'Informational'
        WHEN 1 THEN 'Warning'
		WHEN 2 THEN 'Critical'
        WHEN 3 THEN 'Serious'
        WHEN 4 THEN 'Notice'
        ELSE CONCAT('Unknown Severity: ', o.AlertConfigurations.Severity)
	END AS [Severity]
--	,N.CustomProperties.NodeRegion
FROM Orion.AlertObjects AS o
LEFT JOIN Orion.Nodes AS N ON N.Caption = o.RelatedNodeCaption
WHERE o.AlertActive.TriggeredMessage <> ''
ORDER by o.AlertActive.TriggeredDateTime DESC

Reply
  • 0 in reply to basilfernandaz

    You can pull everything with the severity via SWQL

    SELECT
	o.AlertConfigurations.Name AS [ALERT NAME]
	,'/Orion/NetPerfMon/ActiveAlertDetails.aspx?NetObject=AAT:' + ToString(o.AlertObjectID) AS [_LinkFor_ALERT NAME]
	,o.EntityCaption AS [ALERT OBJECT]
	,o.EntityDetailsURL AS [_LinkFor_ALERT OBJECT]
	,o.RelatedNodeCaption AS [RELATED NODE]
	,o.RelatedNodeDetailsURL AS [_LinkFor_RELATED NODE]
	,ToLocal(o.AlertActive.TriggeredDateTime) AS [ALERT TRIGGER TIME]
	,o.AlertActive.TriggeredMessage AS [ALERT MESSAGE]
	,CASE o.AlertConfigurations.Severity
		WHEN 0 THEN 'Informational'
        WHEN 1 THEN 'Warning'
		WHEN 2 THEN 'Critical'
        WHEN 3 THEN 'Serious'
        WHEN 4 THEN 'Notice'
        ELSE CONCAT('Unknown Severity: ', o.AlertConfigurations.Severity)
	END AS [Severity]
--	,N.CustomProperties.NodeRegion
FROM Orion.AlertObjects AS o
LEFT JOIN Orion.Nodes AS N ON N.Caption = o.RelatedNodeCaption
WHERE o.AlertActive.TriggeredMessage <> ''
ORDER by o.AlertActive.TriggeredDateTime DESC

Children

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification Media Vault Link Accounts
About THWACK Blogs For Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2024 SolarWinds Worldwide, LLC. All Rights Reserved.