cancel
Showing results for 
Search instead for 
Did you mean: 
Create Post

If...Then...Else statements for Alert Manager

If...Then...Else statements for Alert Manager

I think it would make managing alerts much easier if we were able to build an if-then-else statement into the actions for an alert.

My example...

I create an alert for a particular set of criteria, but I want to enable a different response depending on who is responsible for solving the issue.

IF Node.Owner = "Server" THEN do(Action1)

IF Node.Owner = "Network" THEN do(Action2)

I gather it would be fairly complicated to implement, but I think it would really improve the alert manager.

137 Comments
MVP
MVP

If you mean to send an email to a different person depending on the type of device then there's another way.  Create a node custom property called 'Contact_Email' (or something similar) and populate it with comma-delimited email addresses (i.e., foo@example.com,bar@example.com).  Create your alert, but in the 'To:' field of the email put ${Node.Contact_Email}.  That way, when the email is sent, whoever you have set for the contact_email for that node will get the message.

What other actions did you have in mind?

Level 9

While I see that that would solve my problem, considering we still don’t have pre-defined custom variable selections, etc… I think it would be pretty messy to set it up that way.

I think there are a number of uses for if..then..else in alerting that would be helpful.

MVP
MVP

Easy there, tiger. I upvoted your suggestion - was just offering you an alternative while you wait.

Level 9

Yeah – I know, I’m just engaging in discussion…

Level 16

We have over 100 different alerts and many are the same alert with some small change in it.  I think this would be nice because I could have one "issue" with multiple nested variables....  therefore reducing the alerts I need to manage.

Level 11

Nicely said 'familyofcrowes'

Level 15

Another way to do this would be to allow us to alert on alerts

For example:

One generic alert that is for node down

another that says if Node A has Alert X active for 10 minutes and the time is between 7am and 7pm then email day staff

another that says if Node A has Alert X active for 30 minutes and the time is between 7pm and 7am then email night staff

another that says if Node A has Alert X active for 60 minutes anytime then email escalation team

Although that doesn't really cut down to much on the number of alerts, it gives more flexibility

Level 9

good idea I was thinking of something similar

I could use this to send just an email when there is a warning condition or to send a page/email and open an incident for critical conditions. That would cut my alert rules in half.

Level 13

if possible you an existing 3rd party programming language PERL, TCL etc.

just so that we can leverage our existing skills and not have to learn some new unique coding style