• State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 38 subscribers
  • Views 184 views
  • Users 0 members are here
Options
Related
This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Custom poller alert issue

joey.qiao

Hi, All:

     Does anyone help me the problem as below?

     Issue Description:

     A customer used the NPM 10.4 to monitor hillstone firewalls and Huawei switches, then he used "Universal Device Poller" to imported the OID and assigned them to these devices.

     After that, he could view the cpu value and chart in the "Node Details" page. Then he created some alerts.

     The trigger condition is :

     ● Poller Name is equal to XXX

     ● Status is greater than 20

     The trigger action is send an email.

     When the alert is triggered and he received emails,  he found some cpu values in the email are less than 20, this is false positives and abnormal. I want to know why it happened and how to solve it. Thanks!

  • 0

    Hi there,

    Does the firewall have multiple CPU cores?

    Is the Universal Device Poller CPU core-aware?

    Is the alert based on a single CPU core or multiple CPU/core?

  • 0

    Is there a reset condition that needs to have its wording changed?  Perhaps it's actually the alert clearing/ returning to normal, but text in the email may not make that abundantly clear.  Not that I've ever done that to myself...I eventually started including 'return to normal' in the wording of my reset emails to clarify.

    Another thought...create a report using the same logic as the alert, and then validate that what is seen is what is expected.  Ensure that any alert suppression / return to normal conditions are represented.

  • 0

    Is it possible the trigger condition allows at least one of the cpu's to be greater than 20 ?

    Thus at least one is within the trigger allowances even though the others are not ?

    You might see if there is an OID for average CPU and use that and include a "period of time" equal to a polling interval (minimum) so that at least 2 polls must match the trigger conditions before an alert is triggered.

    It would be helpful to include a bit more info (screenshots are great) of the poller and alert configuration so we have the same perspective you have as to how it is set up.

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification Media Vault Link Accounts
About THWACK Blogs For Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2024 SolarWinds Worldwide, LLC. All Rights Reserved.