Thanks will 1000 will be the recommended threshold ?
Threshold level itself has nothing to do with SolarWinds. It really depends at what level your Network Team wants to receive an alert. There is no recommended value. In my environment I usually setup 1000 discards and 10 errors per hour as default thresholds. But once again, this is individual to network team, work practises, equipment, purpose, business.... you name it
How to ignore these alerts for servers ,need alerts only on routers and switches.
Good question. I personally would not do it as high level of discards and errors will indicate potential problems even for Windows/Linux serevrs
You can play with alerting logic and see where Windows/Linux come up, For example below is a filter based on "Vendor":
You just need to be careful not to exclude inadvertently things that you DO want to include. For example some appliances may well report back vendor as Linux... probably
Also, "Machine Type" will give some indication, as well as "IOS Version"
How do I know that... well, I don't really. All I do is by "trial-and terror":
Now scroll down and check what you think logically is best to apply. See Output preview column for an example output:
choose your condition. I found that "contain" and "don't contain" works well for many instances where you want to only match part of the string
and last BONUS tip - if you place cursor in the last field and hit down arrow - you will get all possible options that exist in your environment for a given field. This way it is very handy to see what all possible values this particular field can return, based on your environment and infrastructure
Notice from the above screenshot, Machine Type can be "net-snmp - Linux", which does, as a matter of fact, represent network devices being monitored over SNMP. So, I would not exclude this one in your case, even though it may appear as Linux box server.
I personally do not rely on the above values when I need to work on devices by type, for the reasons stated above. I have a special Custom Property which I call "Type". It has the following values:
* Virtual Server
* Physical Server
* Virtual Appliance
* Physical Appliance
* Network Device
This way I know for sure which node is a server and which one is a network device, because I have done it MYSELF, manually, and I usually trust myself above all. Here, I thing about device from the bare-metal and shape perspective. If I get an alert, first question I ask, ignoring all fancy business logic - what is it? how does it look like? is it real/virtual?. Above list would generally work for any business.
I further classify every node with another Custom Property, called "Role". Here, things can go a bot more deeper into actual business logic. Makes it easier to group later and do some other fancy stuff with regards to dashboards and alerts. It also helps to break down specific infrastructure with 1000s of elements into logical groups that are relevant to a particular business. Example:
* Web server
And lastly, third level is a business itself - actual product/client, etc. I call it "Service"
* My super important client
* My another important client
* Internal systems
This is my personal approach and something I really recommend to try in your environment. The only thing is - you need to also make sure that all those 3 custom properties are filled up for all nodes. To achieve this I have a weekly report arriving into my inbox stating which exact nodes are missing which exact properties.... but this is subject for another article I guess