4 Replies Latest reply on Apr 24, 2012 2:45 PM by NetEng33

    Advanced Alerting

      Is there a way under advanced alerting to only assign certain nodes to particular alerts?

      Under BAsic alerting you can select nodes/interfaces to apply the alert. Under advanced it seems to apply the alert to every device.


        • Re: Advanced Alerting

          You would need to use the expressions - like Node name is equal to * to apply to all...  it's a bit more intensive, but obviously more advanced.

            • Re: Advanced Alerting

              Or several matching patterns... Node name is equal to, or contains, etc... 

                • Re: Advanced Alerting


                  This tutorial should help you with few examples it describes:

                  Learn how to configure Advanced Alerts in Orion



                    • Re: Advanced Alerting

                      Rory81 I hear ya on this...


                      I am still not feeling great with the solution I used in our environment nor believe it is the best, however this is what we used in order to move forward.  I found this very thing as some devices need to get alerted to different departments or persons of responsibility.  We found quickly that some devices need to be defined that X is the responding party, but Y is the interested parties.  We utilize distribution lists for emailing alerts to the X & Y's of the organization.


                      So I created 5 custom fields that are on our nodes.  In those fields I am then able to type in the "Alert Group" in which that node is a member; nodes can be members of up to 5 Alert Groups currently.  I.e.  T1 - Network Team, T1 - Server Team, T2 - Facilities, etc.


                      Those alert groups have email distribution list/s that correspond back to them in our Exchange servers.  T1, T2, or T3 are codes for Tier 1, Tier 2, Tier 3 priorities.  This way we have the ability to build out escalation and SLA's according to Tiered problems/issues and response structure.  This is a 10,000 foot level explanation but you can kind of get the jest of what were trying to accomplish and have flexibility with scalability.


                      The downfalls I immediately saw but have not come up with a more creative solution yet:

                      • The alert group has to be manually typed in - this means that human error can enter into the equation each time it is typed instead of a drop down.  Any typos will cost the NMS Team egg on their face by no alerting for any typos since it cannot be matched as written in the Advanced Alerting.
                      • Due to the custom fields: you won't know exactly where each Alert Group will be typed - custom field 1 vs custom field 2, etc. ; therefore when writing the advanced alerts matching schema, you have to include all 5 custom fields and the "Any" option to ensure you match wherever the alert group name got typed in.
                      • The limiting factor of custom fields to create custom alert groups...you have keep adding more fields which will cause you to rewrite all advanced alerting to include the additional fields if added later.

                      I am sure there is more we can do with "groups" as this is a common theme throughout the ORION system and building templates, etc.  However I haven't had that chance yet to scheme on it and play with it.


                      **TIP:  When writing any advanced alerts I would give some forethought to the name of each alert and make sure you include the exact name of each alert in the footer of your email alerts that the system sends out.  This will enable you to quickly find what alert is sending you stuff if it needs to be fixed or altered in any way - because you may find your library of Advanced Alerts may get a little congested.


                      Hope this helps.