Hi guys,
Does anyone have a nice set of criteria for suppressing alerts on nodes when a specific node with the same name prefix is down? For example, I have a few nodes in their own Network map for our London office.
- London-Firewall
- London-Server1
- London-Server2
When the link does down, I get notifications for every single node there, which is a bit useless since when the link is down it's a given that all the servers will appear down to us too! I've tried to suppress the alerts like so:
In the Alert I create an Trigger Condition like this:
Node Status is equal to Down
Node Name contains London
And I create an Alert suppression like this:
Node name contains London
Vendor is equal to net-snmp (as all our firewalls report as)
Node Status is equal to Down
This appears to work fine, but we have many offices and I'd really prefer to not have to do this for every single one of them! Is there an easy way in the Alert Suppression to reference the Node Name used in the Trigger? Or even a better way to do it altogether? Anyway, here's the kind of thing I was thinking of:
So I create an Trigger Condition like this:
Node Status is equal to Down
Node Name contains $Site
And I create an Alert suppression like this:
Node name contains $Site
Vendor is equal to net-snmp
Node Status is equal to Down
As you can see, I'd just like to prevent hundred of emails saying Server1 is down, Server2 is down, Server3 is down when the Firewall is down too.
Can anyone help?
