Interface name in UDT Alerts

Same Problem,

trying to create a email alert with following settings.

______________________

A New MAC-Address appears on network

Switch Name

Switch Port

Switch Port Name

MAC-Address

____________________

Some Ideas?

Still no Update? SolarWinds Support also no help..

Try these:

Port : ${SQL: SELECT Name from [dbo].[UDT_Port] WHERE  (PortID = ${N=SwisEntity;M=PortID})}

Device : ${SQL: SELECT Caption FROM [dbo].[Nodes] WHERE (NodeID = ${N=SwisEntity;M=DeviceID})}

Hi,

thanks for the replay!

But it didnt worked. Look at the screenshots.

Here is the result from the email.

I also cant find PortID in UDT_MovedMACAlert

Ah, so you did a custom query for your alert condition?  I didn't...  I just used the built in...   In the trigger condition I have:

and my email looks like

This works for me!

Thanks! It is working now!!! Great

Can you tell me which variables you inserted to get those?  i am not seeing them.  I tried copying the syntax from your screen shot but got an error like this

Port : MACRO SQL
ERROR - Incorrect syntax near '{'.

Device : MACRO SQL ERROR - Incorrect syntax near '{'.

My SYNTAX after copying...

An issue on an object you are monitoring occurred at ${N=Alerting;M=AlertTriggerTime;F=DateTime}.

View full object details here: ${N=SwisEntity;M=DetailsUrl}.
View full alert details here: ${N=Alerting;M=AlertDetailsUrl}
Click here to acknowledge the alert: ${N=Alerting;M=AcknowledgeUrl}

Port : ${SQL: SELECT Name from [dbo].[UDT_Port] WHERE  (PortID = ${=SwisEntity;M=PortID}]}
Device : ${SQL: SELECT Caption FROM Nodes WHERE NodeID = ${N=SwisEntity;M=DeviceID}}

Hi,

for New MAC I'm using this

_____________

Anzeige der vollständigen Warnungsdetails: ${N=Alerting;M=AlertDetailsUrl}

New MAC Address: ${N=SwisEntity;M=MACAddress}

Port: ${SQL: SELECT Name from [dbo].[UDT_Port] WHERE  (PortID = ${N=SwisEntity;M=PortID})}

Port Name: ${SQL: SELECT PortDescription from [dbo].[UDT_Port] WHERE  (PortID = ${N=SwisEntity;M=PortID})}

IP: ${SQL: SELECT IP_Address FROM [dbo].[Nodes] WHERE (NodeID = ${N=SwisEntity;M=DeviceID})}

Device: ${SQL: SELECT Caption FROM [dbo].[Nodes] WHERE (NodeID = ${N=SwisEntity;M=DeviceID})}

Device Location: ${SQL: SELECT Location FROM [dbo].[Nodes] WHERE (NodeID = ${N=SwisEntity;M=DeviceID})}

Device Last Boot: ${SQL: SELECT LastBoot FROM [dbo].[Nodes] WHERE (NodeID = ${N=SwisEntity;M=DeviceID})}

Device CPU Load: ${SQL: SELECT CPULoad FROM [dbo].[Nodes] WHERE (NodeID = ${N=SwisEntity;M=DeviceID})}

Device Description: ${SQL: SELECT Description FROM [dbo].[Nodes] WHERE (NodeID = ${N=SwisEntity;M=DeviceID})}

_____________

And here ist the result:

And for Rogue MAC this:

_____________

Anzeige der vollständigen Warnungsdetails: ${N=Alerting;M=AlertDetailsUrl}

Rouge MAC-Address: ${N=SwisEntity;M=MACAddress}

Port: ${SQL: SELECT Name from [dbo].[UDT_Port] WHERE  (PortID = ${SQL: SELECT PortID from [dbo].[UDT_PortToEndpointCurrent] WHERE  (EndpointID = ${N=SwisEntity;M=EndpointID})})}

Port Name: ${SQL: SELECT PortDescription from [dbo].[UDT_Port] WHERE  (PortID = ${SQL: SELECT PortID from [dbo].[UDT_PortToEndpointCurrent] WHERE  (EndpointID = ${N=SwisEntity;M=EndpointID})})}

Node ID: ${SQL: SELECT NodeID from [dbo].[UDT_Port] WHERE  (PortID = ${SQL: SELECT PortID from [dbo].[UDT_PortToEndpointCurrent] WHERE  (EndpointID = ${N=SwisEntity;M=EndpointID})})}

_____________

the 'moving mac-address' is still not working... Hope for SolarWinds....

Thanks Alan,   What is the difference between using the "New MAC"? and the "Rogue MAC"?

Hmm..  Venturing a guess here.  Thinking if you choose to enable the "whitelist" feature in UDT, that any devices that are not "included" or "ignored" would be considered "rogue" devices...