advertisement
12
Managing Alerts
With OpenManage Essentials you can:
• View alerts and alert categories
• Manage alert actions
• Configure alert log settings
Viewing Alerts and Alert Categories
To view the alerts page, from OpenManage Essentials, click Manage → Alerts.
NOTE: Alerts for deleted devices are not displayed in the console. However, these alerts are not deleted from the database until the purge limits are reached.
Viewing Alert Logs
To view alert logs, click Manage → Alerts → Alert Logs.
Understanding the Alert Types
The following alert log types are displayed.
Table 2. Alert Types
Icon Alert
Normal Alerts
Warning Alerts
Critical Alerts
Unknown Alerts
Description
An event from a server or a device that describes the successful operation of a unit, such as a power supply turning on or a sensor reading returning to normal.
An event that is not necessarily significant, but may indicate a possible future problem, such as crossing a warning threshold.
A significant event that indicates actual or imminent loss of data or loss of function, such as crossing a failure threshold or a hardware failure.
An event has occurred but there is insufficient information to classify it.
Provides information only.
Information Alerts
113
Viewing Internal Alerts
Before viewing internal alerts, ensure that you enable internal health alerts in the Alert Settings of the Preferences tab.
.
To view internal alerts, click Manage → Alerts → Alert Logs → All Internal Alerts.
All Internal Alerts is a reference to the internal alerts that OpenManage Essentials generates such as health status, system up or down, and so on.
Viewing Alert Categories
To view alert categories, click Manage → Alerts → Alert Categories.
The predefined alert categories are listed in alphabetical order.
Viewing Alert Source Details
To view an alert category, in the alert categories list, expand an alert category, and then select an alert source.
NOTE: You cannot create a new event source.
For example, expand Environmental alert category and then select the alertCoolingDeviceFailure alert source.
Alert Source Values and Descriptions for alertCoolingDeviceFailure
Field Name
Name
Type
Catalog
Severity
Value alertCoolingDeviceFailure
SNMP
MIB - 10892
Critical
Description
An SNMP alert based source.
If this alert is received then the system is in critical state and immediate action is required.
Format String
SNMP Enterprise OID
SNMP Generic Trap OID
SNMP Specific Trap OID
$3
.1.3.6.1.4.1.674.10892.1
6
1104
Viewing Previously Configured Alert Actions
Viewing Application Launch Alert Action
To view the application launch alert action:
1.
Select Manage → Alerts → Alert Actions.
2.
In Alert Actions, select Application Launch.
114
Viewing E-Mail Alert Action
To view the e-mail alert action:
1.
Select Manage → Alerts → Alert Actions.
2.
In Alert Actions, select Email.
Viewing Alert Ignore Action
To view the alert ignore action:
1.
Select Manage → Alerts → Alert Actions.
2.
In Alert Actions, select Ignore.
Viewing Alert Trap Forward Action
To view the alert trap forward action:
1.
Select Manage → Alerts → Alert Actions.
2.
In Alert Actions, select Trap Forwarding.
Handling Alerts
Flagging an Alert
After you have completed action on an alert, flag the alert as acknowledged. Acknowledging an alert indicates it is resolved or does not require further action as a reminder to yourself. To acknowledge alerts:
1.
Select Manage → Alerts → Alert Logs.
2.
Click the alert you want to acknowledge.
NOTE: You can acknowledge multiple alerts simultaneously. Use <Ctrl> or <Shift> to select multiple alerts.
3.
Right-click and click Acknowledge → Set → Selected Alerts or Filtered Alerts .
If you choose Selected Alerts, the highlighted alerts are acknowledged.
If you choose Filtered Alerts, all alerts in the current filter/view are acknowledged.
Creating and Editing a New View
To personalize the way you view alerts, create a new view or modify an existing view. To create a new view:
1.
Select Manage → Alerts → Common Tasks → New Alert View Filter.
2.
In Name and Severity Association, enter a name for the new filter, and then check one or more severities. Click
Next.
3.
In Categories and Sources Association, assign the alert category or source to which you want to associate with this view filter and click Next.
4.
In Device Association, create query for searching devices or assign the device or device groups, which you want to associate to this view filter and then click Next.
5.
(Optional) By default the alert view filter is always active. To limit activity, in Date Time Association, enter a date range, time range, or days, and then click Next.
115
6.
(Optional) In Acknowledged Association, set duration when this alert action is active, and then click Next. The default is always active.
7.
In Summary, review inputs and click Finish.
Configuring Alert Actions
Alert actions occur on all alerts received by the OpenManage Essentials console. The alert is received and processed by the OpenManage Essentials console whether or not OpenManage Essentials has discovered the device so long as
OpenManage Essentials is listed in the device's SNMP trap forward destinations list. To prevent this, remove
OpenManage Essentials from the SNMP trap forward destinations list on the device.
Setting Up E-mail Notification
You can create e-mail notifications when an alert is received. For example, an e-mail is sent if a critical temperature alert is received from a server.
To configure an e-mail notification when an alert(s) is received:
1.
Select Manage → Alerts → Common Tasks → New Alert Email Action.
2.
In Name and Description, provide e-mail alert action name and description and then click Next.
3.
In E-mail Configuration, do the following and then click Next.
a) Provide e-mail information for the To: and From: recipients and provide the substitution information. Separate each recipient or distribution list with a semi-colon.
b) Customize the e-mail message format with any of the following substitution parameters:
* $n = Device
* $ip = Device IP
* $m = Message
* $d = Date
* $t = Time
* $sev = Severity
* $st = Service Tag
* $e = Enterprise OID
* $sp = Specific Trap OID
* $g = Generic Trap OID
* $cn = Alert Category Name
* $sn = Alert Source Name
* $pkn = Package Name
* $at = Asset Tag c) Click Email Settings and provide SMTP server name or IP Address, to test e-mail settings and click OK.
d) Click Test Action to send test e-mail.
4.
In Severity Association, assign the alert severity to which you want to associate this e-mail alert and then click
Next.
5.
In Categories and Sources Association, assign the alert categories or alert sources to which you want to associate this e-mail alert and then click Next.
6.
In Device Association, assign the device or device groups to which you want to associate this e-mail alert and then click Next.
7.
By default the Email Notification is always active. To limit activity, in Date Time Association, enter a date range, time range, or days, and then click Next.
116
8.
In Summary, review the inputs and click Finish.
Related Links
Ignoring Alerts
Sometimes you will receive alerts you might want to ignore. For example, you may want to ignore multiple alerts generated when Send authentication trap is selected within the SNMP service on the managed node. To ignore an alert:
1.
From OpenManage Essentials, select Manage → Alerts → Common Tasks → New Alert Ignore Action.
2.
In Name and severity Association, provide a name, assign the alert severity to which you want to associate this ignore alert action, and then click Next.
3.
In Categories and Sources Association, assign the alert categories source to which you want to associate this alert ignore action and then click Next.
4.
In Device Association, assign the device or device groups to which you want to associate this alert ignore action and then click Next.
5.
By default the Ignore Alert is always active. To limit activity, in Date Time Association, enter a date range, time range, or days, and then click Next.
6.
In Duplicate Alert Correlation, select yes to exclude duplicate alerts received within the set time limit, and then click Next.
7.
In Summary, review inputs and click Finish.
Running a Custom Script
In response to a specific alert received, you can run custom scripts or launch a specific application. This file must be present on the OpenManage Essentials service tier system (where OpenManage Essentials is installed) and not on the client browser system. For example:
• If you received a temperature warning, you can use a custom script to create an incident ticket for your internal
Help Desk.
• If you received an MD Array storage alert, you can launch the Modular Disk Storage Manager (MDSM) application to view the status of the array.
Creating a Custom Script
1.
Select Manage → Alerts → Alert Actions.
2.
In Alert Actions, right-click Application Launch and select New Alert Application Launch Action.
3.
In Name and Description, provide an application launch name and description and then click Next.
4.
In Application Launch Configuration, provide an executable name (provide an absolute file path, for example, C:
\ProgramFiles\Dell\Application.exe) and provide the substitution information, and then click Next.
5.
In Severity Association, assign the alert severity to which you want to associate this alert application launch and then click Next.
6.
In Categories and Sources Association, assign the alert categories or alert sources to which you want to associate this alert application launch and then click Next.
7.
In Device Association, assign the device or device groups to which you want to associate this alert application launch and then click Next.
8.
By default the Application Launch Action is always active. To limit activity, in Date Time Association, enter a date range, time range, or days, and then click Next.
117
9.
In Summary, review inputs and click Finish.
Related Links
Forwarding Alerts
You may want to consolidate alerts from multiple management stations to one management station. For example, you have management stations in multiple locations and you want to view status and take action from one central location.
For information about the behavior of forwarded alerts, see
Forwarding Alerts Use Case . To create alert forwards:
1.
Select Manage → Alerts → Common Tasks → New Alert Trap Forward Action.
2.
In Name and Description, provide Trap Forward name and description and then click Next.
3.
In Trap Forwarding Configuration, provide destination host name or IP address, provide community information, to send a test trap to the destination management station, click Test Action. To forward the trap in the same format to the configured destination, click Forward Trap in Original Format and click Next.
4.
In Severity Association, assign the alert severity to which you want to associate this trap forwarding alert and then click Next.
5.
In Categories and Sources Association, assign the alert categories source to which you want to associate this trap forwarding alert and then click Next.
6.
In Device Association, assign the device or device groups to which you want to associate this trap forwarding alert and then click Next.
7.
By default the Trap Forward Action is always active. To limit activity, in Date Time Association, enter a date range, time range, or days, and then click Next.
8.
In Summary, review inputs and click Finish.
The severity status for any trap is set to normal and for a successful alert action, combination of severity, category, and device has to confer with the selections in the preceding steps.
Forwarding Alerts Use Case Scenarios
This section describes scenarios about forwarding alerts using the SNMP v1 and SNMP v2 protocols. The scenarios consists of the following components:
• Managed node with an SNMP v1 agent, referred to as MNv1
• Managed node with an SNMP v2/v2c agent, referred to as MNv2
• Managed station 1 with OpenManage Essentials, referred to as MS1
• Managed station 2 with OpenManage Essentials, referred to as MS2
• Managed station 3 with a third-party software, referred to as MS3
Scenario 1 — Forwarding Alerts in the Original Format Using SNMP v1 Protocol
In this scenario, SNMP v1 alerts are sent from MNv1 to MS1 and then forwarded from MS1 to MS2. If you try to retrieve the remote host of the forwarded alert, it displays the name of MNv1 as the alert originates from MNv1. MNv1 is displayed because the SNMP v1 alert standards allow you to set the agent name in the SNMP v1 alert.
Scenario 2 — Forwarding Alerts in the Original Format Using SNMP v2/v2c Protocol
In this scenario, SNMP v2 alerts are sent from MNv2 to MS1 and then forwarded from MS1 to MS3. If you try to retrieve the remote host of the forwarded alert from MS3, it is displayed as MS1
118
Since there are no fields in an SNMP v2 alert to specify the agent name, the host which sends the alert is assumed as the agent. When an SNMP v2 alert is forwarded from MS1 to MS3, MS1 is considered as the source of problem. To resolve this issue, while forwarding SNMP v2 or v2c alerts, a varbind is added with OID as .1.3.6.1.6.3.18.1.3.0 with the variable value as Agent Address. This has been set based on the standard OID specified in RFC2576-MIB. When you try to retrieve the Agent Address from MS3, it is displayed as MNv2
NOTE: If the SNMP v2 alert is forwarded from MS1 to MS2, the remote host is displayed as MNv2 because MS1 parses the extra OID along with the forwarded trap.
Scenario 3 — Forwarding Alerts in the OMEssentials Format Using Either SNMP v1/v2 Protocol
In this scenario, SNMP v1 alerts are sent from MNv1 to MS1 and then forwarded to MS2. If you try to retrieve the remote host of the forwarded alert, it is displayed as MS1. The severity and the message of the alert is also defined by MS1 and does not display the original severity and message defined by MNv1.
NOTE: The same behavior applies for SNMPv2 traps.
Working With Sample Alert Action Use Cases
Sample alert actions are available for the Application Launch, E-mail, Ignore, and Trap Forwarding alert actions. Sample alert action use cases are disabled by default. Click the sample alert actions to enable the sample alert action.
To enable a sample use case, right-click the use case and select Enable.
Use Cases in Alert Actions
Application Launch
Sample - Run Script on Server Critical Alert—Enable this use case to run a custom script when a critical alert is received.
• Sample - Email Alerts to Service Desk—Enable this use case to send an e-mail to the service desk account from the OpenManage Essentials server when an alert criteria is matched.
• Sample - Email Critical Server Alerts to Admin—Enable this use case to send an e-mail to an administrator from the OpenManage Essentials server when an alert criteria is matched.
Ignore
• Sample - Ignore Alerts During Maintenance Window—Enable this use case to ignore alerts during a specified time interval.
• Sample - Ignore Duplicate Alerts with 15s—Enable this use case to ignore duplicate alerts from the same system.
• Sample - Ignore Non-Critical Alerts from Printers—Enable this use case to ignore non-critical alerts related to printers.
Trap Forwarding
Sample - Forward Critical Server Alerts to Other Monitoring Console—Enable this use case to forward SNMP alerts another monitoring console.
119
Configuring Alert Log Settings
You can configure alert log settings to set the maximum size of alert logs; to generate a warning alert when the alert log reaches a set threshold, and to purge the alert logs. To modify the default settings:
1.
Select Manage → Alerts → Common Tasks → Alert Log Settings.
2.
Enter a value or use the increment/decrement arrow buttons to increase or decrease the value.
NOTE: The default maximum size of alert logs is 20,000 alerts. Once that value is reached, the older alerts are purged.
Renaming Alert Categories and Alert Sources
1.
Click Manage → Alerts → Alert Categories.
2.
In Alert Categories, right-click any of the alert categories (under the Alert Category heading in the left pane) and select Rename.
3.
Provide a name for the alert category and click OK.
120
advertisement
Related manuals
advertisement