advertisement
Alerts — Reference
This page provides the following information:
• Common Tasks
– Alert Log Settings
– New Alert View Filter
– New Alert Application Launch Action
– New Alert Email Action
– New Alert Ignore Action
– New Alert Trap Forward Action
• Alert Logs
– Alert View Filters
* All Alerts
* All Internal Alerts
* Critical Alerts
* Normal Alerts
• Alert Actions
* Unknown Alerts
* Warning Alerts
– Application Launch
– Ignore
– Trap Forwarding
• Alert Categories
Alert Logs
You can view alerts from Alerts Logs. The Alert Logs allow you to view all alerts filtered by the active view filter.
The criteria for matching the alerts in the view filter include:
• Alert severity. See
• Alert category or source. See
Category and Sources Association
.
•
Alert device or device group source. See Device Association
.
• Alert date, time, or day of week. See
.
• Alert acknowledged flag. See
Related Links
Configuring Alert Log Settings
13
121
Setting Up E-mail Notification
Predefined Alert View Filters
The following table lists the predefined alert view filters.
Field
All Alerts
Critical Alerts
Normal Alerts
Unknown Alerts
Warning Alerts
Description
Select to view all the alerts.
Select to view all the systems that are critical.
Select to view normal alerts.
Select to view alerts that OpenManage Essentials cannot categorize.
Select to view all the warnings.
Select Continuous Updates to enable the user interface to update automatically when new alerts are received.
Alert Logs Fields
Field
Severity
Acknowledged
Time
Device
Details
Category
Source
Description
The alert severity
Whether the alert has been acknowledged or not by the user.
The date and time the alert was generated.
The device which generated the alert.
The message contained in the alert.
The categorization of the alert.
The name of the alert source definition.
Group By Column
To group by in All Alerts, drag the All Alert column that you want to group by and drop it in Drag a column header and drop it here to group by that column.
For example, In All Alerts, if you want to group by severity, select Severity and drag and drop it in the Drag a column header and drop it here to group by that column bar.
The alerts are displayed by severity.
122
Alert Details
Field
Severity
Acknowledged
Device
Time
Category
Source
Description
SNMP Enterprise OID
SNMP Generic Trap OID
SNMP Specific Trap OID
Description
The alert severity.
Whether the alert has been acknowledged or not by the user.
The device which generated the alert.
The date and time the alert was generated.
The categorization of the alert.
The name of the alert source definition.
The message contained in the alert.
Provides the enterprise OID (SNMP OID prefix) of the management information base (MIB) file that defines the event source that you want to monitor.
Provides the generic trap ID of the SNMP trap that you want to monitor from the desired event source. See the
Dell OpenManage Server Administrator SNMP Reference
Guide
at support.dell.com/manuals for more information on SNMP traps.
Provides the specific trap ID of the SNMP trap that you want to monitor from the desired event source. See the
Dell OpenManage Server Administrator SNMP Reference
Guide
at support.dell.com/manuals for more information on SNMP traps.
Alert Log Settings
Configure settings which control the size, messaging, and purge settings of the Alert Logs.
Field
Maximum size of Alert Logs
Log a warning when the Alert Log size reaches
When the Alert Logs reach the Maximum size, purge
Description
Determines the maximum number of alerts the alert logs can have before purging occurs.
A warning alert is sent to the application log when this size is reached.
Purges the specified number of alerts when the maximum size is reached.
Alert View Filters
Alert Filter Name
In OpenManage Essentials, you use alert filters that are associated with alert actions to implement alerting capabilities.
For example:
• You can create alert action associations to trigger actions, such as sending e-mails, when an alert condition is met.
123
• You can create ignore, exclude, or both associations to ignore SNMP traps and CIM indications when they are received. You use these associations to suppress alert floods.
• You can create alert view filters to customize the Alert Logs view.
For more information about creating alert action associations, see Managing Alerts
.
Use this window to perform the following tasks:
• Create new alert action associations, ignore/exclude filters, and alert view associations.
• View summary information for alert action associations, ignore/exclude associations, and alert view filters.
• Edit, delete, rename, and copy alert action associations, ignore/exclude associations, and alert view filters.
Severity
This page provides a list of alert severity.
Field
Name
Enabled
Severity
All
Unknown
Normal
Warning
Critical
Description
Name of the item (applicable only for ignore action and view filter).
Select to enable the alert action (applicable only for ignore action).
The alert types available.
Select to include all types of alerts.
Select to include unknown alerts.
Select to include normal alerts.
Select to include warning alerts.
Select to include critical alerts.
Acknowledgement
Field
Limit alerts based on the acknowledge flag
Match only acknowledged alerts
Match only unacknowledged alerts
Description
Associations alerts by whether they have been acknowledged or not. This option is disabled by default.
Select to track acknowledged alerts only.
Select to track unacknowledged alerts only.
Summary — Alert View Filter
The view filter summary screen is shown on the final page of the alert view filter wizard or when clicking on the view summary right-click option in the tree.
Field
Name
Type
Description
Description
The name of the alert action.
The alert action type - App Launch, Email, Ignore, Trap, and Forward.
The description of the alert action.
124
Field
Associated Severity
Associated Alert Categories
Associated Alert Sources
Associated Device Groups
Associated Devices
Associated Date Range
Associated Time Range
Associated Days
Associate Acknowledge
Description
The alert severity criteria used when matching alerts.
The alert category criteria used when matching alerts.
The alert source criteria used when matching alerts.
The alert source device group criteria used when matching alerts.
The alert source device criteria used when matching alerts.
The alert date range criteria used when matching alerts.
The alert time range criteria used when matching alerts.
The alert days criteria used when matching alerts.
If enabled, uses the alert acknowledged flag when matching alerts.
Alert Actions
Alert actions are triggered when an incoming alert matches the specific criteria defined in the alert action. The criteria for matching the alert include:
• Alert severity. See
• Alert category or source. See
Category and Sources Association
.
•
Alert device or device group source. See Device Association
.
• Alert date, time, or day of week. See
.
There are four types of alert actions:
• Alert Application Launch Action—Launch a script or batch file when the alert action criteria is matched.
• Alert Email Action—Send an e-mail when the alert action criteria is matched.
• Alert Ignore Action—Ignore the alert when the alert action criteria is matched.
• Alert Trap Forward Action—Forward the SNMP Trap to another management console when the alert action criteria is matched.
By default, new alert actions are enabled. If you wish to turn off the alert action without deleting it, you can disable it either through the right-click menu or the edit wizard for the alert action.
Several common alert action use cases are pre-installed in the disabled state to illustrate common usage. When using these pre-installed actions, it is recommended to clone the example to a new action specific to your needs. Make sure to enable and test the new action during this process.
Name and Description
Field
Name
Description
Enabled
Description
The name of the alert action.
The description of the e-mail action.
Select to activate the alert action.
125
Severity Association
Field
Severity
All
Unknown
Normal
Warning
Critical
Description
The alert types available.
Select to include all types of alerts.
Select to include unknown alerts.
Select to include normal alerts.
Select to include warning alerts.
Select to include critical alerts.
Application Launch Configuration
Use this window to configure the application that you want to launch and to test the launch.
NOTE: Alert actions are run when a matching alert is received so the alert application launch action is a script or batch file that does not require user interaction.
Field
Executable Name
Arguments
Description
Specifies the fully qualified path name and file name of the executable file that launches the application program.
Specifies or edits any required or desired command line parameters to be used in launching the application program. You can use the following variable substitutions to specify information in the Arguments field:
• $n = system name
• $ip = IP address
• $m = message
• $d = date
• $t = time
• $sev = severity
• $st = Service Tag
• $e = enterprise OID
• $sp = specific trap ID
• $g = generic trap ID
• $cn = alert category name
• $sn = alert source name
• $pkn = package name
• $at = asset tag
Executable file: If you have an executable file (for example, createTroubleTicket.exe), to create a trouble ticket with parameters –arg1, -arg2, and so on; configure the alert application launch as follows:
• Executable Name (with the full path): C:\temp
\createTroubleTicket.exe
• Argument: -arg1 –arg2
126
Field
Test Action
Description
When the alert action is triggered, it runs the command C:
\temp\createTroubleTicket.exe –arg1 -arg2 to perform the associated application launch alert action.
Batch file: If you have a batch file (for example, createTroubleTicket.bat), to create a trouble ticket with parameters –arg1, -arg2, and so on, configure the alert application launch as follows:
• Executable Name (with the full path): C:\temp
\createTroubleTicket.bat
• Argument: -arg1 –arg2
When the alert action is triggered, it runs the command C:
\temp\createTroubleTicket.bat –arg1 -arg2 to perform the associated application launch alert action.
VB script: When configuring vb script files as an alert action, provide the executable and arguments as follows.
For example, if you have a script
(createTroubleTicket.vbs), to create a trouble ticket that contains one parameter arg1, configure the application launch as follows:
• Executable Name: cscript.exe or C:\Windows
\System32\cscript.exe (full path)
• Argument: C:\temp\createTroubleTicket.vbs arg1
When the alert action is triggered, it runs the command cscript.exe C:\temp\ createTroubleTicket.vbs arg1 to perform the associated application launch alert action.
NOTE: If an alert action is not working, ensure that you have entered complete command from the command prompt.
See the sample alert action under Application Launch alert action for more information.
Allows you to test the application launch.
NOTE: Alert actions are run when a matching alert is received; so the alert application launch action is a script or batch file that does not require user interaction.
E-Mail Configuration
You can configure Essentials so that you receive e-mail each time the alert associations for your devices meet specific alert criteria. For example, you may want to receive an e-mail message for all warning and critical alerts.
Use this window to specify the parameters for configuring the e-mail alert action.
Field
To
From
Description
Specifies a valid e-mail address served by the company's
SMTP server of the person who is to receive the e-mail.
Specifies the originating e-mail address.
127
Field
Subject
Message
Email Settings
Test Action
Description
Specify the e-mail subject using text or the available alert tokens.
Specify the e-mail message using text or the available alert tokens.
Select to provide the SMTP server name or IP address.
Allows you to test the e-mail action.
NOTE: After sending the test e-mail, verify that the email was received successfully and has the expected content.
NOTE: Alert tokens are substituted at the time the alert action occurs. They are not substituted for a test action.
NOTE: Certain paging vendors support alphanumeric paging through e-mail. OpenManage Essentials supports paging through the e-mail option.
Trap Forwarding
Simple Network Management Protocol (SNMP) traps are generated in response to changes in the status of sensors and other monitored parameters on a managed device. In order to correctly forward these traps, you must configure an
SNMP trap destination, defined either by IP address or host name. For information about forwarding SNMPv1 and SNMP v2 traps in both the original format and OMEssentials format, see
Forwarding Alerts Use Case Scenarios
.
For example, you may want to use trap forwarding if you are in a multi tiered enterprise environment using OpenManage
Essentials to create associations and forward traps to the enterprise manager.
If the trap is being processed locally and then forwarded to the destination or it is just forwarded to the destination.
Use this window to specify the parameters for configuring trap forwarding.
Field
Destination
Community
Forward Trap in Original Format
Test Action
Description
Provide the IP address or host name for the system that is hosting the enterprise management application.
Provide the SNMP community to which the destination IP address or host name belongs.
Click this check box to forward the trap in the same format received by OpenManage Essentials..
Forwards a test trap to the specified destination using the specified community string.
Category and Sources Association
OpenManage Essentials has many alert categories and sources that are predefined and prepopulated for Dell management agents. Select any of the predefined alert categories or sources to associate it with the alert action or filter. For more information and the complete list of categories and alert sources, see
Device Association
You can select predefined groups (device types), custom groups, specific devices, or a device query. Device association currently only covers predefined groups.
128
For custom groups, create a custom group using the New Custom Group Wizard. The custom group shows up in the tree.
To use device query, select a query from the list.
Click New to create a new device query to search and assign the devices to the alert action.
Click Edit to change the query logic.
Select groups or devices from the tree, you can use the query option to create a specific criteria for the selection.
Device Query Options
Field
Select a query
New
Edit
All Devices
Clients
HA Clusters
KVM
Microsoft Virtualization Servers
Modular Systems
Network Devices
OOB Unclassified Devices
Power Devices
Printers
RAC
Servers
Storage Devices
Unknown
VMware ESX Servers
Description
Select a query from the drop-down list.
Add a new query.
Edit an existing query.
Select to include all the Devices that is managed in
OpenManage Essentials.
Select to include client devices, such as desktops, portables, and workstations.
Select to include High Availability server clusters.
Select to include keyboard video mouse devices.
Select to include Microsoft Virtualization Servers.
Select to include Modular Systems.
Select to include Network Devices.
Select to include out of band Unclassified Devices like
Lifecycle controller enabled devices.
Select to include PDUs and UPS..
Select to include Printers.
Select to include devices with Remote Access controllers.
Select to include Dell servers.
Select to include storage devices.
Select to include unknown devices.
Select to include VMware ESX servers.
Date and Time Range
Field
Limit Date Range
Limit Time Range
Limit Days
Description
Specifies a specific date range to match alerts.
Specifies a specific time range to match alerts.
Select to specify the days on which to enable the alert association. If you do not enable this option, the association is applied continuously within the time frame that you specify.
Each of these fields are exclusive of the other, so selecting date 8/1/11- 10/1/11, 1am to 4 AM, Friday, will
129
Field Description match alerts on only Fridays from 1-4 AM only within that date range.
NOTE: It is possible to input a date range and days selection that will never produce a result. For example, 9/1/11 and Monday - since 9/1/11 was a
Thursday, it will never match.
If none of these are checked, it means the alert selection will have no date/time filter.
Alert Action - Duplicate Alert Correlation
Field
Yes. Only duplicate alerts that match this filter will be executed.
Description
Enabling this option deletes duplicate alerts (with the same ID and from the same device) received within the specified interval. Use this option to prevent a device from sending an overabundance of alerts to the console.
Select to set time.
Ignore duplicate alerts that are received during the interval (1-600 seconds)
No Select this option if you do not want duplicate alerts to run at increased duration.
Summary- Alert Action Details
View and edit selections.
The alert action details screen is shown on the final page of the alert action wizards or when clicking on any alert action in the tree.
The alert action will have a subset of the following properties, depending on alert action type and filter criteria chosen
(this probably should be a table):
Field
Name
Action Enabled
Type
Description
To
From
Subject
Message
Destination
Community
Description
The name of the alert action.
Specifies if the alert action is enabled or disabled.
The alert action type - App Launch, Email, Ignore, and
Trap Forward.
The description of the alert action.
The e-mail address(es) to whom the e-mail is sent.
The e-mail address from whom the e-mail originates.
The subject of the e-mail which may include alert tokens.
The message of the e-mail which may include alert tokens.
The destination name or IP address used for trap forwarding.
The community string used for trap forwarding.
130
Field
Executable Name
Arguments
Associated Severity
Associated Alert Categories
Associated Alert Sources
Associated Device Groups
Associated Devices
Associated Date Range
Associated Time Range
Associated Days
Minimum Repeat Time
Description
The name of the executable, script, or batch file to be used by the alert action.
The command line arguments used when invoking the alert action.
The alert severity criteria used when matching alerts.
The alert category criteria used when matching alerts.
The alert source criteria used when matching alerts.
The alert source device group criteria used when matching alerts.
The alert source device criteria used when matching alerts.
The alert date range criteria used when matching alerts.
The alert time range criteria used when matching alerts.
The alert days criteria used when matching alerts.
If enabled, specifies the minimum time in seconds between two of the same alerts from the same device.
Alert Categories
OpenManage Essentials has many alert categories and sources that are predefined and pre populated for Dell management agents.
Alert categories are organizational levels of the Alert Categories tree. Alert sources specify the low level details of each alert. To monitor the alert categories and sources, apply an alert action association to the alert source or to its parent category.
This page provides a list of categories and the alerts sources within that category. Use this page to configure alerts based on categories.
Alert Categories Options
Field
Brocade-Switch
Compellent
Dell Advanced Infrastructure Management
Environmental
EqualLogic Storage
FC-Switch
Description
Select this category to include alerts for Brocade-Switch.
Select this category to include alerts for Compellent storage devices.
Select this category to include alerts for Advanced
Infrastructure Management.
Select this category to include alerts for temperature, fan enclosure, fan speed, thermal, and cooling.
Select this category to include alerts for EqualLogic storage.
Select this category to include alerts for Fibre Channel switches.
131
Field
Force10-Switch
General Redundancy
HyperV Server iDRAC
Juniper-Switch
Keyboard-Video-Mouse (KVM)
Memory
Network
Other
PDU
Physical Disk
Power
Power Center
Printers
Processor
Removable Flash Media
Security
Storage Enclosure
Storage Peripheral
Storage Software
System Events
Tape
Test Events
Unknown
UPS
Virtual Disk
VMware ESX Server
132
Description
Select this category to include alerts for Dell Force10 switches.
Select this category to include alerts for General
Redundancy.
Select this category to include alerts for HyperV Server.
Select this category to include alerts for iDRAC.
Select this category to include alerts for Juniper switches.
Select this category to include alerts for KVMs.
Select this category to include alerts for memory.
Select this category to include alerts related to network.
Select this category to include alerts for other devices.
Select this category to include alerts for PDUs.
Select this category to include alerts for physical disks.
Select this category to include alerts for power.
Select this category to include alerts for power center.
Select this category to include alerts for printers.
Select this category to include alerts for processor.
Select this category to include alerts for removable flash media.
Select this category to include alerts for security.
Select this category to include alerts for storage enclosures.
Select this category to include alerts for storage peripherals.
Select this category to include alerts for storage software.
Select this category to include alerts for system events.
Select this category to include alerts for tape drives.
Select this category to include alerts for test events.
Select this category to include unknown alerts related statuses.
Select this category to include alerts for UPS.
Select this category to include alerts for virtual disks.
Select this category to include alerts for VMware ESX servers.
Alert Source
Each Alert Category contains alert sources. Click an alert category to view alert sources. Expand a category to view the list of alert sources, and select an alert source.
Field
Name
Type
Catalog
Severity
Format string
SNMP Enterprise OID
SNMP Generic Trap OID
SNMP Specific Trap OID
Description
The name of the new alert source, for example, myFanAlert.
The protocol information.
Provides the catalog information.
Specifies the severity assigned to the alert that is triggered if the alert source generates the specified
SNMP trap.
Provides the message string that appears in the Alert
Logs if the alert source generates an alert of sufficient severity to trigger the alert. You can use formatting commands to specify parts of the message string. For
SNMP, the valid formatting commands are:
$n = system name
$d = date
$t = time
$s = severity
$e = enterprise object identifier (OID)
$sp = specific trap OID
$g = generic trap OID
$1 - $# = varbind values
Provides the enterprise OID (SNMP OID prefix) of the management information base (MIB) file that defines the event source that you want to monitor.
Provides the generic trap ID of the SNMP trap that you want to monitor from the desired event source. See the
Dell OpenManage Server Administrator SNMP Reference
Guide
at support.dell.com/manuals for more information on SNMP traps.
Provides the specific trap ID of the SNMP trap that you want to monitor from the desired event source. See the
Dell OpenManage Server Administrator SNMP Reference
Guide
at support.dell.com/manuals for more information on SNMP traps.
133
134
advertisement
Related manuals
advertisement