Products documentation

User Tools

Site Tools

You are here: Welcome to Redpeaks (Pro.Monitor) Wiki » products » Pro.Monitor » Redpeaks (Pro.Monitor) V6.8 » Pro.Monitor User guide » Administration » Alarm rules

Sidebar

Pro.Monitor V6.8


Release note

Install Guide

  1. Prerequisites
  2. Install JAVA
  3. Install Promonitor
    1. Install Pro.Monitor on Windows
    2. Install Pro.Monitor on Linux
  4. Install licenses
  5. Install drivers
  6. Create users
  7. Memory tuning

User Guide

Trouble shooting

Monitors Guide

products:promonitor:6.8:userguide:administration:alarmrules

Table of Contents

Alarm rules

Purpose

By default, all generated alarms are propagated to active plugins which in their turn, send them to the appropriate back end.
With the alarm rules, you can define how and when each alarm will be propagated through each plugin.

By example, you could do the following:

  • Send all SAP jobs alarms to Bob by email
  • Send internal alarms to Pro.Monitor admin by email
  • If non office hours, send system CRITICAL alerts by SMS
  • Decrease alert severity for non production systems
  • Discard non CRITICAL alerts from JAVA stacks of customer X
  • Send all alarms from customer A to ServiceNow plugin
  • Send all alarms from customer B to ScienceLogic SL1 plugin

Configuration

Activation

  • By default, alarm rules are not active
  • All generated alerts are propagated to all active plugins
  • Use the activation button to enable alarm rules processing.

Warning:

  • If alarm rules are enabled, but no rules are defined, no alerts will be propagated to any plugin.
  • You should at least define a rule that will take care of the default propagation of the alerts.

Rules definition

  • Created rules will be organized in a table in a predefined order.
  • Rules will be processed in the order displayed in the table
  • You can move a rule up or down
  • Press Add button to create a new rule.
  • Set a meaningful name and a description to define your rule

Stop on first match:

  • If enabled, the alarm won't be processed by the next rule if it matches current rule filters.
  • Useful if you want to restrict or prevent the propagation of some alerts

The configuration of the rule consists of setting following parameters:

  • Plugins: Where the alarm will be sent if matches all filters
  • Schedule: Define when the rule is active
  • Severities: What serverities to handle
  • Filter: What alarm parameters are expected
  • Action: What is going to be done with the alarm if all filter matches

Plugins

  • Select the list of plugins that will be used to propagate the alert if it matches current rule filters

Schedule

  • Define when the rule is active
  • You can define a time window within the day, some day of the week or a specific date
  • Dates field can remain empty
  • By example, you can use this option to send an alert by SMS to the support team during non office hours.

Severities

  • Define the alarm severities to match
  • Process only alarms with a matching severity
  • You can by example process only MAJOR and CRITICAL alarms

Filters

  • Filter will be applied on alarm parameters
  • Only the alarms that matches the filter will be processed by the Action
  • The filter will apply on one or several components:
    • Group: The group of the system for which the alarm is generated.
    • System SID
    • Stack type: ABAP/JAVA/SYBASE/HANA/BO
    • System tag: The tag associated to the group
    • Module: The module ID of the alarm
    • Alarm tag: The tag associated with the alarm
    • Alarm message: The message itself
    • Alarm count: The number of times the alarm has been triggered since first raised time. Reset to 1 when cleared.
    • Agent: The agent from which the alarm is coming from
  • The filter will compare the component value of the alarm with a value, by using following comparators:
    • Equals: Strictly equal to a given value (case insensitive)
    • Matches with: A way to check that value contains at least some part of text (see example below)
    • Different than: Is strictely different than a given value
  • The filter will evaluate the rules in the predefined order, using the selected operator
    • AND: All rule must be true
    • OR: At least one rule must be true

  • Matches with examples
Operation Filter value Comment
contains ABC Matches if value contains text 'ABC'
contains any ABC, DEF, GHI Matches if value contains at least one of the coma separated text
contains all ABC + DEF Matches if value contains all coma separated text
excludes !ABC Matches if value does not contain 'ABC'
excludes all !ABC, !DEF Matches if value does not contain any of the coma separated text
Regexp .*ABC.*DEF$ Matches if value contains ABC and ends with DEF

Actions

  • Defines how to process the alert if it matches all above filters, including schedules and severities:
    • Process: Simply propagate the alert to the selected plugins
    • Reject: Discard the alert (In that case, you probably want to enable Stop on first match
    • Send to: Send the alert to the specified recipient (Needs to be associated with email plugin)
    • Transform: Modifies the content of the alarm

Transform:

  • Allows to modify the alarm severity

Transform syntax:

  • severity+X : Increase the level of severity by X
  • severity-X : Decrease the level of severity by X
  • severity=X : Set the level of severity to X

Note: More transform capabilities to come.

/home/clients/8c48b436badcd3a0bdaaba8c59a54bf1/wiki-web/data/pages/products/promonitor/6.8/userguide/administration/alarmrules.txt · Last modified: 2020/05/07 16:42 (external edit)

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki