*HelpHelp for Alert Manager*AlertMgr*


The Alert Manager service is an extendable facility that allows receiving and processing of application-generated alerts. A variety of actions can be taken in response to alerts, including alert logging, pop-up user notification, forwarding the alert to another system, program execution, or an application-defined action. Features of this service include:

The Alert Manager's functions are activated from several links in the Alert Manager screen. These links are:

These same choices are available on a menu bar at the top of every Alert Manager screen.

Top of Page


Alert Log

The Alert Log shows the alerts that have been logged on this system. Alerts enter the alert log only through an explicit logging Action available as one of the Alert Actions.

The Alert Log screen consists of several sections:

The Alert Log shows the text of each alert as a link. Selecting this link takes you to the Alert Details for that alert. Each alert can be selected for potential deletion from the log with a check-box.

At the bottom of the Alert Log screen are buttons which allow the deletion of user-selected alerts, the deletion of all the alerts shown, or the deletion of all the alerts not shown, if applicable.

Top of Page


Histograms of Alert Log

The Histograms screen shows the alerts from the Alert Log in an easily digested summary. The alerts are collected and divided by the different classifications of interest.

The Histograms screen consists of several sections:

Each bar in the histogram shows how many of the selected alerts fall into the specified classification. The bars themselves are links; clicking on a bar will show you a special view of the Alert Log containing all the alerts which comprise that bar.

Top of Page


Monitor Alert Log

The Monitor Alert Log screen shows only those alerts which have been placed into the alert log since you entered the Monitor Alert Log screen. Upon entry, it starts with an empty screen. Any new alerts placed in the system's log will be put in the monitor when it is refreshed. Your browser may support automatic refreshing. If it does not, you may refresh the monitor with the Refresh link.

Pressing the Clear Monitor link returns the monitor to its original state.

Each alert entry in the monitor starts with the Severity, color coded with its Alert Type Class. The alert text itself is a link to the Alert Details of the alert. Note that, once you go to the alert details, there is no explicit path back to the monitor. It is recommended that, in order to retain the same Monitor Alert Log screen, you use your browser's Back feature to return to the monitor.

Top of Page


Alert Log Views

As the Alert Log grows in size, or as the user's system problems become specific or specialized, the ability to view only those alerts desired by the user becomes useful.

At the top of the Alert Log screen and the Histograms screen is a segment of the screen which allows viewing the Alert Log according to user-defined criteria. Using these controls, the user may view the Alert Log and Histograms by time and/or by profile.

To filter by profiles, select the desired Profiles in the profile selection box. If no profiles are selected, then no profile filtering will be performed, and all alerts will be used in the Alert Log or Histograms.

To filter by time, select the number of hours of past alerts you wish to see. If the number of hours is left blank, the Alert Log or Histograms will not be filtered by time.

Top of Page


Refresh Alert Log Entries

Select the Refresh Alert Log push button to update the alert log. Select the View Histograms push button to see the Histograms. Any alert log viewing that has been arranged through Alert Log Views will be used to limit the alerts appearing in the log or histograms.

Top of Page


Refresh Alert Log Histograms

Select the Refresh Histograms push button to update the histograms. Select the View Alert Log push button to see the Alert Log. Any alert log viewing that has been arranged through Alert Log Views will be used to limit the alerts appearing in the log or histograms.

Top of Page


Alert Details

Selecting a specific alert from the alert log displays detailed information about the alert in an Alert Details screen. The user may select multiple alerts for the purposes of multiple deletes or printing reports. The currently highlighted alert in the log will have its alert-specific information displayed at the top of the screen. Selected information includes:

Top of Page


Alert Text

Alert Text includes the name of the alert, as well as any textual commentary included by the application that generated the alert. If the alert was generated as a result of a security access attempt or was forwarded to the system from another system, the alert text will include the name of the network containing the remote system, the network address of the remote system, the name of the remote system and the user ID used by the remote system.

Top of Page


Type of Alert

This is the application-specified alert type. A displayed alert consists of an Alert Sender name followed by a Type of Alert.

The possible Alert Sender types are:

An Alert Sender may also be unspecified, in which case an Alert Sender value will not be displayed.

The possible alert types are:

An alert type may also be unspecified, in which case a Type of Alert value will not be displayed.

Top of Page


Severity

The alert Severity is a value from 0 to 7, with 0 being the most severe. For example, an Alert Severity of 0 might be assigned to a disk failure, while a value of 7 might represent a system coming on-line at the start of a day. Alert Severity is determined by the application that generates the alert. The Severity helps to determine the Actions that Alert Manager will then take, from advising a user of a disk drive that is nearly full to launching applications to deal with disk errors or ECC memory failure.

By default, alerts with Severity values from 0 to 5 will be logged in the Alert Log. Alerts with Severity values from 0 to 3 will also be displayed in a pop-up window.

Top of Page


Application ID

The Application ID is the name of the application that sent the specified alert to the log.

Top of Page


Time of Alert

The Time of Alert is the time of day when the alert was generated and logged.

Top of Page


Date of Alert

The Date of Alert is the calendar date on which the alert was generated.

Top of Page


System Unique ID

The System Unique ID is a random 16 character identification string that is assigned to a system when Netfinity is installed. This ID can be used to positively identify the system that generated the alert.

Top of Page


Application Alert Type

The Application Alert Type is a numeric value assigned to an individual alert by the application that generated it. The meaning of this value is specific to the application that generated the alert, as identified in the Application ID field. For more information on specific Application Alert Type values, refer to the individual application's documentation.

Top of Page


Alert Profiles

Alert Profiles are objects which help the user better manage the alerts received by the system. A profile describes a class, or set of classes, of alerts. Through them, the user may classify alerts by service or application, by responsible person, or simply by urgency. Profiles in the Alert Manager may be used to trigger Actions, to view the alert log, or to compose other profiles. Profiles give you the alert classification power of the action triggering mechanisms, but are, in fact, defined and usable apart from actions.

The Alert Profiles screen displays a list of all available profiles, and enables the user to select individual profiles for editing or deleting, or to create completely new profiles. From the Alert Profiles screen you can:

Viewing, editing, or creating a profile takes you to the Profile Editor.

Top of Page


Alert Actions

The Alert Actions screen displays a list of all available and configured Actions, and enables the user to select individual configured Actions for editing or deleting, or to create completely new Actions. From the Alert Actions screen you can:

Viewing, editing, or creating an Action takes you to the Action Editor.

Top of Page


Action Editor

The Action Editor enables the user to create and configure Actions that the Alert Manager will take in response to specific alerts. It uses a series of user-defined Active Profiles or Alert Conditions to determine which alerts will trigger a defined Action. When it receives an alert, the Alert Manager checks each of the alert's Alert Conditions to see if it meets the specifications for a defined Action. A defined Action is executed if either of the following is true:

  1. the alert matches a Profile to which the Action is bound
  2. the alert meets ALL alert conditions to which the Action is bound.

To configure an Action:
Set the Alert Conditions or Active Profiles. When defining an Action, you must first identify which alerts will cause the Alert Manager to execute the Action. There are two means to specify these alerts: Alert Conditions and Active Profiles.
To define the action by Alert Conditions:

  1. Ensure that Actions is selected in the header
  2. Select an action under Define a New Action
  3. Select an Alert Type
    If you wish to screen incoming alerts for specific Alert Types, select one or more alert types from the Type of Alert selection list. If you do not wish to look for specific alert types, select the Any radio button above the selection list.
  4. Select a Severity
    If you wish to look for incoming alerts for specific Severity values, select one or more Severity values from the selection list. If you do not wish to look for specific Severity values, select the Any radio button above the selection list.
  5. Select an Application ID
    If you wish to screen incoming alerts for specific Application ID's, you may choose one or more from the Application ID selection list. If an Application ID that you require is not available from the list, you may choose it by entering the ID on its own line in the Added entry box right of the selection list. If you do not wish to look for specific Application ID's, select the Any radio button above the slider box.
  6. Select an Application Alert Type
    If you wish to screen incoming alerts for specific Application Alert Types, you may choose one or more from the Application Alert Type selection list. If an Application Alert Type that you require is not available from the list, you may add it to the list by entering it on its own line in the Added entry box right of the selection list. If you do not wish to look for specific Application Alert Types, select the Any radio button above the selection list.
  7. Select a Sender ID
    If you wish to screen incoming alerts for specific Sender ID's, you may choose one or more from the Sender ID selection list. If a Sender ID that you require is not available from the list, you may add it to the list by entering it on its own line in the Added entry box right of the selection list. If you do not wish to look for specific Sender ID's, select the Any radio button above the selection list.
  8. Some Actions will require that you enter additional information in a Action Definition Parameter field. Enter additional information, if necessary.
    If additional information is required, the parameter will be displayed in the Action field as <P#>, where # is the number of the parameter. An Action Definition Parameter field will appear for each required parameter, along with a brief description of the information that is required. Enter the appropriate information in each field.
  9. Save the defined Action.
    Once all Alert Conditions and Action Definition information has been entered, select the Save Changes button to save the configured Action. This Action will now appear in the Available Actions section of the Alert Actions screen.

To define the action as an Alert Profile:

    1. Ensure that Actions is selected in the header
    2. Select an action under Define a New Action
    3. Select the link to Alert Profiles
    4. Enter a Action Name

      You must select a name for the action. This name will be used in the Alert Log Views and the Alert Actions to refer to this action.

    5. Select the Active Profiles
      Select the desired profiles in the Active Profiles selection box
    6. Once the Active Profiles and Action Definition information has been entered, select the Save Changes button to save the configured action. This action will now appear in the Defined Actions List on the managed machine.

Top of Page


Alert Conditions Group

The Alert Conditions Group consists of five individual alert conditions that are used by the Alert Manager to determine appropriate profile and action responses. For an alert to match a profile, the alert must meet all of the Alert Conditions for the particular profile, or it must match a profile included in the composition of the particular profile. For an alert to trigger an Action, the alert must meet all of the Alert Conditions for the Action, or it must match a profile which is bound to the Action. The five alert conditions are:

For more information on each of these individual alert conditions, see their specific topic.

Top of Page


Type of Alert

The Type of Alert is a brief description of the generated alert. It describes the nature of the alert (unknown, failure, error, warning, information), and can also contain a general description of the source of the alert (system, disk, network, operating system, application, device, or security).

When creating or editing an Action, you may decide what types of alerts will trigger the Action. You may select one or more of the types of alerts that are listed in the Type of Alert section of the Action Editor screen. An alert will only trigger the alert you are configuring if its alert type matches one of the alert types you have selected from the Type of Alert selection list. If the Any radio button above the Type of Alert section is selected, any alert type received by the Alert Manager will be considered a valid Alert Condition.

Top of Page


Severity

The Severity is a number from 0 through 7 that indicates how serious a generated alert is. A Severity of 0 represents a very serious alert, while a Severity of 7 is relatively minor.

When creating or editing an Action, you may assign a specific severity value or severity range that will trigger the Action. If the Any radio button above the Severity section is selected, any alert severity value received by the Alert Manager will be considered a valid Alert Condition.

Top of Page


Application ID

The Application ID is the alphanumeric identifier of the application that generated the alert. You may select one or more currently available Application ID's from the Application ID window. You may also enter a new Application ID by typing it on its own line in the Added entry box right of the Application ID selection box. If the Any radio button above the Application ID section is selected, any Application ID received by the Alert Manager will be considered a valid Alert Condition.

Top of Page


Application Alert Type

The Application Alert Type is a numeric value assigned to an individual alert by the application that generated it. This value is often used by the application itself. You may select one or more currently available Application Alert Types from the Application Alert Type section of the Action Editor screen. You may also enter a new Application Alert Type by typing it on its own line in the Added entry box right of the Application Alert Type selection box. If the Any radio button above the Application ID field is selected, any Application Alert Type received by the Alert Manager will be considered a valid Alert Condition. For more information on individual Application Alert Types, refer to the individual application's documentation.

Top of Page


Sender ID

The Sender ID is the network address of the system that generated the alert. You may select one or more currently available Sender ID's from the Sender ID section of the Action Editor screen. You may also enter a new Sender ID by typing it on its own line in the Added entry box right of the Sender ID section. If the Any radio button above the Sender ID section is selected, any Sender ID received by the Alert Manager will be considered a valid Alert Condition.

The entries in the Sender ID field show the name of the network containing the sending system, followed by '::', and followed by the network address of the sender. For example, an alert sent by a system named SYSTEMA that is communicating using the NetBIOS protocol would be shown as 'NETBIOS::SYSTEMA'.

Top of Page


Action Label

The Action Label text entry field allows you to give a name to an Action that is bound to profiles. This name will appear in the Available Actions section of the Action Editor screen. You are not required to name the Action.

Top of Page


Action Definition Group

The Action Definition Group contains the available Actions, as well as entry fields for any Action Definition Parameters that are required for a specific Action definition.

Top of Page


Actions

All available actions are displayed under Define a New Action. An Action is a program that carries out an action in response to an alert that meets the Alert Conditions. Some Actions require additional information to carry out their specified functions. If additional information is necessary, it will be identified as a parameter value (<P#>). Additional fields, called Action Definition Parameter will appear below the Action field, along with a brief description of the information required.

Note: For more information on the available Actions, see the Netfinity Manager User's Guide or consult your network administrator.

Top of Page


Action Definition Parameters

Action Definition Parameter fields appear when additional information must be supplied for an Action to carry out its functions. A brief description of the information required appears above the Action Definition Parameter field.

Top of Page


Profile Editor

The Profile Editor enables the user to define profiles that match classes of alerts received by the Alert Manager. A profile can be defined as a set of Alert Conditions or as a Profile Composition. This definition determines which alerts will match the profile and trigger any Actions or alert log viewing bound to that profile.

To configure a profile:
Set the Alert Conditions or Profile Composition
When defining a profile, you must first specify the Alert Conditions or Profile Composition that must be met for the Alert Manager to recognize an alert as matching this profile. As alerts are received, the Alert Manager checks each alert condition against the defined profiles. If ALL alert conditions are met, the profile matches the alert. If a composite profile includes a matching profile, it also matches the alert. Any Actions bound to the matching profile will be triggered by the alert.

To define the profile by Alert Conditions:

    1. Ensure that Profiles is selected in the header
    2. Select Define a New Profile
    3. Enter a Profile Name

      You must select a name for the profile. This name will be used in the Alert Log Views and the Alert Actions to refer to this profile.

    4. Select a Type of Alert
      If you wish to screen incoming alerts for specific Alert Types, select one or more alert types from the Type of Alert selection list. If you do not wish to look for specific alert types, select the Any radio button above the selection list.
    5. Select a Severity
      If you wish to look for incoming alerts for specific Severity values, select one or more Severity values from the selection list. If you do not wish to look for specific Severity values, select the Any radio button above the selection list.
    6. Select an Application ID
      If you wish to screen incoming alerts for specific Application ID's, you may choose one or more from the Application ID selection list. If an Application ID that you require is not available from the list, you may add it to the list by entering the Appication ID on its own line in the Added entry box right of the selection list. If you do not wish to look for specific Application ID's, select the Any radio button above the slider box.
    7. Select an Application Alert Type
      If you wish to screen incoming alerts for specific Application Alert Types, you may choose one or more from the Application Alert Type selection list. If an Application Alert Type that you require is not available from the list, you may add it to the list by entering it in on its own line in the Added entry box right of the selection list. If you do not wish to look for specific Application Alert Types, select the Any radio button above the selection list.
    8. Select a Sender ID
      If you wish to screen incoming alerts for specific Sender ID's, you may choose one or more from the Sender ID's selection list. If a Sender ID that you require is not available from the list, you may add it to the list by entering it on its own line in the Added entry box right of the selection list. If you do not wish to look for specific Sender ID's, select the Any radio button above the selection list.
    9. Once the Alert Conditions and Profile Definition information have been entered, select the Save Changes button to save the configured Profile. This Profile will now appear in the Alert Profiles List on the Alert Profiles screen.

To define the profile as a Profile Composition:

    1. Ensure that Profiles is selected in the header
    2. Select Define a New Profile
    3. Select the link to Profile Composition
    4. Enter a Profile Name

      You must select a name for the profile. This name will be used in the Alert Log Views and the Alert Actions to refer to this profile.

    5. Select the Profile Composition
      Select the desired profiles in the Profile Composition selection box
    6. Once all the Profile Composition and Profile Definition information has been entered, select the Save Changes button to save the configured Profile. This Profile will now appear in the Alert Profiles List on the Alert Profiles screen.

Top of Page


Active Profiles

The Active Profiles are chosen from a selection box filled with defined profiles. All those profiles selected in the Active Profiles selection box when the new or edited Action is saved will be used to trigger the Action.

Top of Page


Profile Composition

The Profile Composition is chosen from a selection box filled with defined profiles. All those profiles selected in the Profile Composition selection box when the new or edited profile is saved will be included in the profile.

Top of Page


Profile Definition

The Profile Definition allows you to set the name of the profile. You are required to give each profile a unique name.

Top of Page


Generate Alert

The Generate Alert activity allows you to generate an alert on the system you are connected to. To generate an alert, select the desired particulars of the alert from the selection boxes for the available fields:

If an entry you wish for Application ID or Application Alert Type does not appear in the selection list, place the entry in the entry field beside the selection list.

Enter the desired text for the alert into the Alert Text entry box. This field is required for all alerts.

You should note that the Received From field of the generated alert will appear as a path from the managing system to the system on which you are generating the alert. That is, it will appear as though the alert was generated on the managing system, and then routed to the managed system. However, it will not affect the managing system in any way, and its first explicit handling by Alert Manager will be on the managed system.

Top of Page


Clean Up Alert Actions

As alerts are received and processed by the Alert Manager, the entries in their Application ID, Application Alert Type, and Sender ID fields are saved so that they may be used in the definitions of profiles or actions. However, these entries are liable to age, and it is likely that undesired entries exist in these fields. The Cleanup Alert Conditions page enables the user to delete these entries from the stored lists.

Enter the Cleanup Alert Conditions page by selecting Clean Up on the header. Once in the Cleanup Alert Conditions page, select those entries you wish to delete from the respective lists. Pressing the Delete Selected button immediately deletes the selected items.
Note: The Local System Sender ID cannot be deleted.


Exiting

To exit the Alert Manager service, select the "Netfinity" image on the top or bottom of the Alert Manager service to return to the Netfinity services screen.

Top of Page