Customizing Alert Severities and Selective Alert Sending

Owned by Kiss, Mate
May 24, 2022

AVAILABLE IN VERSION 9.6.4 AND LATER

Verba alert priorities can be overridden by a provided severity. The alerts can be also turned off for specific alert targets or turned off entirely. For this, a rule XML file has to be created on the server(s).

Creating an Alert Rule XML

Step 1 - Create the alert_rules.xml file under the [APPLICATION_FOLDER]\settings\ folder, then open it for editing.

Step 2 - Paste in the following template for the XML file:

<?xml version="1.0" encoding="UTF-8"?>
<alert_rules>
	<rule oid_filter="oid_regexp" severity="" disabled_targets=""/>
</alert_rules>

Step 3 - Configure the rules the following way:

PropertyDescription
oid_filter

A regex filter that has to match the last three numbers of the alert OID. For example:

"\.115\.0\.1" matches to the alert OID 1.3.6.1.4.1.39067.115.0.1

"\.115\.0\.." or "\.115\.0\.\d" matches to alert OIDs 1.3.6.1.4.1.39067.115.0.1-9

"\.115\.0\.\d{2}" matches to alert OIDs 1.3.6.1.4.1.39067.115.0.10-99

severity

Sets the new severity for the alert(s). If not specified, the default severity of the alert(s) will be used. Possible values:

  • 0 - Disables the alert(s)
  • 1 - Fatal
  • 2 - Critical
  • 3 - Error
  • 4 - Warning
  • 5 - Notification

disabled_targets

Specifies to which alert targets should not the alert be sent. If not specified, the alert(s) will be sent to all targets. Possible values:

  • snmp - The alert(s) will not be sent to the SNMP target
  • db - The alert(s) will not be inserted into the Verba database, so they won't be available in the Alert Management menu
  • mail - The alert(s) will not be sent to the email target
  • eventlog - The alert(s) will not be inserted into the Windows Event Log
  • all - Disables the alert(s)
  • none - The alert(s) will be sent to all targets

Multiple values can be provided, separated by a comma.

Examples:

<rule oid_filter="\.115\.0\.1" severity="0"/> - Diables the alert 1.3.6.1.4.1.39067.115.0.1.

<rule oid_filter="\.115\.0\.1" severity="5"/> - Sets the severity to NOTIFICATION level for the alert 1.3.6.1.4.1.39067.115.0.1.

<rule oid_filter="\.115\.0\.1" disabled_targets="all"/> - Diables the alert 1.3.6.1.4.1.39067.115.0.1.

<rule oid_filter="\.115\.0\.1" disabled_targets="mail"/> - The alert 1.3.6.1.4.1.39067.115.0.1 will be sent to all targets, except to email.

<rule oid_filter="\.115\.0\.1" disabled_targets="mail,snmp"/> - The alert 1.3.6.1.4.1.39067.115.0.1 will be sent to all targets, except to email and SNMP.

<rule oid_filter="\.115\.0\.1" severity="5" disabled_targets="mail"/> - Sets the severity to NOTIFICATION level for the alert 1.3.6.1.4.1.39067.115.0.1, and it will not be sent to email.

Step 4 - Save the file, then restart the Verba System Monitor service.

Step 5 - Repeat the steps on each server where you want to change the default alert sending.