8.6. Manage Trap Alerts¶
8.6.1. Create Trap Alert¶
You can create a new alert for trap. Before you start creating a new alert, please keep following things in mind:
You’ll create an alert for a source type. All the traps of that source type will automatically fall into that alert.
Create only 1 alert for one source type with same rule.
If you want a different alert for specific traps with same rule (other than what you are creating for the source type), exclude them from the alert.
If you want to create an alert for specific traps with same rule (that you excluded while creating the source type), include them in the alert.
To create a Trap Alert, Click on New icon .
Trap Alert Name: Provide the name of the trap alert.
Alert Status: Select a status for the trap alert.
Enabled: The system will evaluate the alert for conditions and actions.
Disabled: The system will not evaluate the alert.
Filter: Source Type - The value will always be Traps only.
Trigger Rule: Select the condition when the rule is triggered.
Source Host: Based on the trap type you select (in filters section), the host is the list of information that Motadata fetches from the source.
Value/Count: Select the suitable option for the alert condition. When you select ‘Value’, system will evaluate the trap values that matches with the provided input. When you select ‘Count’, system will evaluation the counts of system with the provided input.
Equal: Select the operator for the value. By default, equal is selected as default operator.
Value: Type the value for evaluation. Filter will use this input to compare with system values.
You can add more than one rule. Click on button to add another rule. Also select the conjunction of the two rules.
Clear Rule: Select the conditions to clear the rule. The configuration is same as in ‘Trigger Rule’. Meeting the conditions in this segment will clear the alert.
Action
The group defines the type of action and when the alert is triggered.
Severity: Select a severity of the alert. Every severity has a color code. The color helps you visualize the severity on the trap tab in alert stream and index page of trap alerts page.
Action: Actions are the output generated by Motadata against an alert. You can use from existing actions or create a new action. (To read more, refer to Actions section).
Suppress Action: Turn on the suppress action if you want to suppress the alert for the specific period of time. When you turn on the ‘suppress action’, two options are visible to configure suppress time and time units.
Alert
Define the alert title and alert message parameters. This email will be sent to the concerned person when an alert is fired.
Title: Enter the subject of the email.
Message: Enter the body of the email.
List of placeholders
* $NEWLINE$: Starts the message into new line. This is for line break.
* $alert-id$: Shows the unique alert ID value.
* $alert-name$: Shows the name of the alert.
* $alert-severity-description$: Shows the severity of the alert.
* $alert-triggered-time$: Shows when the alert was triggered.
Note
Leave the alert fields blank to use the Motadata’s default email template.
8.6.2. Edit Alert¶
Click on the edit button from index page of trap alerts. The system will open the screen (similar to create an alert) with all fields occupied.
8.6.3. Delete Alert¶
Click on the delete button from the index page of trap alerts. The system will show a warning to confirm your action of deleting alert.