The list of rules available to you is dependent on your login and the access this allows at either a business partner or customer level.
From the main menu the alarm rules is accessed via Availability > Management > Alarm Rules.
From here the Edit Rule page may be accessed by
- the right click context menu for a given rule or
- double clicking a rule or
- clicking the Create Rule button at the bottom of the Alarm Rules page.
With the Rule Editor page open enter a rule name, callout group or list, the required workflow and toggle the stop processing on match option as required.
Alarm Rule Builder
The alarm rule builder enables you to create the list of conditions that need to be met for a rule to be considered as a match. The rule builder consists of two columns. The left hand column contain the expression or condition to be to be met. The right hand column contains the + - and ... (plus, minus and ellipses) icons. These are used to add or remove conditions, or group expressions.
Conditions may be grouped under headings of 'All' and 'Any'. These could be considered 'And' or 'Or' options. For example under the heading 'All', condition 1 AND condition 2 AND condition 3 must be true for the rule to match while if the heading is 'Any' then condition 1 OR condition 2 OR condition 3 will result in the rule matching. Combinations of these conditions may be created by clicking the ellipses to add a new group heading. Double clicking the group heading will then alternate it between Any and All.
For example the following rule will be considered matched if
- Should be Notified is True AND
- Severity is equal to 2
AND
- Alarm Name starts with Connectivity OR
- Administered ID equals Server001
Available Variables
Partner
A partner is the business partner managing the service delivered. In most instances there will only be one option available for selection.
Customer
A business partner will have multiple customers. This condition will be used to check which customer's equipment has generated the alarm so that a customer specific workflow can be activated if necessary. For example all severity 2 alarms may be treated the same for the majority of a business partners customers, however one or more customers may have specific requirements so this condition would be tested earlier in the set of rules than the generic severity 2 rule.
Location
The location is the named location of the installed appliance that generated the alarm. In highly distributed environment there may be more than one appliance installed but in a majority of cases there will be only a single location per customer. Locations are found under the main menu Service Desk > All Equipment Locations
Equipment
Equipment is the actual server or device that has generated an alarm. At a business partner level this will be a complete list of equipment for all customers so good naming of equipment is essential. At a customer level this will be list of only that customers administered equipment. This would be used to check the specific equipment that generated the alarm rather than a more generic location or vendor type of alarm.
Vendor
Vendor is the configured provider of a particular device being monitored. The vendor will most likely be used to identify the team that requires alerting. As an example an alarm from the vendor Avaya may be delivered to the telephony or UC team, while an alarm from NICE would be delivered to the call recording and work force management team.
Activated Time
The activated time is compared to administered calendars where the activated time could be inside or outside service hours or inside or outside of business and during or not during a holiday period.
Severity
When an alarm is raised it will contain a severity from 0 to 11 where 11 is the lowest severity and 1 is the highest severity. 0 is generally a reserved severity for use by Virsae. An alarms severity is set at a system level however individual alarms may have an override applied which enables an alarm severity and other information to be modified on a per customer basis. Default alarms are generally assigned a severity of either 2, 4 or 6 providing room for alarm overrides to be spread between these values and provide more granularity.
Alarm Name
The Alarm Name is set at a system level. This condition enables a particular alarm to be identified by name using a number of string operators as listed below. The condition takes a string which is then tested against the alarm name using 'starts with', 'contains', 'not ends with' or many other comparison operators. The string comparison is not case sensitive and does not support wildcard characters.
Administered ID
The administered ID contained in an alarm could be a slot location of a faulting circuit pack or a device number such as a station DN or VDN. The administered ID would be used to target alarms on specific devices while the same alarm for different devices could be treated differently.
Should be Notified
An alarm will contain a 'should be notified' flag. This condition tests if that flag has been set or not. The flag is set to false when an alarm is a repeat alarm for example and should not be notified depending on any alarm overrides which may be set. All alarm rules should contain a 'Should be Notified is equal True' condition unless there are exceptional circumstances. Failure to include this rule may cause your email or ticketing system to be flooded with alarms.
Is Out Of Contract Hours
Contracts are used to determine support hours. This condition may be used to determine if the alarm occurred in or outside of the contracted support hours a customer has with a business partner. The contract is administered under the Manage Customer page.
Note: The test is for OUT of hours. To get alarms that occur IN hours the condition should be 'Is Out Of Contract Hours equals False'.
Available Operators
The above variables delivered in an alarm are tested using the following operators. Not all operators are available for selection for every variable type. Depending on the variable selected, the operator drop down list will only display the appropriate operators for selection.
Equal
The Equal operator is a string comparison operator. It is/is not case sensitive and requires an exact match for the complete string to return true. It does/does not accept wildcard characters.
Not Equal
The Not Equal operator is a string comparison operator. It is/is not case sensitive and will return true UNLESS there is an exact match for the complete string. It does/does not accept wildcard characters.
Less than or equal
Less than or equal can be applied to either numeric values, date or time.
Greater than or equal
Greater than or equal can be applied to either numeric values, date or time.
Greater than
Greater than can be applied to either numeric values, date or time.
Less than
Less than can be applied to either numeric values, date or time.
Contains
Contains tests to determine if the string you have entered is contained anywhere in the variable you are checking. The string may be at the beginning, middle or end of the variable and will return true if it exists.
Not contains
Not Contains tests to determine if the string you have entered is contained anywhere in the variable you are checking. The string may be at the beginning, middle or end of the variable and will return false if it exists. It will return true if it does not exist in the variable being tested.
Start with
Start With tests to determine if the string you have entered is contained from the start of the variable you are checking. The string may be at the beginning only of the variable and will return true if it exists. It will return false if it does not exist in the variable being tested or matches somewhere other than the start of the variable. This would be a better option to use than 'contains' if the string being tested appears at different places in different alarms.
Not starts with
Not Starts With tests to determine if the string you have entered is contained at the beginning of the variable you are checking. The string may be at the beginning only of the variable and will return false if it exists. It will return true if it does not exist at the beginning of the variable being tested even if it occurs elsewhere in the variable.
Ends with
Ends With tests to determine if the string you have entered is contained from the start of the variable you are checking. The string may be at the beginning only of the variable and will return true if it exists. It will return false if it does not exist in the variable being tested or matches somewhere other than the start of the variable. This would be a better option to use than 'contains' if the string being tested appears at different places in different alarms.
Not ends with
Not Ends With tests to determine if the string you have entered is contained at the beginning of the variable you are checking. The string may be at the beginning only of the variable and will return false if it exists. It will return true if it does not exist at the beginning of the variable being tested even if it occurs elsewhere in the variable.
1 Comment
Simon Fitz-Gerald
'Should be Notified = True' should be included in all alarm rules except in situations where the consequences of all repeat alarms triggering a workflow is fully understood.