Alerts
Assigning Alerts to modules
Adding new alerts to a module
Editing a module’s alert
The next step after adding an agent, having configured its modules, and defined the alerts, is assigning those alerts to the agent. This step is needed to establish alert conditions in case we want to do so. This is done by clicking on the agent we wish to configure in the "Manage agents" option, from the Administration menu, or using the editing mode and selecting the “alerts” tab from the agent view.
The following fields must be completed in order to assign an alert:
Alert type: This can be selected from the previously generated alert list.
Max. Value: Defines the maximum value for a module. Any value above that threshold will trigger the alert.
Min. Value: Defines the minimum value for a module. Any value below that will trigger the alert. The ”max." & "min." couple are key values when defining an alert, since they define the range for normal values. Outside that range Pandora FMS will trigger the alert.
Alert text: In the case of string modules you can define a regular expression or a substring to match the contents of a data module in order to trigger the alert.
Time from / Time to: This defines a “valid” timespan to trigger alert.
Description: Describes the function of the alert, and it is useful to identify the alert among the others in the general view of alerts.
Field #1 (Alias, name): Defines the value used for the "_field1_" variable.
Field #2 (Single Line): Defines the value used for the "_field2_" variable.
Field #3 (Full Text): Defines the value used for the "_field3_" variable.
Time threshold: defines the timespan during which its guaranteed that an alert will not fire more times than the set Maximum number of alerts Once this timespan is surpassed, an alert is recovered if it reaches a correct value, except if the Alert Recovery value is enabled, in which case the alert will recover immediately after receiving a correct value, regardless of the threshold..
Min. number of alerts: Minimum number of alerts needed to start triggering an alert. Works as a necessary filter to remove false positives.
Max. number of alerts: Maximum number of alerts that can be sent consecutively during the same time period.
Assigned module: Module that needs to be monitored by the alert.
All the alerts of an agent can be seen using the «Alerts» tab. An example is shown here:
"I want to fire an alert when XXX goes down, yet I don’t wish to be bothered again during, at least, one hour. After this time has gone by, if it’s still down, another alert should go off and another hour should go by”.
You need to set:
- Time threshold 3600 (1 hour).
- Min. number of alerts = 1.
- Max. number of alerts = 1.