/
Customizing Alert Severities and Selective Alert Sending

Customizing Alert Severities and Selective Alert Sending

May 24, 2022

Available in version 9.6.4 and later

Verba alert priorities can be overridden by a provided severity. The alerts can be also turned off for specific alert targets or turned off entirely. For this, a rule XML file has to be created on the server(s).

Creating an Alert Rule XML

Step 1 - Create the alert_rules.xml file under the [APPLICATION_FOLDER]\settings\ folder, then open it for editing.

Step 2 - Paste in the following template for the XML file:

<?xml version="1.0" encoding="UTF-8"?> <alert_rules> <rule oid_filter="oid_regexp" severity="" disabled_targets=""/> </alert_rules>

Step 3 - Configure the rules the following way:

Property

Description

Property

Description

oid_filter

A regex filter that has to match the last three numbers of the alert OID. For example:

"\.115\.0\.1" matches to the alert OID 1.3.6.1.4.1.39067.115.0.1

"\.115\.0\.." or "\.115\.0\.\d" matches to alert OIDs 1.3.6.1.4.1.39067.115.0.1-9

"\.115\.0\.\d{2}" matches to alert OIDs 1.3.6.1.4.1.39067.115.0.10-99

severity

Sets the new severity for the alert(s). If not specified, the default severity of the alert(s) will be used. Possible values:

  • 0 - Disables the alert(s)

  • 1 - Fatal

  • 2 - Critical

  • 3 - Error

  • 4 - Warning

  • 5 - Notification

disabled_targets

Specifies to which alert targets should not the alert be sent. If not specified, the alert(s) will be sent to all targets. Possible values:

  • snmp - The alert(s) will not be sent to the SNMP target

  • db - The alert(s) will not be inserted into the Verba database, so they won't be available in the Alert Management menu

  • mail - The alert(s) will not be sent to the email target

  • eventlog - The alert(s) will not be inserted into the Windows Event Log

  • all - Disables the alert(s)

  • none - The alert(s) will be sent to all targets

Multiple values can be provided, separated by a comma.

Examples:

<rule oid_filter="\.115\.0\.1" severity="0"/> - Diables the alert 1.3.6.1.4.1.39067.115.0.1.

<rule oid_filter="\.115\.0\.1" severity="5"/> - Sets the severity to NOTIFICATION level for the alert 1.3.6.1.4.1.39067.115.0.1.

<rule oid_filter="\.115\.0\.1" disabled_targets="all"/> - Diables the alert 1.3.6.1.4.1.39067.115.0.1.

<rule oid_filter="\.115\.0\.1" disabled_targets="mail"/> - The alert 1.3.6.1.4.1.39067.115.0.1 will be sent to all targets, except to email.

<rule oid_filter="\.115\.0\.1" disabled_targets="mail,snmp"/> - The alert 1.3.6.1.4.1.39067.115.0.1 will be sent to all targets, except to email and SNMP.

<rule oid_filter="\.115\.0\.1" severity="5" disabled_targets="mail"/> - Sets the severity to NOTIFICATION level for the alert 1.3.6.1.4.1.39067.115.0.1, and it will not be sent to email.

Step 4 - Save the file, then restart the Verba System Monitor service.

Step 5 - Repeat the steps on each server where you want to change the default alert sending.