tdsnoc

Managing NAS AO list for multiple clients, purposes, delays, repetition, sources, schedules, etc

Discussion created by tdsnoc on Feb 21, 2012
Latest reply on Feb 22, 2012 by tdsnoc

In our current environment, we have a lot of different NAS auto operators for a lot of different purposes and clients. I'd really like to simplify this list for two reasons: 1) it's becoming unweildy, and 2) it's becoming more prone to mistakes. Here's a small example of the AOs currently in place:

 

Name | Criteria | Action

Client_A_Resources | CDM alarm (<= minor) | Email Client_A after 15min

Client_A_Resources | CDM alarm (<= minor) | Email Client_A every 1hr

Client_A_Resources 911 | CDM alarm (>= major) | Email Client_A after 5min

Client_A_Resources 911 | CDM alarm (>= major) | Email Client_A every 15min

Client_A_Network | interface_traffic/cisco_monitor (<= minor) | Email network_support after 15min

Client_A_Network | interface_traffic/cisco_monitor (<= minor) | Email network_support every 1hr

Client_A_Network 911 | interface_traffic/cisco_monitor (>= major) | Email network_support after 5min

Client_A_Network 911 | interface_traffic/cisco_monitor (>= major) | Email network_support every 15min

Client_A_Hardware | hub/snmptd (<= minor) | Email me after 15min

Client_A_Hardware | hub/snmptd (<= minor) | Email me every 1hr

Client_A_Hardware 911 | hub/snmptd (>= major) | Email me after 5min

Client_A_Hardware 911 | hub/snmptd (>= major) | Email me every 15min

Client_B_Resources | CDM alarm (<= minor) | ....

 

And so on. Right now there's about a dozen clients, some are more complex and some less. Examples of this include clients who care more about some systems than others, so I basically have additional sets of AOs saying "if source == xyz" and this does not include scheduling, which would again double the number of AOs (email after/every during business hours, email every/after outside of business hours).

 

Does anyone have any suggestions on how to reduce/simplify this list? I'm open to any suggestions, including use of LUA, triggers, multiple NAS instances, or anything else -- except for preprocessing which I need for alarm source fixing (cdm *only* sends IPs, and a couple other probes are inflexible) and suppression scripts for "maintenance mode" (maintenance mode doesn't stop external net_connect/interface_traffic/url_response/etc).

 

Thanks a lot in advance!

 

-Martin

Outcomes