Welcome to Questions - Ask OpenNMS, where you can ask questions and receive answers from other members of the community.

Options on how to exclude a node from notifications and alarms

0 votes
5 views

I am looking for recommendations on the best / most efficient method to exclude a specific item (not a node) from notifications and alarms triggered from events that include specific text strings in the log message.

The event syslogmessage "Message:" may include the name or IP Address of a server or pool that I on which I do not want to get a notice or alarm.  There will be multiple text strings to consider (if the message contains 192.168.244.4, 192.168.244.5, etc. or if the message contains "doodle", "mail", "Ted", etc.) do not trigger a notification or alarm.  Of course, if any of the identified text strings are not in the message the notification and alarm should be sent. 

On the following message I would like to be able to exclude it based on the IP address, the text "mail", or the text "green --> gray".

Message: alert gtmd[14489]: 011a4003:1: SNMP_TRAP: Pool /Common/mail.domain.com member /Common/mail.domain.com_vs (ip:port=192.168.244.4:0) state change green --> gray (Not Authorized)

The desire would be for this to effect any UEI.   uei.opennms.org/vendor/F5/traps/bigipLogAlert, uei.opennms.org/syslogd/local0/Error, uei.opennms.org/syslogd/local1/Error, uei.opennms.org/syslogd/local6/Error, uei.opennms.org/syslogd/mail/Error, etc.

The two solutions I can think of include:

1) edit notifications for each uei to consider and put in the text to include

2) create a reduction event and use part of the text to identify the node and then limit the nodes to consider.

Both of these ideas seem like they will be a maintenance headache.

Thank you for the suggestions.

OpenNMS version
20.0.1
Java version
1.8.0_45 Oracle Corporation
Operating system
Ubuntu
PostgreSQL version
9.5
asked Aug 9 by ebfisher3 (210 points)
edited 2 days ago by ebfisher3

Please log in or register to answer this question.

...