-
Notifications
You must be signed in to change notification settings - Fork 3
Assign Alerts
randomnote1 edited this page May 12, 2021
·
1 revision
The Assign SCOM Alerts rule executes a powershell script on a timed schedule (default is 60 seconds) which assigns alerts to owners specified in the assign.alert.config file.
The assign.alert.config file is comprised of Assignments and Exceptions.
Assignments specify what owner should be assigned to all alerts in a management pack.
- ID: A numerical ID for the assignment.
- Name: A logical group which is applied to the rules. This is used strictly for organizational purposes.
- Owner: The name of the owner to assign to the alert.
- enabled: Specifies if the rule is processed or not.
- ManagementPack: An element which describes a management pack
- Name: The name (not the display name) of the management pack.
Assign all alerts from the Microsoft.SQLServer.Windows.Monitoring management pack to the DBA Team.
<assignment ID="9" Name="SQL" Owner="DBA Team" enabled="true">
<ManagementPack Name="Microsoft.SQLServer.Core.Library" />
<ManagementPack Name="Microsoft.SQLServer.Core.Views" />
<ManagementPack Name="Microsoft.SQLServer.IS.Windows" />
<ManagementPack Name="Microsoft.SQLServer.IS.Windows.Views" />
<ManagementPack Name="Microsoft.SQLServer.Overrides" />
<ManagementPack Name="Microsoft.SQLServer.Visualization.Library" />
<ManagementPack Name="Microsoft.SQLServer.Windows.Discovery" />
<ManagementPack Name="Microsoft.SQLServer.Windows.Mirroring" />
<ManagementPack Name="Microsoft.SQLServer.Windows.Monitoring" />
<ManagementPack Name="Microsoft.SQLServer.Windows.Monitoring.Override" />
<ManagementPack Name="Microsoft.SQLServer.Windows.Views" />
</assignment>Do not assign all the alerts from the Microsoft.Windows.Server.2016 management pack to the Windows Team.
<assignment ID="10" Name="Windows" Owner="Windows Team" enabled="false">
<ManagementPack Name="Microsoft.Windows.Server.2016" />
</assignment>- ID: A numerical ID for the exception.
- Owner: The name of the owner to assign to the alert.
- Name: A logical group which is applied to the exceptions. This is used strictly for organizational purposes.
- enabled: Specifies if the exception is processed or not.
- Alert: An element which describes an alert
- Name: The display name of the alert.
- AlertProperty: The property of the alert to filter on. Default is an empty string.
- AlertPropertyMatches: A string to compare against the specified property. Supports regular expressions.
- Name: The name (not the display name) of the management pack.
Assign all the Health Service Heartbeat Failure alerts to the Windows Team.
<exception ID="1" Name="Server Offline" Owner="Windows Team" enabled="true">
<Alert Name="Health Service Heartbeat Failure" />
</exception>Assign the Percentage Logical Disk Free Space is low to the App Support team only when the monitoring object name matches D:, E:, or F:.
<exception ID="5" Name="ApplicationDrive" Owner="App Support" enabled="true">
<Alert Name="Logical Disk Free Space is low">
<AlertProperty>MonitoringObjectName</AlertProperty>
<AlertPropertyMatches>[DEF]:</AlertPropertyMatches>
</Alert>
</exception>