SevOne logo
You must be logged into the NMS to search.

Table of Contents (Start)

Create and Edit Policies

This documentation applies to NMS version 5.4. An online version of the software can be found here.

The Policy Editor enables you to create and edit policies.

To access the Policy Editor from the navigation bar, click the Events menu, select Configuration, and then select Policy Browser to display the Policy Browser. On the Policy Browser, click New Policy at the top of the page or click a policy name in the list.

images/download/attachments/6523374/createandeditpolicies.png

The Policy Editor provides three tabs to enable you to define a policy.

When you finish the policy definition, click one of the following.

  • When you edit a policy, click Save to save the policy changes.

  • Click Save as New to create a copy of the policy.

Define Policy General Settings

The General Settings tab enables you to define the basic policy settings.

  1. Select the Enable check box to make the policy and all of its thresholds active. Disabled policies appear in light text on the Policy Browser.

  2. In the Name field, enter a unique name for the policy.

  3. Click the Schedule Edit link to display a pop-up that enables you define the times and/or dates for the policy to run. See the Schedule section below.

  4. Click the Email Edit link to display a pop-up that enables you to define email options. You can email the alerts that a policy generates to any valid email address. See the Email section below.

  5. Click the Trap Destinations Edit link to display a pop-up that enables you to select where to send traps from the policy.

    • Select the System Default check box to send traps to the trap destinations you designate as system defaults on the Trap Destination Associations page.

    • Select the Device Default check box to send traps to the trap destinations you define for the device on the Edit Device page.

    • Select the Policy Specific check box above the list of trap destinations and then select the check box for each specific destination to which the policy is to send traps.

  6. Select the Append Condition Message check box to append the custom messages you define for each condition to the trigger message you define on the Trigger Conditions tab and to the clear message you define on the Clear Conditions tab.

    • You define the Trigger Message for all trigger conditions on the Trigger Conditions tab. See the Trigger Condition section below.

    • You define the Clear Message for all clear conditions on the Clear Conditions tab. See the Clear Condition section below.

    • You define a Custom Message for each individual trigger condition and for each individual clear condition when you define each individual condition. See the Create and Edit Conditions section below.

  7. In the Description field, enter the description of the policy. This only appears when you define the policy.

  8. Click the drop-down at the top of the right column.

    • Select Device Group, then click the corresponding drop-down and select the device group/device type to trigger the policy.

    • Select Object Group, then click the corresponding drop-down and select the object group to trigger the policy.

  9. Click the Object Type drop-down and select an object type. You cannot edit the object type or object subtype after you save a policy.

  10. Select the Show Common Subtypes check box to display only the subtypes you mark as common on the Object Subtype Manager in the next step.

  11. Click the Subtype drop-down and select a subtype.

  12. Click the Severity drop-down and select the severity to display on the Alerts page when the policy triggers an alert.

Schedule

The alert engine runs every three minutes to retest all policies. The Schedule pop-up enables you to define specific time spans for when you want to enable or disable the alert engine to test the policy. If you do not define a schedule, the alert engine tests the policy every three minutes until you disable the policy.

images/download/attachments/6523374/scheduling.png

The Periodic tab enables you to define a regularly occurring time span to either enable or disable the policy.

  1. Select one of the following options.

    • Select Disable During This Time to disable the policy for the days and/or times you define on the Periodic tab.

    • Select Enable During This Time to enable the policy for the days and/or times you define on the Periodic tab.

  2. Select the check box next to each day for the policy to be enabled/disabled (dependent on the option you select in the previous step).

  3. In the Start Time fields, enter the start time.

  4. In the End Time fields, enter the end time.

  5. Click the Time Zone drop-down and select a time zone.

  6. Click Add to add the periodic schedule to the list of schedules.

  7. Repeat the steps on the Periodic tab to add additional schedules. Schedules are checked in the sequence in which they appear in the list and the first applicable schedule is applied to the policy. If no schedule is applicable, the policy is enabled by default.

The Schedule tab enables you to schedule a specific time span to either enable or disable the policy.

  1. Select one of the following options.

    • Select Disable During This Time to disable the policy for the time span you define on the Schedule tab.

    • Select Enable During This Time to enable the policy for the time span you define on the Schedule tab.

  2. Click in the Start Date field to display a calendar. Use the calendar to select the date to start the time span to enable/disable the policy (dependent on the option you select in the previous step).

  3. Enter the start time.

  4. Click in the End Date field to display a calendar. Use the calendar to select the date to end the time span to enable/disable the policy.

  5. Enter the end time.

  6. Click the Time Zone drop-down and select a time zone.

  7. Click Add to add the schedule to the list of schedules.

  8. Repeat the steps on the Schedule tab to add additional schedules to the list. Schedules are checked in the sequence in which they appear in the list and the first applicable schedule is applied to the policy. If no schedule is applicable, the policy is enabled by default.

  9. Click Close to save the schedule settings.

Email

The Email pop-up enables you to define who should receive emails when the policy triggers an alert. You can email policy alerts to valid email addresses and to the users and user roles you define in SevOne NMS. There is no limit to the number of email recipients.

Perform the following steps in the Addresses section.

  1. In the left Addresses field, enter the email address for a recipient.

  2. Move the address to the right Addresses field.

  3. Repeat the previous steps to add additional email addresses. Email addresses that appear in the right field receive an email when the policy triggers an alert.

Perform the following steps in the Users section.

  1. In the left Users field, select the user to receive alert emails (use the Ctrl or Shift keys to multi-select).

  2. Move the users you select to the right Users field. Users that appear in the right Users field receive an email when the policy triggers an alert.

Click the Roles drop-down and select the check box for each user role whose members are to receive an email when the policy triggers an alert.

Select one of the following options.

  • Select Just Once to only send one email when the policy triggers the first occurrence of an alert. All subsequent occurrences (until the alert is cleared) are not emailed. This prevents an email from being sent every three minutes when a device is down.

  • Select One Time Every, enter a number in the text field, then click the drop-down and select minutes, hours, or days to send multiple emails when the policy triggers alerts.

Click Close to save the email settings.

Trigger Conditions

The Trigger Conditions tab enables you to define the conditions to trigger the policy and to define the trigger message.

Should you choose to define a trigger condition, and then you choose to define a clear condition that is contradictory, the trigger condition takes precedence.

  • You define a trigger condition to trigger an alert when something is greater than 10.

  • You define a clear condition to clear the alert when the same thing is greater than 20.

If the thing is 25, the alert will trigger and the alert will not be cleared.

images/download/attachments/6523374/policy-trigger.png

The object type and subtype you select on the General Settings tab displays in the upper section on the tab.

  1. In the Trigger Message field, enter the message to display for the policy on the Alerts page. On the Alerts page, the trigger message appears as Threshold triggered - <trigger message you enter here>. The custom message for each trigger condition appends to this trigger message when you select the Append Condition Message check box on the General tab and you enter a custom message for each trigger condition. See the Create and Edit Conditions section below. You can enter variables such as $deviceName to display the name of the device that triggered the condition, $groupName, and $deviceIp.

  2. Click images/download/attachments/6523374/actionold.png in the Conditions section to manage the trigger conditions.

    • Select Create New to add a new condition to the policy. See the Create and Edit Conditions section below.

    • Select the check box for each condition to delete, then select Delete Selected to delete then click to delete the conditions you select.

    • Select the check box for each condition to add to a rule, then select Add to Rule <n> to add the conditions to a specific rule.

  3. Click images/download/attachments/6523374/editpencil.png in the Edit column to display the Edit Conditions pop-up. See the Create and Edit Conditions section below.

  4. Click images/download/attachments/6523374/actionold.png in the Rules section to manage the trigger condition rules.

    • Select Create New to add a new rule to the condition. Rule numbers are sequential. Each condition for a rule is treated as an AND Boolean operator. Add a new rule to create an OR Boolean operator. See the Boolean Operators section below.

    • Select the check box for each rule to delete, then select Delete Selected to delete the rules you select.

  5. Click images/download/attachments/6523374/delete.png in the Conditions column to remove a condition from a rule.

If you add a condition when no rule exists, the condition is assigned to Rule 1 using the AND Boolean operator.

Clear Conditions

The Clear Conditions tab enables you to define the conditions to clear the alert. If you do not define a clear condition, alerts triggered by the trigger condition display on the Alerts page until you manually acknowledge the alert. The object type and subtype you select on the General Settings tab displays in the upper section on the tab.

  1. In the Clear Message field, enter the message to display for the policy on the Alert Archives. On the Alert Archives the clear message appears as Threshold cleared - <clear message you enter here>. The custom message for each clear condition appends to this clear message when you select the Append Condition Message check box on the General tab and you enter a custom message for each condition. See the Create and Edit Conditions section below. You can enter variables such as $deviceName to display the name of the device that cleared the condition, $groupName, and $deviceIp.

  2. Click images/download/attachments/6523374/actionold.png in the Conditions section to manage the clear conditions.

    • Select Create New to add a new condition to the policy. See the Create and Edit Conditions section below.

    • Select the check box for each condition to delete, then select Delete Selected to delete the conditions you select.

    • Select the check box for each condition to add to a rule, then select Add to Rule <n> to add the conditions to a specific rule.

  3. Click images/download/attachments/6523374/editpencil.png in the Edit column to display the Edit Conditions pop-up. See the Create and Edit Conditions section below.

  4. Click images/download/attachments/6523374/actionold.png in the Rules section to manage the clear condition rules.

    • Select Create New to add a new rule to the condition. See the Boolean Operators section below.

    • Select the check box for each rule to delete, then select Delete Selected to delete the rules you select.

  5. Click images/download/attachments/6523374/delete.png in the Conditions column to remove a condition from a rule.

Create and Edit Conditions

The Edit Condition pop-up enables you to define the condition to either trigger the policy or to clear the policy. Conditions determine when to trigger an alert and when to clear an alert.

  • Static conditions compare the current value of an indicator with the value you define.

  • Baseline conditions compare the current value of an indicator with the indicator's baseline value. There are three types of baseline conditions.

images/download/attachments/6523374/policytrigger.png

  1. Click the Indicator drop-down and select the indicator on which to base the condition.

  2. Click the Type drop-down and select a condition type option.

    • Select Static to compare the actual current indicator value to the policy indicator value you define.

      1. Click the Comparison drop-down and select a comparison operator. Most comparison operators are self explanatory. Select Bad Polls to trigger or clear an alert when a poll attempt either receives nothing or receives invalid data. This creates a time stamp entry and an entry in the data column that represents an unsuccessful poll. This drives the SNMP Availability metric of how many unsuccessful poll attempts were made in a given cycle versus how many poll attempts were successful.

      2. In the Threshold text field, enter the value at which to trigger/clear the condition.

      3. Click the Threshold drop-down and select a threshold unit of measure.

        Examples:

        • Inbound traffic is greater than 50Mb/s

        • Idle CPU time is less than 10%

    • Select Baseline Delta to compare the actual current indicator value to the indicator's baseline value.

      1. In the Threshold text field, enter the value at which to trigger/clear the condition.

      2. Click the Threshold drop-down and select a threshold unit of measure. Percentage refers to absolute percentage points and is not to be interpreted as a percentage of the baseline value.

      3. Click the Comparison drop-down and select a comparison operator.

        Examples:

        • Inbound traffic is greater than 10Mb/s, relative to the baseline

        • Idle CPU time is less than 5%, relative to the baseline

    • Select Baseline Percentage to compare the ratio of the current indicator value to the indicator's baseline value.

      1. Click the Comparison drop-down and select a comparison operator.

      2. In the Threshold text field, enter the percentage value at which to trigger/clear the condition.

        Examples:

        • Inbound traffic is greater than 150% of the baseline

        • Idle CPU time is less than 60% of the baseline

    • Select Baseline Standard Deviation to compare the current indicator value to the indicator's expected regional value using standard deviations which is a measure that approximates the uncertainty of the value. Most data can be expected to be within 6 standard deviations of the baseline. A typical condition will test whether the data is above and/or below 2 or 3 standard deviations from the baseline value.

      1. Click the Standard Deviations drop-down and select the number of deviations. A smaller standard deviation means a tighter bracket on what is normal. The size of the standard deviation should represent the behavior of the data.

      2. Click the Direction drop-down and select Above, Below, or Above or Below the baseline. The most common use case is for Above or Below to have the condition test for deviations in both directions.

        Examples:

        • Inbound traffic is above/below 3 standard deviations of the baseline

        • Idle CPU time is below 2 standard deviations of the baseline

        Details:

        • If the baseline value is 100 and the standard deviation is 50, this does not model the expected actual value, since this appears to shift above and below the baseline value by a significant amount.

        • If the baseline value is 100 and the standard deviation is 10, this is a better representation of the normal value.

  3. The Duration field has two scenarios, a smoothing time duration or a detection time duration.

    • If you select Greater Than, Less Than, Equal To, Greater Than Equal To, Less Than Equal To, or Not Equal To in the Comparison field, enter the number of minutes for which the condition is to be met before the condition triggers/clears.

    • If you select Bad Polls, Changed, Changed From, or Changed To in the Comparison field, enter the number of minutes in which the condition must occur at least once before the condition triggers/clears. The Duration for these Comparisons must be equal to or greater than the poll frequency of the device or an alert will not trigger.

  4. Click the Aggregation drop-down and select a data aggregation method.

  5. In the Custom Message field, enter a custom message that is specific to the condition. The custom message appends to the trigger message or to the clear message when you select the Append Condition Message check box on the General tab. You can enter variables to display such things as device name, IP address etc. See the Custom Message Variables list below.

  6. Click Save to save the condition.

Custom Message Variables

You can use the following variables when you enter a custom message for a trigger condition or a clear condition.

  • $deviceName - The name of the device that triggered/cleared the condition.

  • $deviceIp - The IP address of the device that triggered/cleared the condition.

  • $pluginName - The short name for the plugin (ex: SNMP).

  • $pluginDescription - The description of the plugin (ex: SNMP Poller).

  • $objectName - The name of the object that triggered/cleared the condition.

  • $objectDescription - The description of the object that triggered/cleared the condition.

  • $indicatorName - The name of the indicator that triggered/cleared the condition.

  • $indicatorDescription - The description of the indicator that triggered/cleared the condition.

  • $comparisonOperation - The comparison operation the condition performs.

  • $comparisonUnits - The unit of measure the condition uses.

  • $comparisonValue - The comparison value the condition uses.

  • $dataValue - The value the condition observes/measures.

  • $dataUnits - The unit of measure the indicator records for the condition.

  • $aggregationOperation - The aggregation the condition uses.

  • $aggregationDuration - The duration of the aggregation the condition uses.

  • $baselineValue - The baseline value for the hour.

Boolean AND Operator

images/download/attachments/6523374/actionold.png enable you to create new conditions, create new rules, and to manage the conditions to rules assignments.

To combine several conditions as a Boolean AND operator, add all of the applicable conditions to a single rule so that the Trigger/Clear Condition tab displays the conditions as "Rule 1 | Conditions A AND B AND C" etc.

images/download/attachments/6523374/conditionand.png

Boolean OR Operator

To combine several conditions as a Boolean OR operator, create two or more rules and add applicable conditions to the applicable rules so that the Trigger/Clear Condition tab displays the conditions for the first rule OR the conditions for the second rule, OR conditions for the third rule, etc.

images/download/attachments/6523374/conditionor.png