Alert centraladminguide

730 views

Published on

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
730
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
6
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Alert centraladminguide

  1. 1. ALERT CENTRAL SolarWinds Alert Central Administrator Guide
  2. 2. Copyright © 1995-2013 SolarWinds Worldwide, LLC. All rights reserved worldwide. No part of this document may be reproduced by any means nor modified, decompiled, disassembled, published or distributed, in whole or in part, or translated to any electronic medium or other means without the written consent of SolarWinds. All right, title, and interest in and to the software and documentation are and shall remain the exclusive property of SolarWinds and its respective licensors. SOLARWINDS DISCLAIMS ALL WARRANTIES, CONDITIONS OR OTHER TERMS, EXPRESS OR IMPLIED, STATUTORY OR OTHERWISE, ON SOFTWARE AND DOCUMENTATION FURNISHED HEREUNDER INCLUDING WITHOUT LIMITATION THE WARRANTIES OF DESIGN, MERCHANTABILITY, OR FITNESS FOR A PARTICULAR PURPOSE, AND NONINFRINGEMENT. IN NO EVENT SHALL SOLARWINDS, ITS SUPPLIERS, NOR ITS LICENSORS BE LIABLE FOR ANY DAMAGES, WHETHER ARISING IN TORT, CONTRACT, OR ANY OTHER LEGAL THEORY EVEN IF SOLARWINDS HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. The SolarWinds, the SolarWinds & Design, ipMonitor, LANsurveyor, Orion, and other SolarWinds marks, identified on the SolarWinds website, as updated from SolarWinds from time to time and incorporated herein, are registered with the U.S. Patent and Trademark Office and may be registered or pending registration in other countries. All other SolarWinds trademarks may be common law marks or registered or pending registration in the United States or in other countries. All other trademarks or registered trademarks contained and/or mentioned herein are used for identification purposes only and may be trademarks or registered trademarks of their respective companies. Microsoft®, Windows®, and SQL Server® are registered trademarks of Microsoft Corporation in the United States and/or other countries. Revised 2/27/13
  3. 3.  iii About SolarWinds SolarWinds, Inc develops and markets an array of network management, monitoring, and discovery tools to meet the diverse requirements of today’s network management and consulting professionals. SolarWinds products continue to set benchmarks for quality and performance and have positioned the company as the leader in network management and discovery technology. The SolarWinds customer base includes over 45 percent of the Fortune 500 and customers from over 90 countries. Our global business partner distributor network exceeds 100 distributors and resellers. Contacting SolarWinds You can contact SolarWinds in a number of ways, including the following: Team Contact Information Sales 1.866.530.8100 www.solarwinds.com Technical Support www.solarwinds.com/support User Forums www.thwack.com Conventions The documentation uses consistent conventions to help you identify items throughout the printed and online library. Convention Specifying Bold Window items, including buttons and fields. Italics Book and CD titles, variable names, new terms Fixed font File and directory names, commands and code examples, text typed by you Straight brackets, as in [value] Optional command parameters Curly braces, as in {value} Required command parameters Logical OR, as in value1|value2 Exclusive command parameters where only one of the options can be specified
  4. 4. iv  SolarWinds Alert Central Documentation Library The following documents are included in the SolarWinds Alert Central documentation library: Document Purpose SolarWinds Alert Central Quick Start Guide Provides initial setup and configuration information SolarWinds Alert Central Administrator Guide Provides detailed setup, configuration, and conceptual information Page Help Provides searchable help for the Alert Central user interface Release Notes Provides late-breaking information, known issues, and updates. The latest Release Notes can be found at www.solarwinds.com.
  5. 5.  v Contents About SolarWinds........................................................................................iii Contacting SolarWinds.................................................................................iii Conventions.................................................................................................iii SolarWinds Alert Central Documentation Library......................................... iv Chapter 1 About SolarWinds Alert Central................................................................1 How Alert Central Works..............................................................................1 Chapter 2 Before You Begin.......................................................................................3 Requirements..............................................................................................3 Setup Process Overview..............................................................................4 Chapter 3 Deploying the Alert Central Virtual Machine ............................................7 Deploying Alert Central Using vSphere ........................................................7 Deploying Alert Central Using Microsoft Hyper-V........................................10 Chapter 4 Managing the Alert Central Virtual Machine...........................................15 Logging in to the Alert Central Virtual Machine...........................................15 Setting the Time Zone................................................................................16 Configuring the Network Settings...............................................................16 Configuring Proxy Settings ....................................................................18 Rebooting the Virtual Machine ...................................................................19 Managing Alert Central ..............................................................................19 Chapter 5 Setting Up the Alert Central Application.................................................21 Logging in to the Alert Central Application..................................................21 Setting Up an Alert Central Integration Email Account................................23
  6. 6. vi  Contents Configuring the Alert Central Email Account in Alert Central.......................24 Chapter 6 Adding Groups and Users.......................................................................29 Permissions for Importing Active Directory Users and Groups ....................29 Adding Users and Groups from Active Directory.........................................30 Creating and Editing Groups ......................................................................34 Manually Creating Groups .....................................................................34 Editing Groups.......................................................................................36 Deleting Groups.....................................................................................38 Importing User Accounts from Active Directory...........................................38 Creating and Editing User Accounts...........................................................41 Manually Creating User Accounts ..........................................................41 Editing User Accounts............................................................................44 Syncing User Accounts with Active Directory..........................................45 Deleting User Accounts..........................................................................47 Chapter 7 Adding and Configuring Orion and Email Alert Sources .......................49 Working with Orion Alert Sources...............................................................49 Entering Orion Alert Sources..................................................................50 Editing Orion Alert Sources....................................................................52 Configuring Email Alert Source Route to Group Matching Rules.............55 Testing Orion Alert Source Rules...........................................................58 Working with Email Alert Sources...............................................................59 Entering Email Alert Sources .................................................................59 Editing Email Alert Sources....................................................................62 Defining Capture Summary....................................................................64 Defining Capture Object.........................................................................65 Defining Capture Severity ......................................................................65 Testing Email Alert Source Rules...........................................................66 Chapter 8 Working with Alerts .................................................................................69 Alert Types.................................................................................................70 Viewing Alert Notes & History ................................................................72 Viewing the Original Orion or Email Alert................................................73 Rerouting Alerts from the Original Source ..............................................73
  7. 7. Contents  vii Filtering and Grouping Alerts......................................................................74 Filtering Alerts by Time and Ownership..................................................74 Grouping Alerts by Properties................................................................76 Sorting Alerts by Properties ...................................................................79 Manually Adding New Alerts ......................................................................79 Sending an Alert to a Pager or SMS...........................................................81 Searching Alerts ........................................................................................81 Acknowledging Alerts.................................................................................82 Reassigning Alerts.....................................................................................83 Adding Notes to Alerts ...............................................................................84 Chapter 11 Working with On Call Now and Calendars..............................................87 Who’s On Call Now?..................................................................................87 Viewing Today’s On Call Calendars.......................................................87 Viewing Users On Call Now...................................................................89 Viewing Group Escalation Policies.........................................................89 Chapter 12 Administering the Alert Central Application...........................................91 Editing Email Server Settings.....................................................................91 Configuring Global Password Settings .......................................................91 Setting Data Retention Policies..................................................................92 Appendix A Orion Alert Properties..............................................................................93 Core ..........................................................................................................93 Appendix B Adding Alert Central to the Orion Menu Bar......................................... 105
  8. 8. viii  Contents
  9. 9.  1 Chapter 1 About SolarWinds Alert Central SolarWinds Alert Central (Alert Central) provides a centralized, automated solution for on-call alert management. The Alert Central solution replaces the on call spreadsheets used to maintain call schedules. The product also allows you to manage and maintain on-call personnel’s contact details and availability information. Alert Central gathers alerts from monitoring and management systems, including: • Any system that generates email alerts, including SolarWinds systems. • The workflow – receives email, turns it into an alert, and notifies groups and users. Because Alert Central automates and centralizes contact details, call schedules, and escalations, it can help you: • Ensure alerts reach the right people at the right time. • Track alerts and know their statuses, rather than losing them. • Stop urgent alerts going to personnel who are out of the office or no longer at the company • Alleviate mislabeled alerts. • Improve your return on investment on the Orion product suite or other management and monitoring tools affected by alert handling costs. • Avoid hard-to-handle alert/notification scripts degrading system quality and resources. • Prevent alerts from multiple sources on the same issue. • Avoid overloading IT with incident calls before alerts reach targets. These capabilities, along with a customizable Web Console and alerting and reporting tools, make Alert Central the choice for on-call management. How Alert Central Works
  10. 10. Administrator Guide  SolarWinds Alert Central 2 About SolarWinds Alert Central • Alert submission (from other systems) and user interaction via e-mail • Alert submission from a third party via email • Direct submission from SolarWinds Orion suite • Group-centric management (conceptually based on user feedback) • On call calendar management via one or more calendars per group (Primary, Secondary person on call for that group for that time period) • Escalation policies (notify primary, secondary, then individual) • Active Directory Authentication and User Integration (authentication and creation/manual maintenance of groups) • User-specifiable contact preferences (multiple e-mail addresses in priority order) • Ability to acknowledge, reassign, add note, resolve, close alerts via web interface and short (SMS-friendly) or long (smartphone, PC) e-mail • UI provides: dashboard with visibility into the status and history of alerts for user and admin; overview of who is on call; views of on call calendars; configuration
  11. 11.  3 Chapter 2 Before You Begin Alert Central is a two-part deployment and installation setup process. A complete Alert Central set up process comprises the following: • Deploying the virtual machine and the SolarWinds Alert Central.ova file on the virtual machine. The Alert Central virtual machine collects and processes log and event information • Installing the Alert Central application. The Alert Central application allows you to view alert and scheduling information from an Internet browser on your desktop or laptop. Before beginning the setup process, you will receive an e-mail from SolarWinds with links to these components. Requirements Before beginning Alert Central setup, make sure your hardware and software meet these minimum requirements. The following table provides the minimum deployment requirements for the SolarWinds Alert Central virtual machine: Software/Hardware Requirements Virtualization Platform VMware ESX/ESXi 4.0+ Microsoft Hyper-V 2008 R2 or later Windows 8 Data Center with Hyper-V Browser Firefox 15 or later, Google Chrome, IE 9 For best performance, SolarWinds recommends using Chrome. CPU Speed 2 cores with 512Mhz reservation Memory 2 GB Hard Drive Space 120 GB Port 443
  12. 12. Administrator Guide  S olarWinds Alert Central 4  Before You Begin Note: Alert Central Hyper-V does not work with Windows Version 2008 R2 6.1.7600.16385 or older. However, Alert Central Hyper-V does work with Windows Version 2008 R2 6.1.7601.17514 and later. The following table provides the minimum installation requirements for the SolarWinds Alert Central application software: Software/Hardware Requirements Operating System Any OS that can run the browsers noted in the Browser Requirements below Browser Firefox 15 or later, Google Chrome, IE 9 For best performance, SolarWinds recommends using Chrome. CPU Speed 1 GHz Pentium III or equivalent Memory 1 GB Hard Drive Space Whatever is required to run the browsers noted above Setup Process Overview The Alert Central Setup process comprises the following general steps: 1. Deploying the Alert Central application on a vSphere virtual machine OR Hyper-V virtual machine. 2. Managing the virtual machine. a. Set the time zone on the virtual machine. b. Configure network settings on the virtual machine. c. Reboot virtual machine. d. Start up Alert Central from virtual machine. 3. Setting up the Alert Central application. a. Create an Alert Central integration email account on corporate server. Alert Central looks for alerts here. b. Configure the new email account in Alert Central. c. Test the Alert Central email configuration in Alert Central. 4. Adding groups and users in one or more of the following ways:
  13. 13. SolarWinds Alert Central  Admin Before You Begin  5 a. Import existing Windows Active Directory. This is the quickest method for setting up groups and users. b. Import existing Windows Active Directory individual accounts and manually create groups. Use this method for when you need to pull in existing users from Active Directory, but to set them up new groups. c. Manually create users and groups. Use this method to create new users and groups. 5. Setting up and adding alert sources. a. Add alert sources from SolarWinds Orion products. b. Add email alert sources from non-Orion applications. Note: If you plan to integrate Alert Central with Orion, ensure your Orion server is running Orion NPM 10.4. This way, Alert Central can automatically integrate Orion alerts. The following flow chart shows what the Alert Central setup process looks like.
  14. 14.  7 Chapter 3 Deploying the Alert Central Virtual Machine This section explains how to deploy the Alert Central virtual machine and install the web browser application. The downloaded executable contains either a VMWare vSphere or Microsoft Hyper-V virtual machine image. Use either one for your Alert Central virtual machine. Each .exe file contains the following items: • Alert Central.zip file, which contains the Alert Central Application • SolarWinds Alert Central Release Notes • SolarWinds Alert Central Quick Start Guide • SolarWinds Alert Central Administrator Guide Deploying Alert Central Using vSphere Deploy Alert Central on a virtual machine using VMware vSphere version 4 or higher. To install Alert Central on the vSphere client: 1. Start the VMware vSphere Client and log on. Note: Logging on with VMware administrator privileges is helpful, but not required. 2. Click File > Deploy OVF Template.
  15. 15. Administrator Guide  S olarWinds Alert Central 8  Deploying the Virtual Machine 3. Click Browse to select the Alert Central vSphere.ova file on your desktop, and then click Next. 4. Complete the setup wizard. 5. Select Thin provision or Thick provision disk format, and then click Next. 6. Click Close after the Alert Central vSphere.ova deployment completes successfully.
  16. 16. SolarWinds Alert Central  Admin Deploying the Alert Central Virtual Machine 9 7. Select the SolarWinds Alert Central virtual machine and then click Play. 8. Click the Console tab. This screen is like a virtual monitor. 9. To manage the appliance running the virtual machine, launch a web browser and navigate to the appliance URL shown in the Console tab. The virtual appliance machine's login dialog appears. 10. To login to the Alert Central virtual machine for the first time, use the default login, admin. The default password is also admin.
  17. 17. Administrator Guide  S olarWinds Alert Central 10  Deploying the Virtual Machine Deploying Alert Central Using Microsoft Hyper-V This section describes how to install Alert Central using Microsoft Hyper-V 2008 R2 and later. To install Alert Central using Hyper-V: 1. Extract the contents of the Hyper-V .zip file to a permanent location. Note: After importing the virtual machine, you cannot change the extracted files' location. 2. Launch the Hyper-V Manager. 3. Connect to the appropriate Hyper-V server. 4. Click Action > Import Virtual Machine… 5. Click Browse to select the extracted .zip file’s folder. By default, the folder name is Alert-Central-HyperV-version. 6. Under Settings, select Copy the virtual machine (create a new unique ID). 7. Click Import. 8. Right-click the newly copied virtual machine and select Settings.
  18. 18. SolarWinds Alert Central  Admin Deploying the Alert Central Virtual Machine 11 9. Select the appropriate network adapter from the Settings for Alert Central Add Hardware pane and then click Add.
  19. 19. Administrator Guide  S olarWinds Alert Central 12  Deploying the Virtual Machine 10. Specify the network settings the virtual machine should use and then click OK. 11. Right-click the virtual machine in the inventory, and then click Action > Connect.
  20. 20. SolarWinds Alert Central  Admin Deploying the Alert Central Virtual Machine 13 12. In the virtual console window, click Action > Start and wait for the virtual machine to start. 13. To start the Alert Central application, launch a web browser and navigate to the Alert Central application URL shown in the Console tab.
  21. 21. Managing the Alert Central Virtual Machine  15 Chapter 4 Managing the Alert Central Virtual Machine The virtual machine is configured to use default settings, including time zone, IP configuration, and hostname. You must change these settings for the virtual machine to work in your network environment. Complete configuration takes approximately 10 minutes. After you have logged in to the Alert Central virtual machine, perform each procedure in the following order to ensure correct virtual machine configuration: • Setting the Time Zone • Configuring the Network Settings • Rebooting the Virtual Machine • Managing Alert Central Logging in to the Alert Central Virtual Machine To log in to the Alert Central virtual machine: 1. Launch a web browser and navigate to the appliance URL shown in the Console tab. 2. To login to the Alert Central virtual machine for the first time, use the default login, admin. The default password is also admin.
  22. 22. SolarWinds Alert Central  Administrator Guide 16  Managing the Alert Central Virtual Machine The Alert Central virtual machine opens to the System tab, displaying basic system information. Setting the Time Zone To set the time zone for the virtual machine: 1. Click Time Zone on the System tab. 2. Select the correct time zone from the System Time Zone drop-down menu. 3. Click Save Settings. The message Time Zone setting saved and the new time zone setting display. Configuring the Network Settings To configure the network settings for the virtual machine: 1. Select the Network tab. The tab opens to the Network Status.
  23. 23. Administrator Guide  S olarW Managing the Alert Central Virtual Machine  17 You can set network address or proxy settings. See the following step for configuring network address settings or see Configuring Proxy Settings. 2. To set network address settings, click Address. The Network Address Settings configuration page appears. 12. To set network address settings, select an IPv4 Address Type: • DHCP – If you select this option, make sure the DHCP server or manual network settings sets a DNS server that can do host name resolution for Orion and email servers configured by host name instead of IP address. • Static – If you select this option, enter the following information:
  24. 24. SolarWinds Alert Central  Administrator Guide 18  Managing the Alert Central Virtual Machine o Hostname –Enter the desired hostname. Hostname labels may contain only the ASCII letters a through z (in a case-insensitive manner), the digits 0 through 9, and the hyphen (-). Hostnames cannot start with a digit or a hyphen, and must not end with a hyphen. No other symbols, punctuation characters, or white spaces are permitted. o IPv4 Default Gateway o IPv6 Default Gateway o Preferred DNS Server • None 4. Select an IPv6 Address Type: • Auto • Static – If you select this option, enter the following information: o IPv6 Address o Prefix 5. Click Save Settings. Configuring Proxy Settings To configure proxy settings: 1. Click Proxy on the Network Address tab. 2. Click Use a Proxy Server. 3 Enter the following information: • HTTP Proxy Server • Proxy Port • Proxy Username (Optional) • Proxy Password (Optional) 4. Click Save Settings.
  25. 25. Administrator Guide  S olarW Managing the Alert Central Virtual Machine  19 Rebooting the Virtual Machine Reboot the appliance to re-initialize all services with the new settings. To reboot the appliance: 1. Navigate to the System tab. 2. Click Reboot. 3. In the reboot confirmation dialog, click Reboot. Managing Alert Central The SolarWinds Mgmt tab opens to the SolarWinds Alert Central Status.
  26. 26. SolarWinds Alert Central  Administrator Guide 20  Managing the Alert Central Virtual Machine From this tab, you can: • Change your password. To avoid authentication errors when setting a new password on a VMware vSphere ESX and ESXi 4.x virtual machines, make sure you meet VMWare's specific password requirements. Refer to VMWare’s knowledgebase article, ESX and ESXi 4.x and 5.x password requirements and restrictions for password requirements details and instructions on how to change your password. • Refresh your view. • View virtual machine and application status, , version, time zone, Network Time Protocol (NTP), and product support key status. You need your product support key to receive SolarWinds Alert Central product support. • Restart the SolarWinds Alert Central application service. • Restart the system’s time synchronization NTP time synchronization daemon. • Bundle logs to send to SolarWinds Alert Central product support.
  27. 27.  21 Chapter 5 Setting Up the Alert Central Application The Alert Central application setup process uses a Getting Started Wizard, and comprises the following general steps: • Logging in to the Alert Central Application • Creating an Alert Central Integration Email Account • Configuring the Alert Central Integration Email Account in Alert Central Logging in to the Alert Central Application To log in to the Alert Central application: 1. Click Application Home in the Alert Central virtual machine interfaceor launch a web browser and navigate to the Alert Central application URL shown in the Console tab. The Alert Central End-User License Agreement appears.
  28. 28. SolarWinds Alert Central  Administrator Guide 22  Setting Up the Alert Central Application 2. Review the agreement and click I accept the terms in the License Agreement. Then click Accept. The SolarWinds Alert Central application login dialog appears. 3. To log in to the Alert Central application for the first time, use the default login, admin. A password is not required. The Alert Setting Getting Started Wizard appears.
  29. 29. Administrator Guide  S olarW Setting Up the Alert Central Application 23 4. Click Next. Resolving Alert Central User Logon Issues If you forget your username or password, if your account becomes disabled, or if your password expires and you need to change it, contact your Alert Central System Administrator. The Alert Central System Administrator can log into Alert Central and enable your account, which may include updating your password. If you are an Alert Central System Administrator who needs password help, contact SolarWinds on thwack, at thwack.solarwinds.com. Setting Up an Alert Central Integration Email Account
  30. 30. SolarWinds Alert Central  Administrator Guide 24  Setting Up the Alert Central Application This email account is the integration point with Alert Central. This is not just a FROM email, it is the account where mail is sent TO Alert Central. Alert Central polls this account for email from users and alert-generating systems. Alert Central checks this account for alerts. To ensure the best possible system performance and results, set up an email account used only for Alert Central. Using an existing account wastes time and system resources polling and deleting non-Alert Central emails. Note: Alert Central needs its own empty email account. Do not use a personal or existing email account. Create the Alert Central integration email account on your corporate mail server. You may need to work with your Exchange email administrator to set up this new account. Alert Central cannot set up this account for you. Configuring the Alert Central Email Account in Alert Central After creating the new email account on your corporate mail server, configure the email account in Alert Central. You need to do this so Alert Central knows how to find and access the email account so it can poll it for alerts. In setting up the Alert Central integration email account, both the incoming and SMTP ports automatically set to the known default ports. Selecting secure settings (SSL/TSL) also automatically changes the ports. You can, however, override these default settings and enter custom ports when needed. Once you have set up and tested the integration email account in Alert Central, you receive a validation email. To configure the Alert Central integration email account in Alert Central: 1. Log in to the Alert Central Console. The Getting Started Wizard appears. Click Next.
  31. 31. Administrator Guide  S olarW Setting Up the Alert Central Application 25 Note: If the Alert Central Getting Started Wizard does not display, click Settings in the upper right corner of the Alert Central Console screen. Then click the Getting Started Wizard link under Getting Started with Alert Central. The Getting Started Wizard appears. Click Next. The Email Setup page appears. 2. Enter the Address of the account you created. 3. Select an Incoming Server. • POP mail server • IMAP mail server 4. Enter your Username. 5. Enter your Password. 6. Enter the name of the Outgoing Server: SMTP Server. 7. To override the default port settings and customize incoming and/or outgoing SMTP ports, click + next to Advanced Options. 8. Enter Incoming mail port number. 9. If you need a secure connection, check Use a Secure connection (SSL/TLS). The incoming port changes to the default secure connection port. You can edit the port, if needed.
  32. 32. SolarWinds Alert Central  Administrator Guide 26  Setting Up the Alert Central Application a. Enter the Outgoing SMTP Port number. b. Check to Use a secure connection (SSL/TLS). The outgoing port changes to the default secure connection port. You can edit the port, if needed. c. Check to Use different credentials for SNMP: d. Enter User name. e. Enter Password. 10. Click Next on the bottom right of the page. Alert Central verifies the email settings. 11. When Alert Central finishes verification, you receive a confirmation message. Click Next. When you receive verification that your settings are correct, each setting tested shows a green circle with a check mark in it. 12. Click Next to continue setting up Alert Central and add users and groups.
  33. 33. Administrator Guide  S olarW Setting Up the Alert Central Application 27 Note: If you receive an error message, the message resembles the following. Click Back to reconfigure your mail settings in Alert Central. After you finish reconfiguration, click Next. When Alert Central confirms you have successfully set up your mail server, you have finished this process.
  34. 34.  29 Chapter 6 Adding Groups and Users The first time you add users and groups to Alert Central, you are most likely to use the Alert Central Getting Started Wizard. The wizard offers three options for creating Alert Central groups and users: • Use existing Windows Active Directory groups (quickest method) – Imports all Windows Active Directory groups and the users in those groups, using the Alert Central Getting Started Wizard. This is an especially effective option for initially setting up your Alert Central users and groups, because the process is fast and easy. The Alert Central Getting Started Wizard walks you through this process. See Adding Groups and Users in the Alert Central Quick Start Guide for details. • Use existing Windows Active Directory individual accounts and manually create groups – Imports only the Windows Active Directory accounts you select; you must manually create groups for these accounts. This is a quick way to import only the Windows Active Directory user accounts you need. For details on adding individual Active Directory accounts and manually creating groups in the Alert Central Getting Started Wizard, see Adding Groups and Users in the Alert Central Quick Start Guide. • Manually create users and groups – Create your own users and groups without using Windows Active Directory accounts. This option allows you to create completely new and/or custom users and groups. See Manually Creating User Accounts and Manually Creating Groups in this document for more information. You can also add Active Directory groups and users through the Alert Central Settings pages. You can create new groups and users through the Groups and Users tabs. Permissions for Importing Active Directory Users and Groups
  35. 35. SolarWinds Alert Central  Administrator Guide 30  Adding Groups and Users Having an Active Directory administrator account guarantees you access to import users and groups into Alert Central, but it is not required. You do, however, need an Active Directory account with enough permissions to view the users and groups you'll want to import to Alert Central. You must be logged on to Alert Central as an administrator to import users and groups into Alert Central. Note: The Active Directory Server does not save your credentials when you log off. You must reenter your credentials whenever you log in. Adding Users and Groups from Active Directory Adding groups and users from Active Directory automates the group and user account creation process. This is the quickest way to get groups and users set up in Alert Central. Import groups and users through the Alert Central Getting Started Wizard or through Alert Central’s Settings pages as follows: • Use the Alert Central Getting Started Wizard to add groups and users when you first set up Alert Central. The Getting Started Wizard walks you through the entire Alert Central set up process. For information on adding Active Directory users and groups using the Alert Central Getting Started Wizard, see Adding Groups and Users in the Alert Central Quick Start Guide. • Use the Alert Central Settings pages to add groups and users from server sources already set up in Alert Central. Use the Alert Central Settings pages when you don’t need a wizard to walk you through the import process. The following instructions explain how to import Active Directory users and groups through the Alert Central Settings pages. To import groups (and users) from Active Directory using the Alert Central Settings pages: 1. Click Settings in the upper right corner of the page. The Settings link is available on any page of Alert Central.
  36. 36. Administrator Guide  S olarW Adding Groups and Users 31 The Alert Central Settings page appears. 2. Click Import Users and Groups from Active Directory from the Alert Central Settings page.
  37. 37. SolarWinds Alert Central  Administrator Guide 32  Adding Groups and Users The Import Users and Groups from Active Directory page appears. 3. Enter the Domain name. 4. Enter your Active Directory Administrator Username. 5. Enter your Active Directory Password. 6. Enter the Active Directory Server IP address. 7. Enter the Port number. The port number should be the default 389. 8. To Use Secure LDAP, click the check box. The port number changes to a secure port. 9. Click Save. The Import Users and Groups from Active Directory page appears. 10. Select Import Windows Active Directory Groups.
  38. 38. Administrator Guide  S olarW Adding Groups and Users 33 11. Enter a group name to search for. Use * to perform a wildcard search. For example, searching for Admin* returns all Active Directory groups whose names start with Admin. 12. Click Search to begin searching for groups. Found groups display in the Select Groups to Add list in the left column under your search. 13. Select the groups you want to add to Alert Central. The selected groups display in the right column under your search. 14. Click Import to add the selected groups to Alert Central.
  39. 39. SolarWinds Alert Central  Administrator Guide 34  Adding Groups and Users Creating and Editing Groups You can import groups from Active Directory through the Alert Central Import Users and Groups page available through the Settings link. Manually create, edit, and delete groups in Alert Central from the Groups page. To access this page, select the Groups tab. You can select this tab from any page in the Alert Central application. Manually Creating Groups 1. Select the Groups tab. The Groups page appears. 2. Click +Add New Group, to the upper left above the groups list. The Add New Group page appears.
  40. 40. Administrator Guide  S olarW Adding Groups and Users 35 3. Enter a Group Name in the mandatory Group Name field. Choose a name that describes the group that other users would recognize. For example, if you’re adding a Windows Server Support group located at the headquarters location, you could use Windows Support Server Group HQ for the Group Name. 4. Select a color to represent a group in a list or calendar. Adding a color to the group can make it easier to recognize at a glance. 5. Click Add User to Group… under the Members field to add users to the new group. The Add a User… dialog appears. a. If the users you want to add to this group are listed in the dialog, select each user you want to add to this group and then click OK.
  41. 41. SolarWinds Alert Central  Administrator Guide 36  Adding Groups and Users b. If the users you want to add to this group are not listed in the dialog, click Cancel to close the dialog and leave this field blank. You can add these new users later, under the Users tab. See Manually Creating Groups. 6. Apply the default calendar to or create a new calendar for the new group. Alert Central automatically includes the default calendar in the calendars assigned to the new group. a. Skip this field to apply the default calendar as is. b. Click Default Calendar to edit the default calendar. c. Click Add a New Calendar to add a new calendar to the new group. The Add Calendar dialog appears. • Enter new calendar name. • Enter new calendar description. • Click OK. Note: You have at least one calendar applied to a group. 7. Skip the Escalation Policy fields to add no Escalation Policy step or use the Escalation Policy fields to define how long Alert Central waits to escalate an unacknowledged alert. a. Click Add Escalation Step and then select a step to add to the Escalation Policy for this new group. b. Click X to exit from the pull-down menu and add a different escalation step. c. Define when Alert Central moves to the next escalation step if no one acknowledges the alert. d. Define what should occur if no one acknowledges the alert. If applicable, select and define one of the following: • Resolve and close the alert; then notify a user or group by either entering or selecting that user or group’s name. • Resolve and assign the alert to an entered or selected user. 8. Click Save to save your changes and return to the Groups page. Editing Groups To review and edit a group: 1. Select the Groups tab. The Groups page appears.
  42. 42. Administrator Guide  S olarW Adding Groups and Users 37 2. Select a Group to edit and then click Edit or select and double click a group. An Edit Group page appears. 3. Update fields as needed. Note: This page has the same fields as the Add New Group page. See step 3 in Manually Creating Groups for details on the fields on this page and their requirements. 4. Click Update to save your changes.
  43. 43. SolarWinds Alert Central  Administrator Guide 38  Adding Groups and Users Deleting Groups 1. Select the Groups tab. The Groups page appears. 2. Select a group to delete. Make sure you’ve selected the checkbox for that group. 3. Click Delete, which is the center selection above the list of groups. The Deleting group dialog appears. 4. Click OK. Importing User Accounts from Active Directory To import users from Active Directory: 1. Click Settings in the upper right corner of the page. The Settings link is available on any page of Alert Central.
  44. 44. Administrator Guide  S olarW Adding Groups and Users 39 The Alert Central Settings page appears. 2. Click Import Users and Groups from Active Directory from the General Settings on the Alert Central Settings page.
  45. 45. SolarWinds Alert Central  Administrator Guide 40  Adding Groups and Users The Import Users and Groups from Active Directory page appears. 3. Enter the Domain name. 4. Enter your Active Directory Administrator Username. 5. Enter your Active Directory Password. 6. Enter the Active Directory Server IP address. 7. Enter the Port number. The port number should be the default 389. 8. To Use Secure LDAP, click the check box. The port number changes to a secure port. 9. Click Save. The Import Users and Groups from Active Directory page appears. 10. Select Import Windows Active Directory Users.
  46. 46. Administrator Guide  S olarW Adding Groups and Users 41 11. Enter a user name to search for. Use * to perform a wildcard search. For example, searching for David* returns all Active Directory users whose names start with David. 12. Click Search to begin searching for users. Found users display in the Select Users to Add list in the left column under your search. 13. Select the users you want to add to Alert Central. The selected users display in the right column under your search. 14. Click Import to add the selected users to Alert Central. Creating and Editing User Accounts You can import users from Active Directory through the Alert Central Import Users and Groups page available through the Settings link. Manually create, edit, and delete user accounts in Alert Central from the Users page. To access this page, select the Users tab. This tab is available from almost any page in the Alert Central application. Manually Creating User Accounts To create a new user account in Alert Central: 1. Select the Users tab. The Users page appears.
  47. 47. SolarWinds Alert Central  Administrator Guide 42  Adding Groups and Users 2. Click +Add New User in the upper left, above the users list. The Add New User page appears.
  48. 48. Administrator Guide  S olarW Adding Groups and Users 43 3. Add information in the following fields: a. User Name: Enter the user’s name in this mandatory field. This name is usually the same as the user’s system name, such as jnewman or jane.newman. b. Password: Enter a password for the user in this mandatory field. c. Confirm Password: Reenter the password you entered above. This is also a mandatory field. d. User Type: Define the user’s permissions as one of the following: o Administrator: Can edit all users, groups, calendars, and alert rules. o User: Can view alerts and calendars, add notes, and acknowledge alerts.
  49. 49. SolarWinds Alert Central  Administrator Guide 44  Adding Groups and Users e. Full Name: Enter the user’s real name in this mandatory field. f. Primary Email Address: Enter the user’s primary email address in this mandatory field. This is usually their work email address. g. Alert Notification Policy: Define when and how Alert Central alerts this user: o Enter the number of minutes. o Enter the user’s telephone number or email address. o Add, move, or delete notification methods: o Click Add additional notification method to add more methods of contact. o Use the up or down arrows to change the notification methods’ order. o Click X to delete a notification method. h. Contact Information: This section contains fields to be displayed in a calendar, but not in notifications: o Add a Photo: Add a photo of the user for at-a-glance identification. o Mobile Phone: Enter the user’s mobile telephone number. o Pager: Enter the user’s pager number. o Office Phone: Enter the user’s office telephone number. o Cell Phone: Enter the user’s cell telephone number. o Location: Enter the location where this application is being used. o Time Zone: Select the user’s time zone from the pull-down menu for this mandatory field. 4. Click Save to save your changes and return to the Review and Edit User Information or Users page. Editing User Accounts 1. Select a user to edit and then click Edit or select and double click a user. An edit page appears.
  50. 50. Administrator Guide  S olarW Adding Groups and Users 45 2. Update fields as needed. Note: This page has the same fields as the Edit Add New User page. See step 3 in Manually Creating User Accounts for details on the fields on this page and their requirements. 3. Click Update to save your changes. Syncing User Accounts with Active Directory You can also update a user account by synchronizing it with Active Directory. Synchronizing, or syncing, allows you to user accounts in Alert Central to reflect changes made to those accounts in Active Directory. To sync an Alert Central user account with Active Directory: 1. Select a user to edit and then click Edit or select and double click a user. An edit page appears.
  51. 51. SolarWinds Alert Central  Administrator Guide 46  Adding Groups and Users 1. Click Sync with Active Directory. The Active Directory Server Settings dialog appears. The dialog shows the Domain, Server, and Port fields for this user account on the Active Directory server.
  52. 52. Administrator Guide  S olarW Adding Groups and Users 47 2. Enter the Active Directory server’s Administrator Username. 3. Enter the Active Directory administrator Password. 4. Click Sync to import and apply the latest data for this user account from the Active Directory server. Deleting User Accounts 1. Navigate to the Review and Edit User Information page from the Alert Central Getting Started Wizard. The Review and Edit User Information page appears. Or Select the Users tab. The Users page appears. 2. Select a user to delete. Make sure you’ve selected the checkbox for that user. 3. Click Delete, which is the center selection above the list of users. The Delete user dialog appears.
  53. 53. SolarWinds Alert Central  Administrator Guide 48  Adding Groups and Users 4. Click Yes.
  54. 54.  49 Chapter 7 Adding and Configuring Orion and Email Alert Sources An alert source is a system or device that generates alerts. The source sends email directly to Alert Central or to the Alert Central integration email account. This source can be an Orion system (direct) or another email-generating system. You can configure Alert Central to receive and process alerts from Orion and any alert source that can send email. Orion interfaces directly with Alert Central, after Alert Central has been properly configured The email alert source sends email to the Alert Central integration email account. Alert Central then polls the integration email account. The figure below explains how Alert Central processes email alerts. Working with Orion Alert Sources The first time you add a new Orion alert source, you use the Alert Central Setup Wizard. The Alert Central Startup Wizard walks you through everything you need to do to set up Alert Central, including setting up alert sources. To create additional Orion alert sources, however, you can work directly in Alert Central’s Alert Sources settings. Adding a new Orion alert source requires the following basic steps: 1. Entering Orion server links into Alert Central and/or Editing Orion alert sources
  55. 55. SolarWinds Alert Central  Administrator Guide 50  Adding and Configuring Email Alert Sources 2. Configuring route to group matching rules 3. Testing Orion email alert source rules Entering Orion Alert Sources You can configure Alert Central to automatically retrieve and process email alerts from Orion, or any other software source that can send email. To enter an Orion alert source: 1. Click Settings in the upper right corner of the page. The Settings link is available on any page of Alert Central. The Alert Central Settings page appears.
  56. 56. Administrator Guide  S olarW Adding and Configuring Email Alert Sources 51 2. Click Add New Orion Source under Alert Sources. The Add New Orion Source Page appears. 3. Enter the new Orion Source Name. 4. Enter the Orion Server IP Address or Fully Qualified Domain Name (FQDN). 5. Enter the Orion administrator username. 6. Enter the Orion administrator user password.
  57. 57. SolarWinds Alert Central  Administrator Guide 52  Adding and Configuring Email Alert Sources Note: Alert Central does not save the Orion administrator username or password after you log out or time out of a session. To edit Orion sources created in previous sessions, enter the Orion administrator username and password into Alert Central. 7. Click Test. 5. Click Done after the settings test shows an established connection. Note: If you receive an error when running the Orion Server Settings test, make sure you are running the Alert Central virtual appliance on the 443 port. Orion listens on the 17778 port. See Configuring Route to Group Matching Rules for the next set of steps in this process. Editing Orion Alert Sources To edit an existing Orion alert source: 1. Click Settings in the upper right corner of the page. The Settings link is available on any page of Alert Central. 2. Click Configure Orion Alert Source. The Configure Email Alert Sources page appears.
  58. 58. Administrator Guide  S olarW Adding and Configuring Email Alert Sources 53 3. Select the email alert source to edit and click Edit. The Edit <Orion Source Name> page displays, with the email alert source name entered in the Source Name field. 4. Edit the name in the Source Name field, if needed. Click Next. The Configure Email Alert Sources Edit <Orion Source Name> displays.
  59. 59. SolarWinds Alert Central  Administrator Guide 54  Adding and Configuring Email Alert Sources
  60. 60. Administrator Guide  S olarW Adding and Configuring Email Alert Sources 55 Note: Alert Central does not save the Orion administrator username or password. When you edit your source, you’ll need to reenter the username and password into Alert Central. If you want to start over, delete or recreate the Orion source. If you have any rules set up for the source, you can export or import those. See Configuring Route to Group Matching Rules for the next set of steps in this process. Configuring Email Alert Source Route to Group Matching Rules On the Route to Group page, set up routing rules so Alert Central knows how to assign the emails alerts from the new source. You can also set up rules to route the alert to different groups. When Alert Central detects an alert from the new source, it needs to know whether to forward the alert to a group or to delete it. When the alert matches the rules, Alert Central recognizes the alert and forwards it to the defined group (or groups) or deletes the email alert from the system. To define and configure Route to Group rules for an Orion alert or new email alert source: 1. Click Settings in the upper right corner of the page. The Alert Central Settings page appears. 2. Click Add New Orion Source under Alert Sources. The Add New Orion Source Page appears.
  61. 61. SolarWinds Alert Central  Administrator Guide 56  Adding and Configuring Email Alert Sources 3. Click Add new matching rule in the Route to Group pane. An If no rules match field with a pull-down menu appears. 4. If you want to ensure an alert not matching any rule automatically routes to a group or is deleted, select a routing option from the If no rules match pull-down menu. 5. Click Add new matching rule to add a matching rule. A rule with a matching text placeholder (“ ”) appears in the Route to Group pane. The About Group Routing pane becomes the Configure Rule pane.
  62. 62. Administrator Guide  S olarW Adding and Configuring Email Alert Sources 57 6. Make sure the new rule is highlighted and select one of the following options from the Configure Rule pane: • if the Captured Summary • if the Captured Object • if the Captured Severity • if the text in Orion Field o Enter the text in the Orion field. 7. Select one of the following from the Configure Rule pane’s pull-down menu: • contains • is equal to • starts with • ends with • matches the regex • does not start with • does not end with • does not contain • is not equal to • does not match the regex 8. Enter the word or phrase you want the rule to include or exclude. 9. Select Ignore case and/or Ignore whitespace (treat multiple spaces as one space) to further filter results. 10. Click Next to save your work and test your rules configuration. Or click Finish to save and exit to the Configure Email Alert Sources page. From this page, you can select another alert source to edit. 11. Complete steps 3 through 10 to add more rules for this alert source.
  63. 63. SolarWinds Alert Central  Administrator Guide 58  Adding and Configuring Email Alert Sources Notes: To change the order in which Alert Central applies the rules you define, highlight the rule you want to move and click Up or Down at the top of the Configure Rule pane. To delete a rule, highlight the rule and click Remove at the top of the Configure Rule pane. Testing Orion Alert Source Rules Test newly created rules to ensure they are functional. To test alert source rules, fill out the test email form and click Test. Alert Central processes the test email as if it were a real alert and offers test results. To test alert source rules: 1. Enter a description of the alert and its source in the Summary field. 2. Enter the source’s IP address, Fully Qualified Domain Name (FQDN), or cause in the Object field. 3. Enter the severity level for the alert in the Severity field. 4. Edit or define Orion Alert properties, as needed. 5. Click Test. If you have correctly configured the rules, you receive positive results in the Test Results pane. Click Finish.
  64. 64. Administrator Guide  S olarW Adding and Configuring Email Alert Sources 59 If you have not correctly configured the rules, you receive an error message noting where errors have occurred in the Test Results pane. Click Back to fix configuration errors. Working with Email Alert Sources The first time you add a new email alert source, you use the Alert Central Setup Wizard. The Alert Central Startup Wizard walks you through everything you need to do to set up Alert Central, including setting up alert sources. To create additional email alert sources, however, you can work directly in Alert Central’s Alert Sources settings. Adding a new email alert source requires the following steps: 1. Entering email alert source name into Alert Central and/or Editing email alert sources in Alert Central 2. Configuring route to group matching rules 3. Defining which the email alert information to summarize 4. Defining which information to capture about email alert source object 5. Defining which information to capture about email alert severity 6. Testing email alert source setup Entering Email Alert Sources To enter a new email alert source in Alert Central: 1. Click Settings in the upper right corner of the page. The Settings link is available on any page of Alert Central.
  65. 65. SolarWinds Alert Central  Administrator Guide 60  Adding and Configuring Email Alert Sources The Alert Central Settings page appears. 2. Click Add New Email Sources under Alert Sources. The Add New Email Source Overview window appears.
  66. 66. Administrator Guide  S olarW Adding and Configuring Email Alert Sources 61 2. Enter the name of the new source the way it appears in the source itself. If you are editing an existing email source, enter the name of the source the way it appears in Alert Central. 3. Click Next. The Add New Email Source Matching Rules page appears. This page is where you define how the alert is routed.
  67. 67. SolarWinds Alert Central  Administrator Guide 62  Adding and Configuring Email Alert Sources See Configuring Email Alert Source Route to Group Matching Rules for the next set of steps in this process. Editing Email Alert Sources To edit an existing email alert source: 1. Click Settings in the upper right corner of the page. The Settings link is available on any page of Alert Central. 2. Click Configure Email Alert Source. The Configure Email Alert Sources page appears 2. Select the email alert source to edit and click Edit. The Edit <Source Name> page displays, with the email alert source name entered in the Source Name field.
  68. 68. Administrator Guide  S olarW Adding and Configuring Email Alert Sources 63 3. Edit the name in the Source Name field, if needed. Click Next. The Configure Email Alert Sources Edit <Source Name> displays.
  69. 69. SolarWinds Alert Central  Administrator Guide 64  Adding and Configuring Email Alert Sources See Configuring Route to Group Matching Rules for the next set of steps in this process. Configuring Route to Group Matching Rules Configuring email alert routing from non-Orion sources is the same process as it is for configuring routing for alerts from Orion sources. For details on configuring how to route email alerts from new, non-Orion sources, see Configuring Route to Group Matching Rules. Defining Capture Summary On the Capture Summary page, define how Alert Central describes the alert. This information is especially helpful when you review alerts in the Alerts dashboard, because you can see a short description of each alert at a glance. To define the capture summary: 1. Select one of the following areas from which to capture Email Alert Summary information: • Subject: line • From: address • To: address • Body: message 2. Select one of the following options: • And just use all the text we find there • Only capture a specific section of that text 3. Click Next.
  70. 70. Administrator Guide  S olarW Adding and Configuring Email Alert Sources 65 Defining Capture Object On the Capture Object page, define where in the email alert Alert Central looks to find severity information. You also define how much of that alert text Alert Central uses – all or a defined portion. When Alert Central receives an alert email from the source, it uses this rule to capture the cause of the problem or the name of the affected system or service. The name of the system or service can be an IP address or an FDQN, like thwack.solarwinds.com. To define capture object information: 1. Select one of the following areas from which Alert Central can capture Problem Object information: • Subject: line • From: address • To: address • Body: message 2. Select one of the following options: • And just use all the text we find there • Only capture a specific section of that text o Start capturing when we find a phrase or a defined group of words. o Stop capturing at the end of the line, text, or as soon as the phrase is found. 5. Click Next. Defining Capture Severity When Alert Central receives an alert email from this source, it uses this rule to capture the email alert’s severity. On the Capture Severity page, you define which part of the email alert Alert Central searches to find severity information. To define capture severity information: 1. Select one of the following areas from which Alert Central can capture Problem Severity information: • Subject: line
  71. 71. SolarWinds Alert Central  Administrator Guide 66  Adding and Configuring Email Alert Sources • From: address • To: address • Body: message 2. Select one of the following options: • And just use all the text we find there • Only capture a specific section of that text 3. Click Next to save your input and move on to configuring email alert routing. Notes: To change the order in which Alert Central applies rules, highlight the rule you want to move and click Up or Down at the top of the Configure Rule pane. To delete a rule, highlight the rule and click Remove at the top of the Configure Rule pane. Testing Email Alert Source Rules Test newly created rules to ensure they are functional. To test alert source rules, fill out the test email form and click Test. Alert Central processes the test email as if it were a real alert and offers test results. To test the alert source rules you’ve created: 1. Enter data from a sample alert email into the From, To, Subject, and Body into the Test Email fields.
  72. 72. Administrator Guide  S olarW Adding and Configuring Email Alert Sources 67 2. Click Test. The test checks the following rules for this email alert source: • Matching Rules • Capture Summary • Capture Object • Capture severity • Route to Groups 6. If you have correctly configured the rules, you receive positive results in the Test Results pane. The results explain how the email met the rules configured for this source. Click Finish. If you have not correctly configured the rules, you receive an error message noting where errors have occurred in the Test Results pane. Click Back to fix configuration errors.
  73. 73.  69 Chapter 8 Working with Alerts The Alert Central dashboard is the where you view, filter, search, acknowledge and assign, manually add and close, and update status on alerts. The Alert Central application opens to the Alerts dashboard. The dashboard displays the alerts in Alert Central, as well as the following alert properties: • Summary – Short description of the alert • Time of Alert – The time the alert occurred • Source – System originating the alert • Severity – Level of attention the alert requires • Object – The IP address, FDQN, or cause of the alert source • Alert Status – Status of the alert in Alert Central • Assigned To – If applicable, the Alert Central individual user responsible for addressing the alert • Group – If applicable, the Alert Central group responsible for this alert • Quick Actions – Actions that can be performed on the alert from the alert dashboard Following is an example of the Alerts dashboard.
  74. 74. SolarWinds Alert Central  Administrator Guide 70  Working with Alerts Alert Types The Alerts dashboard displays four different types of alerts: Acknowledged – Uses the icon. Alert Central has accepted this alert. Closed – Uses the icon. The alert’s issue is fixed and the alert is no longer active in Alert Central. Notified – Uses the icon. The individual or group has received an email about this alert. Triggered – Uses the icon. Brand new email alert that does not match any existing sources. Alert Central provides you different ways to view and manage alerts.
  75. 75. Administrator Guide  S olarW Working with Alerts 71 Viewing Alerts You can view alerts directly from the Alert Central Alerts dashboard. To view an alert, double click the alert’s icon or summary. The alert opens, showing the alert name, the actions you can take, and the time Alert Central accepted the alert.
  76. 76. SolarWinds Alert Central  Administrator Guide 72  Working with Alerts The alert also shows the same detailed information displayed in the Alert Central dashboard on the Alerts page. Acknowledged like this one can be closed or assigned to a user or group. Buttons for these functions reside across the top of the alerts list. Click the links on the right side of the alert to view all alerts in Alert Central having the same properties as the alert you’re now looking at. Viewing Alert Notes & History Review an alert’s notes and history on the alert’ Notes & History tab . Notes and history can describe anything about the alert, including its status, assignment, escalation, arrival into Alert Central – any information that might help in tracking and resolution. To view notes and details about this alert: 1. Navigate to the bottom of the page to the Notes & History tab. Make sure this tab is selected. 2. Scroll through the Notes & History tab to review data added to the alert.
  77. 77. Administrator Guide  S olarW Working with Alerts 73 Viewing the Original Orion or Email Alert The Original Alert tab shows you properties from the original Orion (or other) alert. This information provides data on the system originating the alert, as well as original routing data. This information may be helpful in resolving the issue. To view the original alert: 1. Select the Original Alert tab. 2. Scroll through the alert to view it. This view provides information on when the alert arrived into the system, as well the alert’s original properties, including: • IP Address • alert Type • Node • detailsUrl • Object Subtype • netObject • Status Description • objectID • Vendor • objectName • alertDefinitionID • objectType • triggerTimeStamp From the Original Alert tab, you can also access source routing settings, so you can reconfigure how other alerts from this source route. Rerouting Alerts from the Original Source If future alerts from a current Alert Central source require routing to a different group, you need to reroute alerts from the source. To reroute alerts from the original alert source: 1. To reroute other alerts from this source, click Use these XXXX properties to test and improve how future alerts like this one are assigned. The Manage Sources page for the alert appears.
  78. 78. SolarWinds Alert Central  Administrator Guide 74  Working with Alerts From this page, you can test, and if necessary, reconfigure how alerts from this source route. 2. Click Test. The test results display in the Test Results pane. 3. When you receive your results, click Done. If you receive results showing improper routing, Alert Central takes you directly to Alert Central Settings, where you can reroute alerts from this source. See Configuring Email Alert Source Route to Group Matching Rules for details on how to reconfigure this source’s alert routing. Filtering and Grouping Alerts From the Alert Central Alerts dashboard, you can view alerts filtered by time and ownership and grouped by properties: Filtering Alerts by Time and Ownership To filter alerts shown by hour, day, week, and/or month: 1. Define your alerts view from the pull-down menu under the Alerts heading, selecting from the following options:
  79. 79. Administrator Guide  S olarW Working with Alerts 75 • Hour – Defaults to displaying the last hour. To customize your view, select the times of the alerts you want to see, such as the alerts occurring between 8 a.m. and 5 p.m. This feature allows you to select times in 15-minute increments. • Day – Defaults to displaying the last day. To customize your view, select the range of days from which to display alerts. • Week – Defaults to displaying the last week. To customize your view, select the range of weeks from which to display alerts. • Month – Defaults to displaying the last month. To customize your view, select the range of months from which to display alerts. The Group By and Alerts Detail panes both display only those groupings of alerts and alerts that you’ve defined filters for. Note: Each option defaults to the most current hour, day, week, or month. To show only alerts assigned to you: 1. Click the All Alerts pull-down menu. 2. Select My Alerts. The Group By pane and the Alerts dashboard both display only those alerts assigned to you.
  80. 80. SolarWinds Alert Central  Administrator Guide 76  Working with Alerts Note: The pull-down menu defaults to All Alerts. Grouping Alerts by Properties To group alerts by property: 1. Select one of the following alert properties from the Group By pane’s pull- down menu: • Alert Status – Appears a status icon, which includes: o Acknowledged o Closed o Notified o Triggered Also shows how many of each alert type exists in Alert Central. See Alert Types for information on which icons indicate which types of alerts. To view only alerts of a single status, select the individual status. • Severity – In the case of an Orion alert, shows one of the following levels: o Critical – Issue requires immediate attention to restart system operation. o Information – Informational message; does not require action. o Notice – Informational message; requires action.
  81. 81. Administrator Guide  S olarW Working with Alerts 77 o Serious – Situation requires action to avoid system failure. o Warning – Problem requires attention to ensure continued system operation. For any other type of alert, Severity appears whatever you have mapped to this field. • Source – Provides the name of the system that originated the email alert. • Object – In the case of an Orion Alert, appears the IP address of the system that created the email alert. For any other type of alert, Object appears whatever you have mapped to this field. • Summary – Briefly describes the contents of the email alert. • Assigned To – If applicable, shows the Alert Central user responsible for handling the email alert’s issue. • Group – If applicable, provides the name of the group responsible for handling the email alert’s issue. A list of options available for the selected feature appears.
  82. 82. SolarWinds Alert Central  Administrator Guide 78  Working with Alerts 2. Select the desired option. In the example screen above, the option All is selected, so Alert Central shows all alerts. If, for example, you selected Triggered, Alert Central would show only those alerts that have entered the system and not yet been acknowledged.
  83. 83. Administrator Guide  S olarW Working with Alerts 79 Note: To better view the complete alerts filtering results, click the double arrow button at the top of the Group By pane to close it. Sorting Alerts by Properties Another way to display alerts is by sorting them so they display in a specific order in the Alerts dashboard. To sort alerts, click the property name at the top of the desired property. To sort alerts by Summary, for example, click the Summary property name at the top of first column on the Alerts dashboard. The Alerts dashboard appears the alerts in the alphabetical order of their summaries. Manually Adding New Alerts To manually add a new alert: 1. Click Manually Add New Alert at the upper right of the Alerts dashboard.
  84. 84. SolarWinds Alert Central  Administrator Guide 80  Working with Alerts The Manually Add New Alert page appears. 2. If needed, correct the Time and Date fields. These fields appear when adding the new alert and defaults to the current time and date. Update the Time and Date fields if you want to add the new alert at a later time and/or date. 3. Select an alert source from the Source pull-down menu. 4. Select a severity level from the Severity pull-down menu. 5. Select a group from the Group pull-down menu.
  85. 85. Administrator Guide  S olarW Working with Alerts 81 6. Select a user from the Assigned pull-down menu. 7. Enter the alert source’s IP address or name in the Object field. 8. Enter any additional helpful in the Note field. 9. Describe the purpose of this alert in the Summary field. 10. Click OK. You return to the Alerts dashboard. Sending an Alert to a Pager or SMS Sending an email alert to a pager or a cell phone is very much like sending a text message. To forward an email alert to a pager or SMS: 1. Open the alert and assign it to the appropriate individual. 2. Click the assignee name. When the user account page displays, click Edit this account. 3. Scroll to the bottom of the page and click Add additional notification method. A blank notification method displays. 4. Enter the assignee’s page or cell phone number in the format <number>@<serviceprovidername.com>, and select Short SMS from the drop-down menu. 5. Click update. Searching Alerts The Search feature allows you to search for an alert or alert property using alpha-numeric and special characters. Use the search field in the upper right corner of the Alerts dashboard to search the Alert dashboard.
  86. 86. SolarWinds Alert Central  Administrator Guide 82  Working with Alerts Search results display in the Alerts dashboard, highlighted in yellow. Acknowledging Alerts To acknowledge an alert: 1. Select the Triggered alert you want to acknowledge from the Alerts dashboard. 2. Click Acknowledge.
  87. 87. Administrator Guide  S olarW Working with Alerts 83 The Triggered alert becomes an Acknowledged alert. The alert icon changes to reflect the alert’s status change. An alert must be acknowledged before it can be assigned or reassigned. Reassigning Alerts An alert must be acknowledged before it can be assigned or reassigned. To reassign an alert: 1. Select the alert you want to reassign from the Alerts dashboard. 2. Click Assign and select a group. 3. Select either a group escalation policy or a user.
  88. 88. SolarWinds Alert Central  Administrator Guide 84  Working with Alerts The selected group escalation policy assigns the alert to the user or users defined in that policy. Selecting a user assigns the alert to that user. If you select a group escalation policy that does not assign the alert to a user, the alert is not assigned. You must acknowledge the alert so you can assign it to someone. Adding Notes to Alerts To add a note to an alert: 1. Select the alert to which you want to add notes from the Alerts dashboard. 2. Click Add Note from the top of the Alert dashboard. The Add Note dialog appears.
  89. 89. Administrator Guide  S olarW Working with Alerts 85 3. Add your note and click Add Note. Note: You can also add notes when inside the alert. Click Add Alert from inside the alert to access the Add Note dialog.
  90. 90. Administrator Guide  S olarW Working With Who’s On Call Now and Calendars  87 Chapter 11 Working with On Call Now and Calendars Use On Call Now and Calendar features to view who is on call (now, as well as for the day, week, and month) assign users and groups to be on call, and view and configure escalation policies, and user and group profiles. Who’s On Call Now? To see who’s on call now, click the On Call Now tab. The On Call Now page appears who is on call now, as well as links to contact and configure these users in the Alert Central system. Viewing Today’s On Call Calendars To view today’s on call calendar from the On Call Now page, click View Today’s Calendar.
  91. 91. SolarWinds Alert Central  Administrator Guide 88  Working With Who’s On Call Now and Calendars The Calendar page appears who is on call today. From this page, you can • View a day, week, or month’s calendar – Click Day, Week, or Month across the top of the calendar • Add a new on-call assignment – Click Add New On-Call Assignment. • View this month’s calendar or another month’s calendar – Click backward or forward button on the calendar displayed in the upper left corner. • View another group’s calendar– Highlight and then pull down an option: o Display only this group’s calendar
  92. 92. Administrator Guide  S olarW Working With Who’s On Call Now and Calendars  89 o Add a new on-call assignment o View or edit escalation policy o View group color • View an on-call now user Viewing Users On Call Now Select and double click the user’s schedule to see more about that user and edit his or her contact information, escalation policy, on-call assignment, group information, and time zone. You can also delete the user from here. Viewing Group Escalation Policies To access a group’s escalation policy, you can click View Escalation Policy from either the View User On Call page or the Who’s On Call Now page.
  93. 93. SolarWinds Alert Central  Administrator Guide 90  Working With Who’s On Call Now and Calendars The Group Page appears. Select the user’s group and create or edit the escalation policy as described in Manually Creating Groups.
  94. 94. Administrator Guide  S olarW Administering the Alert Central Application 91 Chapter 12 Administering the Alert Central Application Administer Alert Central through the Settings link. General Settings tasks include setting up and maintaining the following: • Email Server Settings (SMTP, POP, IMAP) • Global Password Settings • Data Retention Policies Editing Email Server Settings If you change your alerts email account or need to add new email accounts, you’ll need to update the Alert Central email server settings. For details on editing and adding new email account server settings to Alert Central, see Adding New Email Alert Sources. Configuring Global Password Settings Alert Central’s default password setting has no expiration date. You can, however, globally configure passwords to expire after a defined number of days. To configure global password settings: 1. Navigate to Settings > Global Password Settings. The Global Password Settings page appears. 2. Select Password automatically expires after ___ days. 3. Define the number of days passwords should last.
  95. 95. SolarWinds Alert Central  Administrator Guide 92  Administering the Alert Central Application 4. Click Save to apply and save your edits. Setting Data Retention Policies Alert Central automatically deletes the oldest system alerts when the database reaches 40 GB. You can change this default setting to delete old entries based on a defined age. You can also configure the deletion of old alerts when the database reaches a size you define. Both of these settings can be active at the same time. To edit data retention settings: 1. Navigate to Settings > Data Retention Policies. The Data Retention Settings page appears. 2. Select Clean up old entries based on age to automatically delete the oldest alerts. a. Define how many days to keep alerts. 3. Select Clean up old alerts when the database exceeds a certain size to remove old alerts. Deletion automatically occurs when the database becomes larger than the specified size. a. Define the size the database must be when deletion occurs. 4. Click Save to apply and save your edits.
  96. 96.  93 Appendix A Orion Alert Properties The following is a list of default Orion properties for pre-defined alerts: Core Node IP Address = ${IP_Address} Object Sub Type = ${ObjectSubType} Status Description = ${StatusDescription} Node Name = ${SysName} Vendor = ${Vendor} Volume Full Name = ${FullName} Status = ${Status} Volume Percent Used = ${VolumePercentUsed} Volume Size = ${VolumeSize} Volume Type = ${VolumeType} Group Group Status Name = ${GroupStatusName} Group Status Description = ${GroupStatusDescription} Group Name = ${GroupName} Group Member Group Name = ${GroupName} Group Member Full Name = ${GroupMemberFullName} Group Member Status Description = ${GroupMemberStatusDescription} Polling Engines
  97. 97. SolarWinds Alert Central  Administrator Guide 94  Administering the Alert Central Application Amount of Elements = ${Elements} Eval Days Left = ${EvalDaysLeft} Evaluation = ${Evaluation} IP Address = ${IP} Server Name = ${ServerName} Server Type = ${ServerType} Windows Version = ${WindowsVersion} Auditing Events Account name = ${AccountID} Audit Event Message = ${AuditEventMessage} Time Logged (Utc) = ${TimeLoggedUtc} NPM Custom Node Table Poller Full Label = ${FullLabel} Custom Node Poller Assignment Name = ${AssignmentName} Custom Interface Poller Assignment Name = ${AssignmentName} EnergyWise Entity EnergyWise Entity Caption = ${EnergyWiseCaption} EnergyWise Entity Current Level = ${EnergyWiseCurrentLevelString} Fibre Channel Unit
  98. 98. Administrator Guide  S olarW Administering the Alert Central Application 95 Fibre Channel Unit Name = ${Name} Fibre Channel Unit WWN = ${ConnUnitID} Fibre Channel Sensor Fibre Channel Sensor Name = ${Name} Fibre Channel Sensor Characteristic Description = ${Characteristic_Description} Fibre Channel Port Fibre Channel Port Index = ${PortIndex} Fibre Channel Port WWN = ${WWN} Fibre Channel Revision Fibre Channel Revision Description = ${RevisionDescription} VSAN VSAN Name = ${Name} UCS Manager UCS Manager Name = ${Name} UCS Fabric UCS Fabric Name = ${Name} UCS Chassis UCS Chassis Name = ${Name}
  99. 99. SolarWinds Alert Central  Administrator Guide 96  Administering the Alert Central Application UCS Blade UCS Blade Name = ${Name} UCS Fan UCS Fan Name = ${Name} UCS Psu UCS Psu Name = ${Name} Wireless Wireless Access Point Name = ${AP_Name} Mac Address = ${AP_MAC} Type = ${AP_Type} Wireless Controller Name = ${Controller_Name} IP Address = ${Controller_IPAddress} Interfaces Interface Name = ${InterfaceName} Type Description = ${InterfaceTypeDescription} Status = ${Status}
  100. 100. Administrator Guide  S olarW Administering the Alert Central Application 97 F5 F5 Devices Caption = ${Caption} Product Name = ${ProductName} IVIM Virtual Machine Host Node Name = ${HostNodeName} Display Name = ${DisplayName} Operating System = ${OperatingSystem} Virtual Machine State = ${GuestState} Platform = ${PlatformName} SAM APM: Application Application Name = ${Name} Application Status = ${Availability} APM: Component Component Name = ${ComponentName} Component Type Name = ${DisplayType} Component Status = ${ComponentStatus} Statistic Data = ${StatisticData} Component Message = ${ComponentMessage}
  101. 101. SolarWinds Alert Central  Administrator Guide 98  Administering the Alert Central Application HardwareHealth Hardware Hardware Status Description = ${HardwareStatusDescription} Hardware Manufacturer = ${Manufacturer} Hardware Model = ${Model} Hardware Service Tag = ${ServiceTag} Hardware Type Hardware Type Name = ${TypeName} Hardware Type Status Description = ${HardwareTypeStatusDescription} Hardware Sensor Hardware Sensor Display Name = ${SensorDisplayName} Hardware Sensor Value = ${SensorValue} Hardware Sensor Unit = ${SensorUnit} Hardware Sensor Status Description = ${SensorOrionStatusDescription} Hardware Sensor Original Status = ${SensorOriginalStatus} SEUM Transaction Name = ${Name} Description = ${Description} Status = ${StatusDescription} Duration = ${Duration}
  102. 102. Administrator Guide  S olarW Administering the Alert Central Application 99 Error Message = ${ErrorMessage} Steps With Status = ${StepsWithStatusFormatted} Step Step Name = ${Name} Transaction Name = ${TransactionName} Status = ${StatusDescription} Duration = ${Duration} Error Message = ${ErrorMessage} Location Name = ${Name} Hostname = ${Hostname} IP = ${IP} Load Percentage For Last 30 min = ${AvgLoadPercentageLast30min} Status = ${ConnectionStatus} Status Message = ${ConnectionStatusMessage} Step Request Step Name = ${StepFullName} Url = ${Url} MimeType = ${MimeType} Status Code = ${StatusCode} Duration in Seconds = ${TotalDurationS} SEUM: Transaction Name = ${Name}
  103. 103. SolarWinds Alert Central  Administrator Guide 100  Administering the Alert Central Application Description = ${Description} Status = ${StatusDescription} Duration = ${Duration} Error Message = ${ErrorMessage} Steps With Status = ${StepsWithStatusFormatted} SEUM: Step Step Name = ${Name} Transaction Name = ${TransactionName} Status = ${StatusDescription} Duration = ${Duration} Error Message = ${ErrorMessage} SEUM: Location Name = ${Name} Hostname = ${Hostname} IP = ${IP} Load Percentage For Last 30 min = ${AvgLoadPercentageLast30min} Status = ${ConnectionStatus} Status Message = ${ConnectionStatusMessage} VNQM VoIP Infrastructure Node Name = ${NodeName} Node Status = ${Status}
  104. 104. Administrator Guide  S olarW Administering the Alert Central Application 101 VoIP CallManager Node Name = ${NodeName} Node Status = ${Status} Total Phones = ${TotalPhones} Total Gateways = ${TotalGateways} Registered Phones = ${RegisteredPhones} Registered Gateways = ${RegisteredGateways} CallManager = ${Caption} VoIP Phone Phone Name = ${PhoneDeviceName} Phone Status = ${Status} Phone Region = ${PhoneRegion} Phone Status = ${Status} IP Address = ${IPAddress} Location = ${Location} Extension = ${Extension} VoIP Region Region Name = ${RegionName} Failed Call Percentage = ${FailedCallPercentage} Average Jitter = ${AvgJitter} Average PacketLoss = ${AvgPacketLoss} Average MOS = ${AvgMOS} Average Latency = ${AvgLatency} IP SLA QoS
  105. 105. SolarWinds Alert Central  Administrator Guide 102  Administering the Alert Central Application Source Node Name = ${Appearsource} Target Node Name = ${DisplayTarget} Operation Type Name = ${OperationTypeName} Operation Status = ${OperationStatusName} Source Node Status = ${SourceNodeStatus} Target Node Status = ${TargetNodeStatus} Jitter = ${Jitter} Latency = ${Latency} MOS = ${MOS} Packet Loss = ${PacketLoss} Round Trip Time = ${RoundTripTime} TCP Connect Round Trip Time = ${TcpConnectRtt} HTTP Round Trip Time = ${HttpRtt} DNS Round Trip Time = ${DnsRtt} VoIP Gateway Gateway Name = ${GatewayDeviceName} IP Address = ${IPAddress} Gateway Status = ${Status} Gateway Region = ${GatewayRegion} VoIP Call Details Calling Party Number = ${CallingPartyNumber} Destination Device Name = ${DestDeviceName} Destination Jitter = ${DestJitter} Destination Latency = ${DestLatency} Destination Packet Loss = ${DestPacketLoss}
  106. 106. Administrator Guide  S olarW Administering the Alert Central Application 103 Destination MOS = ${DestMOS} Destination Cause value = ${DestCause_value} Final Called Party Number = ${FinalCalledPartyNumber} Origination Device Name = ${OrigDeviceName} Origination Called Party Number = ${OriginalCalledPartyNumber} Origination Jitter = ${OrigJitter} Origination Latency = ${OrigLatency} Origination MOS = ${OrigMOS} Origination Packet Loss = ${OrigPacketLoss} Origination Cause value = ${OrigCause_value} IPAM IPAM Networks Display Name = ${FriendlyName} Group Type = ${GroupType} Network Address = ${Address} CIDR = ${CIDR} UDT Watch List Watch List Item Name = ${WatchName} Watch List Item Value = ${WatchItem} Watch List Item Note = ${Note} UDT: Hostname Host Name = ${Hostname} UDT: MACAddress Mac Address = ${MACAddress}
  107. 107. SolarWinds Alert Central  Administrator Guide 104  Administering the Alert Central Application UDT: Endpoint IP IP Address = ${IPAddress} NTA NTA: CBQoS Class Map Node Caption = ${NodeCaption} Stats Name = ${StatsName} Policy Name = ${PolicyName} Class Name = ${ClassName} Bitrate = ${Bitrate}
  108. 108.  105 Appendix B Adding Alert Central to the Orion Menu Bar If you are using Alert Central with Orion, you can configure the Orion menu bar to display a link to Alert Central. This capability enables you to use Alert Central inside of Orion, meaning you don’t have to navigate between applications. You can edit existing menu bars to display desired Alert Central menu items, or start from scratch to build a brand new menu bar. For more information, see Editing User Accounts. Use the following procedure provides the steps to customize web console menu bars. To add an Alert Central link to the Orion menu bar: 1. Click Settings in the upper right corner of the Orion window. The Orion Website Administration page appears. 2. Click External Websites in the Customize area. The External Websites page appears. 4. Click Add. A New External Website dialog appears.
  109. 109. SolarWinds Alert Central  Administrator Guide 106  Administering the Alert Central Application 4. Enter the following information: • Menu Title: Enter the name of the link you want in the Orion menu bar. • Page Title: Optional: If you decide to enter a page title, use a title different from the menu bar link. • URL: Enter the Alert Central server’s IP address in the following format: http://XX.XXX.XX.XX. • Menu Bar: Select the Orion menu bar from which to access the Alert Central link. 4. Click OK. In a few seconds, the External Website page displays a dialog indicating the Alert Central link has been added. 5. Click Preview or the Alert Central link on the menu bar to see your results and logon to Alert Central.
  110. 110. Administrator Guide  S olarW Administering the Alert Central Application 107 Note: If the Alert Central Logon dialog does not appear and you receive an error, navigate back to Settings > Customize > External Websites and delete your previous configuration. Create a new bar configuration for Alert Central, following the steps above.
  111. 111.  109

×