Logo
programming4us
programming4us
programming4us
programming4us
 Home
programming4us
 XP
programming4us
 Windows Vista
programming4us
 Windows 7
programming4us
 Windows Azure
programming4us
 Windows Server
programming4us
 Windows Phone
 
Windows Server

Windows Server 2008 R2 : Using Operations Manager 2007 R2 (part 1) - Alert Tuning

- Free product key for windows 10
- Free Product Key for Microsoft office 365
- Malwarebytes Premium 3.7.1 Serial Keys (LifeTime) 2019
3/19/2011 3:54:47 PM
After Operations Manager 2007 R2 has been installed and configured, ongoing work needs to be done to ensure that the product performs as expected. The two primary activities are to, first, tune the management packs to ensure that alerts are valid for the environment and that alert noise is reduced and, second, produce reports of the information that Operations Manager 2007 R2 is collecting.

Alert Tuning

After deploying Operations Manager 2007 R2, there are frequently complaints about the number of alert notifications that get generated. This can cause organizations to decommission the product, ignore the emails, or generally complain about what a bad product it is. In reality, the Operations Manager alert notifications just need to be tuned.

The following process will help you tune the management packs quickly and effectively to reduce alert and email noise. This is done by adjusting parameters on the rules (Enable/Disable, Severity, and Priority) using overrides.

Alert Severity is the first parameter to be tuned. There are three levels:

  • Critical (2)

  • Warning (1)

  • Information (0)

The numeric value of the severity is given as well, as some rules and monitors will show the severity as a value rather than as text.

Alert Priority is the second parameter to be tuned. There are three levels of priority as well:

  • High

  • Medium

  • Low

These notification subscriptions are as follows:

  • Notification for All Critical Severity High-Priority Alerts

  • Notification for All Critical Severity Medium-Priority Alerts

When you get an email from an alert that you don’t want, you need to tune the management pack monitor or rule. The basic decision tree is as follows:

  1. Disable the Alert? If yes, create an override to disable the rule for either the instance of the object, the class of objects, or a group of the objects. This prevents the alert from being generated, so no console alerts and definitely no emails are generated. This would be done if the alert does not reflect a real problem.

  2. Change Severity? If yes, create an override to change the alert severity to Warning. This keeps the alert in the console as a warning, but does not generate an email. This would be done if the alert is real, but is not actionable.

  3. Change Priority? If yes, create an override to change the alert priority to low. This keeps the alert as a critical alert, but prevents an email from being generated. This would be done if the alert is real, but is not resolvable in the immediate future.

  4. Change Threshold? For performance-based alerts, there is the option to change the trigger threshold to a different value. This would be done if the problem is real and actionable, but the alert is firing too soon.

These options can be taken for all objects of the target class, for just the specific instance that generated the alert, or for a group. The group would have to be created in advance and would have to contain objects of the type targeted by the monitor or rule generating the alert.

For example, let’s say there is an Application of Group Policy critical alert that is occurring frequently in the environment. It is occurring on a number of Windows Server 2008 R2 servers and is generating a lot of email notifications. This alert is valid, but does not require immediate action. The alert needs to be tuned to change the severity from critical to warning. The steps to tune the alert are as follows:

1.
Open the Operations Manager 2007 R2 console.

2.
Select the Monitoring space.

3.
Select the Active Alerts view.

4.
Locate and select the Application of Group Policy alert that is to be tuned.

5.
Right-click the alert and select Overrides, Override the Monitor, and For All Objects of Class: Group Policy 2008 Runtime. This overrides the alert for all objects of that class.

Note

The alert is to be tuned for all objects, rather than any specific instances. If the alert is to be tuned for the specific instance that raised the alert, the For the Object option should be chosen. If it is a group of the objects, the For a Group option should be chosen. The group would have to be precreated and be a group of the target objects.

6.
Check the Override box next to Alert Severity and set the value to Warning.

7.
In the Select Destination Management Pack pull-down menu, select the appropriate override management pack. If none exists, create a new override management pack named “Group Policy MP Overrides” by clicking New.

Note

Never use the Default Management Pack for overrides. Always create an override management pack that corresponds to each imported management pack.

8.
Click OK to save the override.

Now the next time the monitor triggers an alert, it will be of warning severity and will not generate a notification email. However, the alert can still be reviewed in the console.

This approach to tuning will address 90% of the noisy alerts that you get. To target the noisiest alerts, see the report Most Common Alerts in the next section. This helps identify the alerts that are responsible for the most noise. You’ll frequently find that 50% of your alerts are coming from less than five rules or monitors. Tuning those will give you the most bang for your buck.
Other -----------------
- Windows Server 2008 R2 : Monitoring DMZ Servers with Certificates
- Integrating Client Access into Exchange Server 2010 Design
- Designing Exchange Server Infrastructure
- Designing Exchange Server Roles in an Exchange Server Environment
- Architecting an Enterprise-Level Exchange Server Environment : Determining Hardware and Software Components
- Designing Active Directory for Exchange Server 2010
- Active Directory Domain Services 2008 : View Cached Credentials on a Read-Only Domain Controller
- Active Directory Domain Services 2008 : Remove a User, Group, or Computer from the Password Replication Policy
- Active Directory Domain Services 2008 : Add a User, Group, or Computer to the Password Replication Policy
- Building BizTalk Server 2009 Applications : What are BizTalk schemas?
 
 
Top 10
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
- Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
- Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
 
programming4us
 Windows Vista
programming4us
 Windows 7
programming4us
 Windows Azure
programming4us
 Windows Server