For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

RichardH_77217's avatar
RichardH_77217
Icon for Nimbostratus rankNimbostratus
Aug 11, 2010

Enabled and recommended alerting

Hi All,     It looks like I have the Mgmt pack up and running successfully, but a read through the docs and browsing the monitors has left me at a bit of a loss on getting alerts flowing. From w...
management
microsoft
scom
Julian_Balog_34's avatar
Julian_Balog_34
Historic F5 Account
Aug 16, 2010
Hi Richard,

 

 

I'm sorry for the late reply on this topic, not sure exactly how this post got lost and unanswered in our queue.

 

 

Basically, what you try to accomplish is to create F5 Management Pack alert overrides for various F5 device object configuration or monitoring events. And the answer is yes, you can do that, although is not quite straightforward, mostly because the SCOM F5 Management Pack is sealed and with the current design of the management pack we haven't extended into such capabilities. Yet. But we may come back to that in the future. Until then, there is a blog article we wrote some time ago, on how to create an alert override in the F5 MP: http://devcentral.f5.com/weblogs/jbalog/archive/2009/10/08/overriding-alert-monitor-messages-in-the-f5-management-pack.aspx.

 

 

The procedure is relatively easy to follow and we had a few customers who actually created their own F5 MP alert overrides following this article. Keep in mind that the article is focused on creating an alert override targeting the monitoring state change for an F5 LTM Pool Member. But you can follow the same steps to create alert overrides for any F5 object, and targeting monitoring state changes as well as configuration state changes. For this you have to set the appropriate target for the alert, in the procedure described in the article.

 

 

You can wire your alert overrides into the Availability Monitor State change for the aggregate monitor of a given F5 object. So, the alerts would be triggered when there’s a change in the Monitor State from RED to GREEN. Or you can choose to use the Configuration Enabled State changes as well, when you'll need to override the appropriate Configuration Enabled State aggreagate monitor (instead of the Availability Monitor State aggregate monitor), for the F5 object you target your alert to. Sometimes you probably want to have both overrides. The same principle applies in creating the other overrides as well, just make sure you use different (sensible) names for the corresponding overrides / alerts / messages.

 

 

Let me know if you need further assistance. We can also set up a webEx session if needed.

 

 

Julian