Wrong SNMP Trap email alert being triggered in user_alert.conf
I currently have two webpages being hosted on the same server. I am using f5 to monitor those pages with the HTTPS health monitor. I have two separate monitors for the two pages. My goal was to be able to receive email alerts when one of the monitors would fail but i wanted the email to state which monitor exactly was the one generating the alert so that i can know immediately which page is no longer up. I did the following in the user_alert.conf
alert WEBPAGE1 Monitor Fail " SNMP_TRAP: Pool /Common/Test_Pool member Server_Test (ip:port=10.100.X.X:0) state change green --> red ( Monitor /Common/WebPage1_Monitor from 10.10.X.X : connect: timeout search result false)" {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.200";
email toaddress="anton639@email.com"
fromaddress="F5_BIGIP "
body="Webpage1 Monitor Fail"
}
alert WEBPAGE2 Monitor Fail " SNMP_TRAP: Pool /Common/Test_Pool member Server_Test (ip:port=10.100.X.X:0) state change green --> red ( Monitor /Common/WebPage2_Monitor from 10.10.X.X : connect: timeout search result false)" {
snmptrap OID=".1.3.6.1.4.1.3375.2.4.0.201";
email toaddress="anton639@email.com"
fromaddress="F5_BIGIP "
body="Webpage2 Monitor Fail"
}
My issue is that when i am testing and i intentionally stop webpage 2 from running, i am receiving the email alert for webpage one. I am assuming the snmp trap text used to identify the event is not differentiating between the two monitors and is sending the first snmmp trap in the list. Is it possible to send an email alert for the specific health monitor that is failing even though the monitors are of the same type? What can be changed in my configuration to achieve this? Your assistance will be appreciated.