FIDO: generic alarm matching criteria and examples

FIDO: generic alarm matching criteria and examples

FIDO has several attributes, including 'impact' and 'help files', 'time of day', 'holddown' and 'group_correlation' that use the same alarm matching criteria.

Alarms are processed in the following order:

<items> {exact matches}
<pre_attributes> {override for CIDR based matching}
<ip> {CIDR based matching}

Exact matches

          value = $value

IP based matching, IPv4 and IPv6

        value = 3
        reason = management network

Alarm attribute based matching

Rules are processed in numerical order.  Each rule can have submatches (<matches> tag).  The <matches> rules form a logical AND. 

Under each <matches> rule, there can be either a 'defined' tag, 'equal' tag -OR- one or more 'match' values.  'match' values are perl regular expressions.  If you set the 'match_re = true' keyword [see BAN example below] special characters will be preserved for the regexp match. 

There can also be one more more FIDO alarm 'key_match' values.  These rules form a mesh logical OR.  So, for example, in the below rule 10 match 10, only device, descr or info needs to match s-vahosp-101-1-access to be accepted by the rule.

           match = s-vahosp-101-1-access
                device =
                descr =
                info =
     value = BanVAHospital

See Also:

Keywords:FIDO: generic alarm matching criteria and examples   Doc ID:37246
Owner:Michael H.Group:Network Services
Created:2014-02-03 10:48 CSTUpdated:2017-12-12 14:05 CST
Sites:Network Services, Systems & Network Control Center, University of Wisconsin System Network
Feedback:  0   0