Versions Compared

Old Version 10

changes.mady.by.user Mark Henry (Unlicensed)

Saved on

compared with

New Version Current

changes.mady.by.user Mark Henry (Unlicensed)

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

A minimum install of opEvents 4 requires NMIS 9 as the base and a minimum of 4vCPU and 8GBRam. However, operational system resource requirements will depend highly on the number of devices, interfaces being collected, additional syslog processing and maximum number of events / minute to bee handled. More information can be found HERE: Plan Server Requirements

Test Login Using Default Credentials

...

  1. Open /usr/local/omk/conf/opCommon.json
  2. Locate the "omkd_secrets" setting, change this to match the setting you copied from 'auth_web_key' earlier.
  3. Save and close the file.
  4. If you changed this setting make sure to restart the omkd daemon

Setup Summary Reports

Scenario: The Operations Manager has formed a Tiger Team focused on improving the reliability, performance, and security of the network. He would like a report generated daily sent to the Tiger Team and NOC Manager, and a Weekly report to the Network Architect and himself. These reports will be used to task staff with investigation and remediation.

opEvents automatically creates detailed reports on processed events on a Daily, Weekly, and Monthly basis. opEvents can be configured to email these reports upon creation.

Report Configuration is covered in detail HERE: opEvents Summary Reports

Adjust Node Summary Field List

...

Add/Edit Correlation Rules

Correlation rules allow opEvents to consolidate multiple events reported within a specified window of time based on selected common fields.

Scenario: During a regional power outage several devices located within that area loose power and due to lack of battery backup or alternate power source shutdown. As NMIS attempts a Ping or SNMP/WMI Collection on these devices a Node Down event is raised for each non-responding device. Normally, opEvents would see these as individual events, creating multiple notifications. By enabling a Location based Correlation rule opEvents instead groups these Node Down events into a single event making it easier for the engineer to see the scope of the problem. This approach also has the added benefit of reducing ancillary notifications, like EMAIL, SMS/Text, and opening help desk tickets.

This solution guide provides an excellent example of configuring a Correlation based on a device's Location field: opEvents - Solution Guide - Event Consolidation Based on Location

A more in-depth discussion of event correlation rules is covered HERE: Event Correlation

Add Troubleshooting Buttons

...

Send an Email from an Event

Scenario: The NOC manager would like to receive an automated email for any service impacting event when the event is opened, and again when it closes or is Acknowledged.

One of the simplest responses to an event is to generate an email. You might generate an email for every event, just for events with a certain minimum Priority, only during certain times of day (or days of the week), etc. opEvents allows your Event Actions rules to be as generic or specific as you need them to be.

Before you can generate an email you will need to:

  1. Define an email server to send the email through
  2. Create at least one contact that emails can be sent to
  3. Test and confirm the configured email server works and the configured contact receives an email

This process is well defined in this Solution Guide: opEvents - Solution Guide - Setup Email Notifications and Other Actions

Add Troubleshooting Buttons

Note
titleAdvanced Topic

This is an advanced topic and requires the administrator to be confident copy, and editing text files at the Linux command line.

It can be helpful to include troubleshooting tools into opEvents so that I engineering users can stay in a single window while working an issue without having to open separate command line windows or other tools. One way of doing this is by adding some simple Programmable Buttons that can be turned on/off based on various device or event criteria, or enabled all the time for every event.

...

More on Event Actions can be found HERE: Event Actions and Escalation

Setup Summary Reports

opEvents automatically creates detailed reports of all events processed on a Daily, Weekly, and MOnthly basis. These reports can be emailed upon creation with the Daily Report going to the engineering Tiger Team/NOC Manager, and Weekly to Architect and Department Head.

...

Add/Edit Correlation Rules

Correlation rules allow opEvents to consolidate multiple events reported within a specified window of time based on selected common fields.

Scenario: During a regional power outage several devices located within that area loose power and due to lack of battery backup or alternate power source shutdown. As NMIS attempts a Ping or SNMP/WMI Collection on these devices a Node Down event is raised for each non-responding device. Normally, opEvents would see these as individual events, creating multiple notifications. By enabling a Location based Correlation rule opEvents instead groups these Node Down events into a single event making it easier for the engineer to see the scope of the problem. This approach also has the added benefit of reducing ancillary notifications, like EMAIL, SMS/Text, and opening help desk tickets.

This solution guide provides an excellent example of configuring a Correlation based on a device's Location field: opEvents - Solution Guide - Event Consolidation Based on Location

A more in-depth discussion of event correlation rules is covered HERE: Event Correlation