User Guide for Device Fault Manager 3.0.2 (With LMS 3.0 December 2007 Update) - Using Notification Services [CiscoWorks Device Fault Manager]

Table Of Contents

Using Notification Services

Understanding Notifications and Subscriptions

Customizing the Names of DFM Events

Configuring Event Sets and Notification Groups for Subscriptions

Configuring Event Sets

Configuring Notification Groups

Setting Up a Notification Group as Static or Dynamic

Managing SNMP Trap Notifications

Adding an SNMP Trap Notification Subscription

Editing an SNMP Trap Notification Subscription

Suspending an SNMP Trap Notification Subscription

Resuming an SNMP Trap Notification Subscription

Deleting an SNMP Trap Notification Subscription

Managing E-Mail Notifications

Adding an E-Mail Notification Subscription

Editing an E-Mail Notification Subscription

Suspending an E-Mail Notification Subscription

Resuming an E-Mail Notification Subscription

Deleting an E-Mail Notification Subscription

Managing Syslog Notifications

Adding a Syslog Notification Subscription

Editing a Syslog Notification Subscription

Suspending a Syslog Notification Subscription

Resuming a Syslog Notification Subscription

Deleting a Syslog Notification Subscription

Using Notification Services

Device Fault Manager (DFM) generates alerts in response to events occurring in the IP fabric. DFM displays alerts in the Alerts and Activities display. In addition to monitoring operations with the Alerts and Activities display, you can forward information about alerts and events to other systems and users by using notification services.

Since DFM does not report alerts generated on VLANs, you cannot create notifications for VLAN faults. However, you can view VLAN information on the event properties page and in the Detailed Device View. (See Viewing Event Properties and Starting the Detailed Device View.)

The following topics explain notification service concepts and provide procedures for managing notifications:

•Understanding Notifications and Subscriptions

•Customizing the Names of DFM Events

•Configuring Event Sets and Notification Groups for Subscriptions

•Managing SNMP Trap Notifications

•Managing E-Mail Notifications

•Managing Syslog Notifications

Understanding Notifications and Subscriptions

To use Notification Services, you must create and activate a notification subscription. The subscription requires a Notification group component. This component specifies the notification criteria (the devices to monitor, how severe an event must be to be reported, and so forth).

Optionally the notification group can also contain an Event set listing the events you want to monitor; this is useful when you do not want to monitor all events that occur on a device. Notification groups can be static or dynamic. DFM can be set up to have either static notification groups or dynamic notification groups.

•If you work with static groups, no further devices can be added to those groups.

•If you set up dynamic groups, then any device that fits the criteria for the groups will be added to those groups.

After you have configured your subscription, you can name it according to your needs. Regardless of whether you configure SNMP Trap, E-Mail, or Syslog notifications, you must always create a subscription containing a notification group. The final step in configuring your notification subscription is specifying the notification recipients.

Note Events and alerts are not mutually exclusive. In other words, if a subscription is monitoring all events on a device (by not using an event set), and another subscription is monitoring only specific events on a device, you will receive duplicate notifications.

Notification Services tracks events on device types, not on device components. For a list of supported events and the device types on which they can occur, see Events Processed.

Creating a Notification Subscription

To create a notification subscription, perform the following steps:

1. If you want to monitor a specific set of events, create an event set that contains the events you want to monitor. Otherwise, all events and alerts will be monitored.

2. Create a notification group that specifies the criteria DFM should use when generating notifications:

•One or more event sets (if no event set is specified, all events and alerts are monitored)

•Devices, alert severity and status, and event severity and status

You can specify the notification group name, along with entering identifying information (using the Customer ID and Customer Revision fields).

3. Create a subscription by doing the following:

a. Select the notification type (SNMP Trap, E-Mail, or Syslog).

b. Name the subscription and apply a notification group to it.

c. Specify the recipients (hostname, e-mail address).

d. Save the subscription. It will automatically start running.

Notification Types

DFM provides three types of notifications:

•SNMP Trap Notification—DFM generates traps with information about the alert and the events that caused it. CISCO-EPM-NOTIFICATION-MIB defines the trap message format. For more information, see Notification MIB. DFM can also generate SNMP trap notifications for specified events.

Using SNMP trap notification is different from forwarding raw traps to another server before they have been processed by DFM. For information about the raw traps that DFM can forward, see Pass-Through SNMP Unidentified Traps.

•E-mail Notification—DFM generates e-mail messages containing information about the alert and the events that caused it. CISCO-EPM-NOTIFICATION-MIB defines the message, which is included in the e-mail in text format. A full e-mail notification for an alert will contain a concatenated list of all events in the alert; alternately, you can specify that you want the e-mail to only contain an informational subject line.

•Syslog Notification—DFM generates Syslog messages that can be forwarded to Syslog daemons on remote systems.

All notifications have a default maximum message size of 250 characters. You can reset this variable to any value between 250 and 1024 characters by editing the notification properties file.

To do this:

Step 1 Open the configuration file NMSROOT/objects/nos/config/nos.properties.

Step 2 Locate the following lines and change the value to any value up to 1024 characters:
MAX_TRAP_DES=250 
MAX_EMAIL_DES=250 
MAX_SYSLOG_DES=250
Step 3 Stop and restart the CiscoWorks daemon manager on the DFM server.

a. Stop the daemon manager:

On Windows:
net stop crmdmgmt
On Solaris:
/etc/init.d/dmgtd stop
b. Restart the daemon manager:

On Windows:
net start crmdmgmt
On Solaris:
/etc/init.d/dmgtd stop
Notification Replay

You can configure DFM to replay notifications in the event that DFM has to be restarted. Edit the file /opt/CSCOpx/objects/nos/config/nos.properties as follows:

To do this, set the value SEND_NOTIF_ON_START=1 to enable this feature. When the value is set to the default value (0), the notifications will not be replayed.

Subscriptions

DFM sends notifications based on user-defined subscriptions. You can create up to 32 notification subscriptions. A subscription for SNMP trap notification or e-mail notification includes the following common elements, as determined by the CISCO-EPM-NOTIFICATION-MIB:

•Devices—The devices or device groups of importance to the recipients.

•Alert severity and status—One or more alert severity levels and status.

•Event severity and status—One or more event severity levels and status. You can also customize the names of the events used by Notification Services, the Alerts and Activities display, and Fault History. See Customizing the Names of DFM Events.

•Recipients—One or more hosts to receive SNMP traps or users to receive e-mail. For Syslog notifications, the recipient would be the remote host containing a Syslog daemon configured to listen for Syslog messages.

•Name—A user-defined name to identify the subscription.

Subscriptions are based on user-configured event sets and notification groups. See Configuring Event Sets and Notification Groups for Subscriptions for more information.

Alerts and Events

DFM sends notifications whenever an alert or event occurs that matches a subscription. For each alert or event, DFM compares the device, severity, and state against subscriptions and sends a notification when there is a match. Matches can be determined by user-configured event sets and notification groups.

The procedure for configuring notification groups is described in Configuring Event Sets and Notification Groups for Subscriptions.

DFM assigns one severity to each alert or event and changes the state of an alert or event over time, responding to user input and changes on the device. Table 5-1 lists values for severity and explains how the state of an alert or event changes over time.

Note You can change event names to names that are more meaningful to you. See Customizing the Names of DFM Events.

Table 5-1 Alert and Event Severity and Status

DFM categorizes alerts and events by severity and status...

Severity

Critical

Warning

Informational

Status

•Active—The alert or event is live.

•ACK—A user has manually acknowledged the alert. A user can acknowledge only active alerts or events.

•Cleared—The alert or event is no longer active.

•Alerts or events that have been cleared either expire or, if associated with a suspended device, remain in DFM until a user resumes or deletes the device.

For additional information, please see the following topics:

•Getting Alert Details

•Getting Event Details

Customizing the Names of DFM Events

Notification Services allows you to customize the names of events displayed in DFM. When you customize an event name, that name is reflected in all notifications, on the Alerts and Activities display, and in Fault History. The new event name is used for all instances of an event, regardless of the component on which the event occurs.

You can easily revert to the default event names as needed. The Notification Customization page also lists the new name and default name, so you can easily check which names have been changed.

To check and modify the names:

Step 1 From DFM, select Notification Services > Notification Customization.

The Notification Customization page appears.

Step 2 Select the event names you want to customize by clicking the check box beside each event name.

Step 3 Enter your new names in the New Event Description fields.

Step 4 Do either of the following:

•Click Save new descriptions to save your changes but not apply them to the DFM displays.

Or

•Click Apply saved descriptions.

The confirmation window appears.

•Click Yes.

The changes are applied to DFM.

To revert to default event names:

a. From the Notification Customization page, select the events you want to restore to their default names, and click Restore factory settings.

b. Apply your changes by clicking Yes when the confirmation window appears.

For additional information, see the following topics:

•Getting Event Details

Configuring Event Sets and Notification Groups for Subscriptions

Before you can create an SNMP trap or an e-mail or Syslog notification subscription, you must create a notification group. Creating event sets is optional.

•Event sets list the events you want monitored for notifications

•Notification groups contain the criteria that DFM should use when generating a notification:

–One or more event sets, or all events and alerts

–Devices

–Alert status and severity

–Event status and severity

–Fields for user-specified additional information you want to include with the subscription

Creating event sets and notification groups are described in the following topics:

•Configuring Event Sets

•Configuring Notification Groups

Configuring Event Sets

Event sets are simply groups of the events you want to monitor. You can create up to nine event sets, labeled A through I.

After you have created an event set, you can apply as many of them as you want to a notification group, thereby tracking the specific events in which you are interested. If you do not specify an event set, DFM will monitor all events and alerts for notifications.

Note Events and alerts are not mutually exclusive. In other words, if a subscription is monitoring all events on a device (by not using an event set), and another subscription is monitoring only specific events on a device, you will receive duplicate notifications.

Step 1 From DFM, select Notification Services > Event Sets.

The Event Sets page appears. The page contains the following information.

Event Code

Notification Services code for the event. This number cannot be changed and is used to map default names to customized names.

Description

Event description (user-defined or default).

Severity

Event severity.

A - I

Event set label. If an X appears in this column, the corresponding event belongs to that event set.

Step 2 For each event set you want to configure, select events by doing either of the following:

•Select specific events by clicking the editable field under the label, and selecting X.

•Select or deselect all events for an event set using the Select or the Deselect button.

Step 3 Click Apply.

If you want to create a notification subscription, first create a notification group that uses your event set. See Configuring Notification Groups.

For additional information, please see the following topics:

•Configuring Notification Groups

Configuring Notification Groups

When you set up a subscription, DFM lets you choose from existing notification groups. You can then configure an SNMP trap or an e-mail or Syslog notification to use a specific notification group. The notification groups contains the following information:

•One or more event sets, if desired (otherwise, the notification group will contain all events and alerts)

•Devices

•Alert status and severity

•Event status and severity

•Fields for user-specified additional information you want to include with the subscription

•Whether the group is static or dynamic

You can configure a maximum of 64 notification groups. If the DFM server is using Access Control Server (ACS) mode, ACS may limit the devices you can view and then apply to a notification group.

Notification Services will not refilter the devices if there is a change in the device list you may access. For more information, see Device-Based Filtering.

Note You cannot delete a notification group that is being used by a running subscription.

Step 1 From DFM, select Notification Services > Notification Groups.

Step 2 Click Add to create a notification group.

The Notification Group Save: Add page appears. (If you want to edit or delete a notification group, click the appropriate button and follow the instructions.)

Step 3 Specify the devices, alert severity and status, event sets (if desired), and event severity and status. Click Next.

Events and alerts are not mutually exclusive. In other words, if a subscription is monitoring all events on a device (by not using an event set), and another subscription is monitoring only specific events on a device, you will receive duplicate notifications.

With many devices in DFM, it can sometimes be difficult to locate the devices you are interested in. To assist you in locating devices, use the search option in The Device Selector Pane.

Step 4 Specify the notification group name, and enter any desired identifying information in the Customer ID and Customer Revision fields.

•For e-mail and Syslog notifications, if you leave these fields blank, they are left blank in the notification.

•For SNMP trap notifications, if you leave these fields blank, they are displayed as followed in any notifications:
Customer ID: -
Customer Revision: *
Click Next.

Step 5 Create the notification group by clicking Finish.

Step 6 To create a notification subscription, follow the instructions in one of these topics:

•Adding an SNMP Trap Notification Subscription

•Adding an E-Mail Notification Subscription

•Adding a Syslog Notification Subscription

Setting Up a Notification Group as Static or Dynamic

Notification groups in DFM can be static or dynamic. If you set up DFM to include static groups, mappings between the list of the devices and the notification events for those devices are generated. You cannot add devices to or delete devices from a static group.

If you set up DFM to have dynamic groups, then any device that fits the criteria for a group will be added to that group. You can also delete devices from a dynamic group.

When a device is added to a group, all similar devices are also added. For example, if you have ten routers in the network and create a dynamic group that contains five of these routers, when you add an eleventh router, that router is added to the group along with the other five routers. The group would then contain all eleven routers.

Note Notification groups can be static or dynamic; you cannot have a mix of group types.

To set up DFM to include dynamic groups, edit the file /opt/CSCOpx/objects/nos/config/nos.properties and set the following value:

DYNAMIC_NOTIF_GROUPS=1

For additional information, see the following topics:

•Configuring Event Sets

Managing SNMP Trap Notifications

The SNMP Trap Notifications page displays the following information:

•Subscription—The name of the user-defined request for notification.

•Status—The subscription status; can be either of the following:

–Running—DFM is using the subscription while monitoring alerts to determine when to send a notification.

–Suspended—DFM will not use the subscription unless you resume it.

•Notification Group—The name of notification group that is applied to the subscription.

You are completely in control of subscriptions. DFM does not delete subscriptions under any circumstances.

From the SNMP Trap Notifications page, you can perform the tasks listed in Table 5-2.

Table 5-2 SNMP Trap Notification Subscriptions

Task

Sample Usage

Reference

Add

•Add a subscription that will send SNMP trap notification for one device with an alert or event of any severity (critical, warning, or informational) and any status (active, acknowledged, or cleared).

Adding an SNMP Trap Notification Subscription

Edit

•View the notification group and hosts that comprise the subscription.

•Change the trap recipients/notification groups that comprise the subscription.

Editing an SNMP Trap Notification Subscription

Suspend

•Temporarily stop sending SNMP trap notifications to a host.

•Temporarily stop sending SNMP trap notifications about a device group.

Suspending an SNMP Trap Notification Subscription

Resume

•Start sending SNMP trap notifications to a host again.

•Start sending SNMP trap notifications about a device group using a previously suspended subscription.

Resuming an SNMP Trap Notification Subscription

Delete

•Remove SNMP trap notification subscriptions that are no longer useful.

•Remove redundant SNMP trap notification subscriptions.

Deleting an SNMP Trap Notification Subscription

Adding an SNMP Trap Notification Subscription

After you add a subscription for SNMP trap notification, generated SNMP traps are forwarded to the hosts you specify until you change, suspend, or delete the subscription.

Note Adding a subscription is a multi-step process. Your changes are not saved until you click the Finish button on the final page.

Before You Begin

You must create a notification group before you can create an SNMP trap notification subscription. Refer to Configuring Notification Groups.

Step 1 From DFM, select Notification Services > SNMP Trap Notification.

The SNMP Trap Notification Subscriptions page appears.

Step 2 Click the Add.

Step 3 Complete the Trap Subscription Save: Add window:

a. Enter a subscription name.

b. Select a notification group.

If you are upgrading DFM and want to use the trap recipients from an earlier configuration, activate the Recipients from Upgrade check box. (This choice is only available for systems that have been upgraded from earlier versions of DFM.)

c. Click Next.

Step 4 Enter one or more hosts as recipients for traps:

a. For each host, enter:

•An IP address or DNS name for the hostname.

Restart the NOSServer to pick up the change in the host name when host name is used for the trap server and there is a change in that host name.

•A port number on which the host can receive traps. If the port number is unspecified (empty), the port defaults to 162. (You can verify this in Step 5.)

•A comment. (This is optional).

b. Click Next.

Step 5 Review the information that you entered and click Finish.

The SNMP Trap Notifications page is displayed, showing the new subscription.

Note No information is saved until you complete Step 5.

Editing an SNMP Trap Notification Subscription

You can edit an SNMP trap notification subscription regardless of its status (Running or Suspended).

After you edit an SNMP trap notification subscription, if the subscription status is Running, traps are forwarded as specified until you edit, suspend, or delete the subscription. Editing a suspended subscription automatically resumes it.

Note Editing a subscription is a multi-step process. Your changes are not saved until you click the Finish button on the final page.

Step 1 From DFM, select Notification Services > SNMP Trap Notification.

The SNMP Trap Notification Subscriptions page appears.

Step 2 Select the subscription you want to edit by clicking the radio button beside it.

Step 3 Click the Edit.

No information is saved until you complete Step 5.

Step 4 Edit the Trap Subscription Save: Edit window:

a. Change the subscription name.

b. Select another notification group.

If you are upgrading DFM and want to use the trap recipients from an earlier configuration, activate the Recipients from Upgrade check box. (This choice is only available for systems that have been upgraded from earlier versions of DFM.)

c. Click Next.

Step 5 Add or delete a recipient host or change the port number for a host:

a. To add one or more recipients, for each host, enter:

•An IP address or DNS name for the hostname.

•A port number on which the host can receive traps. If the port number is unspecified (empty), the port defaults to 162. (You can verify this in Step 6.)

•A comment. This is optional.

b. To delete a recipient, delete the hostname, port number, and comment, if any.

c. Click the Next.

Step 6 Review the information that you entered and click the Finish.

The SNMP Trap Notifications page is displayed.

Suspending an SNMP Trap Notification Subscription

After you suspend an SNMP trap notification subscription, DFM stops using the subscription to select and forward traps. The subscription status changes to Suspended.

To do this:

Step 1 From DFM, select Notification Services > SNMP Trap Notification.

The SNMP Trap Notification Subscriptions page appears.

Step 2 Select the subscription you want to suspend by clicking the radio button beside it.

Step 3 Click the Suspend.

Step 4 Click OK in the confirmation dialog box.

The SNMP Trap Notification Subscriptions page is displayed. The subscription status is Suspended.

Resuming an SNMP Trap Notification Subscription

You can resume an SNMP trap notification subscription only when the subscription status is Suspended. After you resume a subscription, DFM starts using it to identify alerts for which to forward traps. The subscription status changes to Running.

To do this:

Step 1 From DFM, select Notification Services > SNMP Trap Notification.

The SNMP Trap Notification Subscriptions page appears.

Step 2 Select the subscription you want to resume by clicking the radio button beside it.

Step 3 Click the Resume.

Step 4 Click OK in the confirmation dialog box.

The SNMP Trap Notification Subscriptions page is displayed. The subscription status is Running.

Deleting an SNMP Trap Notification Subscription

You can delete an SNMP trap notification subscription regardless of the subscription status. Deleting a subscription removes it permanently from DFM.

Note You can also suspend a subscription. Suspending a subscription causes the subscription to not be used until a user resumes it.

Step 1 From DFM, select Notification Services > SNMP Trap Notification.

Step 2 Select the subscription you want to delete by clicking the radio button beside it.

Step 3 Click the Delete.

Step 4 Click OK in the confirmation dialog box.

The SNMP Trap Subscriptions page appears. The subscription is no longer displayed.

Managing E-Mail Notifications

The E-Mail Notifications page displays the following information:

•Subscription—The name of the user-defined request for notification.

•Status—The subscription status; can be either of the following:

–Running—DFM is using the subscription while monitoring alerts to determine when to send a notification.

–Suspended—DFM will not use the subscription unless you resume it.

•Notification Group—The name of notification group that is applied to the subscription.

You are completely in control of subscriptions. DFM does not delete subscriptions under any circumstances. From the E-Mail Notifications page, you can perform the tasks listed in Table 5-3.

Table 5-3 E-Mail Notification Subscriptions

Task

Sample Usage

Reference

Add

•Add a subscription that will send e-mail notification to a user for one device with an alert or event of any severity (critical, warning, or informational) and any status (active, acknowledged, or cleared).

Adding an E-Mail Notification Subscription

Edit

•View the notification group and e-mail recipients that comprise the subscription.

•Change the e-mail recipients/notification group that comprise the subscription.

Editing an E-Mail Notification Subscription

Suspend

•Temporarily stop sending e-mail notifications to a user.

•Temporarily stop sending e-mail notifications about a device group.

Suspending an E-Mail Notification Subscription

Resume

•Start sending e-mail notifications to a user again.

•Start sending e-mail notifications about a device group using a previously suspended subscription.

Resuming an E-Mail Notification Subscription

Delete

•Remove e-mail notification subscriptions that are no longer useful.

•Remove redundant e-mail notification subscriptions.

Deleting an E-Mail Notification Subscription

Adding an E-Mail Notification Subscription

After you add a subscription for e-mail notification, DFM sends e-mail to the users you specify whenever an alert occurs that matches the subscription.

Note Adding a subscription is a multistep process. Your changes are not saved until you click the Finish button on the final page.

Before You Begin

You must create a notification group before you can create an E-Mail Notification subscription. Refer to Configuring Notification Groups.

Step 1 From DFM, select Notification Services > E-Mail Notification.

The E-Mail Notification Subscriptions page appears.

Step 2 Click the Add.

Step 3 Complete the E-Mail Subscription Save: Add window:

a. Enter a subscription name.

b. Select a notification group.

If you are upgrading DFM and want to use the e-mail recipients from an earlier configuration, activate the Recipients from Upgrade check box. (This choice is only available for systems that have been upgraded from earlier versions of DFM.)

c. Click Next.

Step 4 Enter the e-mail information:

•SMTP Server—The name of the default Simple Mail Transfer Protocol (SMTP) server may already be displayed. The server is specified using Configuration > Other Configuration > SMTP Default Server. You may also enter a fully qualified DNS name or IP address for an SMTP server.

To select from any nondefault SMTP servers in use by existing subscriptions, click the SMTP Servers button.

•Sender Address—Enter the e-mail address that notifications should be sent from. If the sender's e-mail service is hosted on the SMTP server specified, you need enter only the username. You do not need to enter the domain name.

•Recipient Addresses—Enter one or more e-mail addresses that notifications should be sent to, separating multiple addresses with either a comma or a semicolon. If a recipient's e-mail service is hosted on the SMTP server specified, you need to enter only the username. You do not need to enter the domain name.

By default, e-mail notification supplies a fully detailed e-mail message. To omit the message body and send only a subject line, select the Headers Only check box.

Step 5 Click the Next button located at the bottom of the page.

Step 6 Review the information that you entered and click the Finish.

The E-Mail Notification Subscriptions page is displayed, showing the new subscription.

Note No information is saved until you complete Step 6.

Note For instructions on how to configure a default SMTP server, see Configuring a Default SMTP Server.

Editing an E-Mail Notification Subscription

You can edit an e-mail notification subscription regardless of its status (Running or Suspended).

After you edit an e-mail notification subscription, if the subscription status is Running, e-mail is forwarded as specified until you change, suspend, or delete the subscription. Editing a suspended subscription automatically resumes it.

Note Editing a subscription is a multi-step process. Your changes are not saved until you click the Finish button on the final page.

Step 1 From DFM, select Notification Services > E-Mail Notification.

The E-Mail Notification Subscriptions page appears.

Step 2 Select the subscription you want to edit by clicking the radio button beside it.

Step 3 Click Edit.

Step 4 Edit the E-Mail Subscription Save: Edit window:

a. Change the subscription name.

b. Select another notification group.

c. Click Next.

Step 5 Change the SMTP server, the sender, the recipients, or the amount of detail sent in e-mail as needed:

•SMTP Server—The name of the default Simple Mail Transfer Protocol (SMTP) server may already be displayed. The server is specified using Configuration > Other Configuration > SMTP Default Server. You may also enter a fully qualified DNS name or IP address for an SMTP server.

Note To select from any nondefault SMTP servers in use by existing subscriptions, click the SMTP Servers button.

•Sender Address—Enter the e-mail address that notifications should be sent from. If the sender's e-mail service is hosted on the SMTP server specified, you need to enter only the username. You do not need to enter the domain name.

•Recipient Address(es)—Enter one or more e-mail addresses that notifications should be sent to. When entering multiple addresses, include a comma or a semicolon between addresses. If a recipient's e-mail service is hosted on the SMTP server specified, you need to enter only the username. You do not need to enter the domain name.

•By default, e-mail notification supplies a fully detailed e-mail message. If, however, the Headers Only check box is selected, the message body is omitted from the e-mail.

Step 6 Click the Next button located at the bottom of the page.

Step 7 Review the information that you entered and click the Finish.

The E-Mail Notification Subscriptions page is displayed.

Note For instructions on how to configure a default SMTP server, see Configuring a Default SMTP Server.

Suspending an E-Mail Notification Subscription

After you suspend an e-mail notification subscription, DFM stops using the subscription to send e-mail notification. The subscription status changes to Suspended.

To do this:

Step 1 From DFM, select Notification Services > E-Mail Notification.

The E-Mail Notification Subscriptions page appears.

Step 2 Select the subscription you want to suspend by clicking the radio button beside it.

Step 3 Click the Suspend.

Step 4 Click OK in the confirmation dialog box.

The E-Mail Notification Subscriptions page is displayed. The subscription status is Suspended.

Resuming an E-Mail Notification Subscription

After you resume an e-mail notification subscription, DFM starts using the subscription to determine when e-mail notification should be sent in response to an alert. The subscription status changes to Running.

Step 1 From DFM, select Notification Services > E-Mail Notification.

The E-Mail Notification Subscriptions page appears.

Step 2 Select the subscription you want to resume by clicking the radio button beside it.

Step 3 Click the Resume.

Step 4 Click OK in the confirmation dialog box.

The E-Mail Notification Subscriptions page is displayed. The subscription status is Running.

Deleting an E-Mail Notification Subscription

You can delete an e-mail notification subscription regardless of the subscription status. Deleting a subscription removes it permanently from DFM.

Note You can also suspend a subscription. Doing so causes the subscription to not be used until a user resumes it.

Step 1 From DFM, select Notification Services > E-Mail Notification.

Step 2 Select the subscription you want to delete by clicking the radio button beside it.

Step 3 Click the Delete.

Step 4 Click OK in the confirmation dialog box.

The E-Mail Subscriptions page appears. The subscription is no longer displayed.

Managing Syslog Notifications

The Syslog Notifications page displays the following information:

•Subscription—The name of the user-defined request for notification.

•Notification Group—The name of notification group that is applied to the subscription.

•Status—The subscription status; can be either of the following:

–Running—DFM is using the subscription while monitoring alerts to determine when to send a notification.

–Suspended—DFM will not use the subscription unless you resume it.

You are completely in control of subscriptions. DFM does not change or delete subscriptions under any circumstances. From the Syslog Notifications page, you can perform the tasks listed in Table 5-4.

Table 5-4 Syslog Notification Subscriptions

Task

Sample Usage

Reference

Add

•Add a subscription that will send a Syslog notification to a remote machine for one device with an alert or event of any severity (critical, warning, or informational) and any status (active, acknowledged, or cleared).

Adding a Syslog Notification Subscription

Edit

•View the notification group and Syslog recipient that comprise the subscription.

•Change the Syslog recipients/notification group that comprise the subscription.

Editing a Syslog Notification Subscription

Suspend

•Temporarily stop sending Syslog notifications to a remote host.

•Temporarily stop sending Syslog notifications about a device group.

Suspending a Syslog Notification Subscription

Resume

•Start sending Syslog notifications to a remote host again.

•Start sending Syslog notifications about a device group using a previously suspended subscription.

Resuming a Syslog Notification Subscription

Delete

•Remove Syslog notification subscriptions that are no longer useful.

•Remove redundant Syslog notification subscriptions.

Deleting a Syslog Notification Subscription

Adding a Syslog Notification Subscription

After you add a subscription for Syslog notification, DFM sends a Syslog message to the specified remote hosts whenever an alert or event occurs that matches the subscription.

Note Adding a subscription is a multistep process. Your changes are not saved until you click the Finish button on the final page.

Before You Begin

•You must create a notification group before you can create a Syslog Notification subscription. Refer to Configuring Notification Groups.

•A remote machine's Syslog daemon must be configured to listen on a specified port, and you must enter this information in Step 3 of the following procedure. DFM uses the default port 514.

Step 1 From DFM, select Notification Services > Syslog Notification.

The Syslog Notification Subscriptions page appears.

Step 2 Click the Add.

a. Enter a subscription name.

b. Select a notification group.

c. Select a facility from the drop-down list (the default is Local Use 0). The Facility field and the event/alert severity are used for the PRI portion of the Syslog message, as follows:

[Facility*8][Severity]

Event/alert severity values are as follows:

•Critical = 2

•Warning = 4

•Information = 6

You can enter location information (up to 29 characters). This information will be populated in the Syslog message. This is optional.

d. Click Next.

Step 3 Enter one or more hosts as recipients for Syslog notifications.

a. For each host, enter:

•An IP address or DNS name for the hostname.

•A port number on which the Syslog daemon is listening. If the port number is unspecified (empty), the port defaults to 514. (You can verify this in Step 5.)

•A comment. This is optional.

b. Click Next.

Step 4 Enter the name of the subscription in the Save As field and click Next.

Step 5 Review the information that you entered and click Finish.

The Syslog Notification Subscriptions page is displayed with the new subscription.

Note No information is saved until you complete Step 5.

Editing a Syslog Notification Subscription

You can edit a Syslog notification subscription regardless of its status (Running or Suspended).

After you edit a Syslog notification subscription, if the subscription status is Running, Syslog messages are forwarded as specified until you change, suspend, or delete the subscription. Editing a suspended subscription automatically resumes it.

Note Editing a subscription is a multistep process. Your changes are not saved until you click the Finish button on the final page.

Step 1 From DFM, select Notification Services > Syslog Notification.

The Syslog Notification Subscriptions page appears.

Step 2 Select the subscription you want to edit by clicking the radio button beside it.

Step 3 Click Edit.

Step 4 Edit the Syslog Subscription Save: Edit window:

a. Change the subscription name.

b. Select a different notification group.

c. Select a Facility from the drop-down list (the default is Local Use 0). The Facility field and the event/alert severity is used for the PRI portion of the Syslog message, as follows:

[Facility*8][Severity]

Event/alert severity values are as follows:

•Critical = 2

•Warning = 4

•Informational = 6

You can enter location information (up to 29 characters). This information will be populated in the Syslog message. This is optional.

d. Click Next.

Step 5 Add or delete a recipient host or change the port number for a host:

a. To add one or more recipients, for each host, enter:

•An IP address or DNS name for the hostname.

•A port number on which the Syslog daemon is listening. If the port number is unspecified (empty), the port defaults to 514. (You can verify this in Step 7.)

•A comment. This is optional.

b. To delete a recipient, delete the hostname, port number, and comment, if any.

c. Click Next.

Step 6 Click the Next button located at the bottom of the page.

Step 7 Review the information that you entered and click Finish.

The Syslog Notification Subscriptions page is displayed.

Suspending a Syslog Notification Subscription

After you suspend a Syslog notification subscription, DFM stops using the subscription to send Syslog notifications. The subscription status changes to Suspended.

Step 1 From DFM, select Notification Services > Syslog Notification.

The Syslog Notification Subscriptions page appears.

Step 2 Select the subscription you want to suspend by clicking the radio button beside it.

Step 3 Click Suspend.

Step 4 Click OK in the confirmation dialog box.

The Syslog Notification Subscriptions page is displayed. The subscription status is Suspended.

Resuming a Syslog Notification Subscription

After you resume a Syslog notification subscription, DFM starts using the subscription to determine when Syslog notifications should be sent in response to an alert or event. The subscription status changes to Running.

Step 1 From DFM, select Notification Services > Syslog Notification.

The Syslog Notification Subscriptions page appears.

Step 2 Select the subscription you want to resume by clicking the radio button beside it.

Step 3 Click Resume.

Step 4 Click OK in the confirmation dialog box.

The Syslog Notification Subscriptions page is displayed. The subscription status is Running.

Deleting a Syslog Notification Subscription

You can delete a Syslog notification subscription regardless of the subscription status. Deleting a subscription removes it permanently from DFM.

Note You can also suspend a subscription. Doing so causes the subscription to not be used until a user resumes it.

Step 1 From DFM, select Notification Services > Syslog Notification.

Step 2 Select the subscription you want to delete by clicking the radio button beside it.

Step 3 Click the Delete.

Step 4 Click OK in the confirmation dialog box.

The Syslog Subscriptions page appears. The subscription is no longer displayed.