Creating and Managing Rule Instances

Navigation:  Alerting > Creating and Managing Alert Rules >

Creating and Managing Rule Instances

Previous pageReturn to chapter overviewNext page

Rule instances are created from rules. You can create one or more instances of a rule. Just as with Creating Rules, the Creating Rule Instances functionality is not available to users. It is only available for System Administrators (Superusers). A few examples are discussed below.

 

 

To create an instance of a rule

 

1.   Click the Add Instance button of the rule from the list as shown below.

 

    add_instance_btn

 

     The web page uses the diagram from the rule and provides options for adding the required fields as shown below.

 

    rule_instance1

Note:   The N/T ( N times in T period seconds ) specifications apply to instances too.

 

2.   Double click the EMAIL node and in the field enter the appropriate email address.

 

    email_field_instacne

 

3.   Double click the unix_auth_failed_login node and select the suitable server group or groups from the drop-down list.

 

    server_group_instance

 

4.   Click apply_btn. The rule is created.

 

 

Example 2 - To create an instance for a failed login rule to apply to a syslog server and to send email to admin@syslog.com

 

1.   Follow the steps outlined in the previous section so that you may get an instance as follows.

 

failed_instance1

 

Example 3 - To create instance to apply to an SNMP server and send email to admin@snmp.com

 

Follow the steps outlined earlier to get the following instance workflow

 

failed_instance2

 

Note:   Alert notifications can be syslog, email or snmp.

 

 

To  delete an instance of a rule

 

1.   Select the instance of the rule.

 

2.   Click remove_btn. The instance delete confirmation dialog is displayed.

 

    ruleinstance_delconf

 

3.   Click Yes.

 

Caution:   Exercise this function with care. The process cannot be undone. All data is deleted.