Is it possible to consolidate events across multiple devices?

4 posts / 0 new
Last post
Tkessler45
Tkessler45's picture
Offline
Last seen: 2 weeks 23 hours ago
Joined: 04/05/2017 - 13:06
Posts: 2
Is it possible to consolidate events across multiple devices?

I have 10 identical devices deployed, which I monitor with basic ping response. However, if one goes down I am not as concerned as if I have over 5 that go down. Is there a way to consolidate the events for these devices so I can set a threshold trigger to occur when a given number of devices are offline? I am using Zenoss 5.

Jcurry
Jcurry's picture
Offline
Last seen: 3 days 7 hours ago
Joined: 01/02/2014 - 13:04
Posts: 407
Interesting one.  If you have

Interesting one.  If you have the chargeable product then Impact may be able to do that for you.

If you are on Zenoss Core, given that you have a small number of devices to correlate, you may be able to do something useful with a transform. 

In the following example, I have a transform on /Status/Ping that just tests for events from one test device - zenny1.class.example.org.  I have a list, pingDevs, of the other relevant devices.  The pingStatus is checked for each of my pingDevs and, if greater than 0 (where 0 is good), increase a count and add the offending device to the downDevs list.  I then amend the existing event if my count is >=2, adding the other down devices to the event summary.

 

if device.titleOrId() == 'zenny1.class.example.org' and evt.severity > 0:
  pingDevs = ['zenny1.class.example.org', 'zenny2.class.example.org', 'lotschy.skills-1st.co.uk']
  count = 0
  downDevs = []
  for pName in pingDevs:
    pDev = dmd.Devices.findDevice(pName)
    if pDev.getPingStatus() != 0:
        count +=1
        downDevs.append(pName)
  if count >= 2:
    evt.severity = 5   # Critical
    otherString = ' '.join(downDevs)
    evt.summary = evt.summary + '  ' + otherString + '  also down.'

No guarantees but, as a quick test, it worked for me.

Cheers,

Jane

 

Tkessler45
Tkessler45's picture
Offline
Last seen: 2 weeks 23 hours ago
Joined: 04/05/2017 - 13:06
Posts: 2
Thanks! That looks promising,

Thanks! That looks promising, but its somewhat limited to the list of devices I enter in the "pingDevs" array. I'm curious if there is a way to search the Zenoss DB for all devices of a particular class or grouping, etc., so I can then create such an array dynamically?

Jcurry
Jcurry's picture
Offline
Last seen: 3 days 7 hours ago
Joined: 01/02/2014 - 13:04
Posts: 407
Sure. To get all devices

Sure. To get all devices under the /Ping device class using zendmd:

>>> for pDev in dmd.Devices.Ping.getSubDevices():
...   print pDev.id
...
10.191.0.191
192.168.2.1
deodar-mgt.skills-1st.co.uk
group-100-b1.class.example.org
group-100-b2.class.example.org
group-100-c1.class.example.org
group-100-c2.class.example.org
group-100-c3.class.example.org

You can put whatever class you like so /Server/Microsoft/Windows/Taplow would be:

for pDev in dmd.Devices.Server.Microsoft.Windows.Taplow.getSubDevices

 

"pDev" in this case would be the object representing the device and pDev.id is it's unique identifier key (of type string).

In this case, in the transform above, you would not need the line:

pDev = dmd.Devices.findDevice(pName)    as that starts with the id in pName.

So...

for pDev in dmd.Devices.Ping.getSubDevices():
    if pDev.getPingStatus() != 0:
        count +=1
        downDevs.append(pName)

 

and so on.

Cheers,

Jane

Log in to post comments