Submit a ticketCall us

Webinar: Web Help Desk for HR, Facilities and Accounting Departments
This webinar will focus on use cases for HR, Facilities and Accounting.

Having a unified ticketing and asset management system for all the departments in your company can provide end-users with a seamless experience and make things easier for your IT team. Yet, with different business tasks and objectives, many departments don’t fully understand the capabilities of Web Help Desk and how the software can be customized for effective use in their departments.
Register Now.

Home > Success Center > Web Help Desk (WHD) > Web Help Desk Administrator Guide > SolarWinds Orion alert integration > Configure the alert filtering rules

Configure the alert filtering rules

Created by Steve.Hawkins, last modified by Anthony.Rinaldi_ret on Jul 19, 2016

Views: 16 Votes: 0 Revisions: 6

You can configure an alert filter to recognize a specific issue in your SolarWinds Orion platform and create a help desk ticket based on that issue.

Filters

Web Help Desk creates help desk tickets from Orion alerts by matching the Orion alert contents or features to filters you set up in the application. To create alert filtering rules, apply the property names that exist in your Web Help Desk Orion alerts.

These alerts can include default names or other types of name configurations assigned by the Orion user. After you set up the SolarWinds server in Web Help Desk and gather information about your Orion alerts and associated properties, configure Web Help Desk to transform Orion alerts into client tickets.

About rule configuration

By default, Web Help Desk does not  monitor Orion platform alerts. To transform alerts into Web Help Desk tickets, select and define the appropriate rules so the application can recognize the alerts.

The following table describes the filtering rule types.

Filtering rule type Rule description
Matching Rule

Defines the characteristics alerts must contain for Web Help Desk to recognize and transform the alerts into tickets or ignore them.

These characteristics include:

  • Severity level (such as Notice, Information, Warning, Critical, and Serious)
  • Field name (such as Date, Alert Type, Operating System, and so on)
  • Operator (such as equals, is not equal to, starts with, and so on)
  • Value, which can be any type of alphanumeric data
AND/OR block Specifies whether Web Help Desk accepts or rejects alerts based on whether they meet Any or All child rules in a complex rule.
Child Rule

Provides additional filtering on existing rules.

For example, when an initial filtering rule transforms all alerts with a Critical severity into tickets, you can create child rules to transform only Critical severity alerts from Windows 2008 and Windows 2011 systems into Web Help Desk alerts.

Complex Rule A set of rules that contain at least one parent rule (which can be a Matching rule or an AND/OR block), plus one or more child rules.

Matching rules

Adding a new matching rule notifies Web Help Desk to match certain variables in alert text fields or a defined severity level.

The following table provides the Web Help Desk filtering options.

Filter Option Description
Accept alert Enables Web Help Desk to recognize the alert.
Reject alert Enables Web Help Desk to ignore the alert.
if Severity

Matches alerts by severity level.

If you select this option, choose one of the following:

  • is equal to: Select this option to match alerts by one of the following Orion alert levels: Notice, Information, Warning, Critical, or Serious.
  • is not equal to: Select this option to match all severity levels except the one selected. If you select this option, choose one of the following alert levels to ignore: Notice, Information, Warning, Critical, or Serious.
if Alert Field

To further define rules, enter an Orion alert field variable.

In the following example, Web Help Desk will create a ticket from all Orion alerts containing Windows 8 in the Operating System field.

The Operating System field must be added to the Orion Alert integration.

File:Success_Center_V2/Web_Help_Desk_(WHD)/WHD_Admin_MT/0G0/090/WHD_Configure_Rule_OS_Windows_8.png

Complex rules

You can add an And/Or block to a create a filter rule based on more than one condition. The Any rule creates a ticket when any child condition is true. The All rule creates a ticket only when all child conditions are true.

File:Success_Center_V2/Web_Help_Desk_(WHD)/WHD_Admin_MT/0G0/090/WHD_Configure_Complex_Rule.png

In the following All child rule example, a ticket is created when a node from an IP address is up and component availability is down.

File:Success_Center_V2/Web_Help_Desk_(WHD)/WHD_Admin_MT/0G0/090/WHD_Configure_Complex_Rule-1.png

Examples: Configure an alert filtering rule

You must configure an alert filtering rule with a severity or include a severity and a match to a specific alert field. You can add multiple alert field matches.

Configure a matching rule

The figures below show an example of a matching rule that accepts the alert if the value of the Node Status field is Up.

  1. Click Add new matching rule.

    File:Success_Center_V2/Web_Help_Desk_(WHD)/WHD_Admin_MT/0G0/090/WHD_Configure_Complex_Rule-2.png

  2. Select Accept alert or Reject alert.

    File:Success_Center_V2/Web_Help_Desk_(WHD)/WHD_Admin_MT/0G0/090/WHD_Configure_Complex_Rule-3.png

  3. Configure the rule based on the severity of the alert, or an alert field value.

    For both the Accept alert and Reject alert options, Ignore case and Ignore white space are active by default. To ensure the best results, leave these options selected.

    File:Success_Center_V2/Web_Help_Desk_(WHD)/WHD_Admin_MT/0G0/090/WHD_Configure_Complex_Rule-4.png

Add an And/Or block

The figures below show an example of an And/Or block that accepts the alert if the severity is Critical or if the value of the Node Status field is Up.

  1. Click Add new And/Or block.

    File:Success_Center_V2/Web_Help_Desk_(WHD)/WHD_Admin_MT/0G0/090/WHD_Configure_Complex_Rule-2.png

  2. Select Accept alert or Reject alert.

    File:Success_Center_V2/Web_Help_Desk_(WHD)/WHD_Admin_MT/0G0/090/WHD_Configure_Complex_Rule-5.png

  3. Select if Any to configure an OR rule, or select if All to configure an AND rule.

     

    File:Success_Center_V2/Web_Help_Desk_(WHD)/WHD_Admin_MT/0G0/090/WHD_Configure_Complex_Rule-6.png

  4. Click Add Child Rule.

    File:Success_Center_V2/Web_Help_Desk_(WHD)/WHD_Admin_MT/0G0/090/WHD_Configure_Complex_Rule-7.png

  5. Configure the rule based on the severity of the alert, or an alert field value.

    File:Success_Center_V2/Web_Help_Desk_(WHD)/WHD_Admin_MT/0G0/090/WHD_Configure_Complex_Rule-8.png

  6. To add another child rule:
    1. In the Filters pane, click the And/Or block.

    2. In the Configure Complex Rule pane, click Add Child Rule.
    3. Configure the rule.

      File:Success_Center_V2/Web_Help_Desk_(WHD)/WHD_Admin_MT/0G0/090/WHD_Configure_Complex_Rule-10.png

 
Last modified
09:22, 19 Jul 2016

Tags

Classifications

Public