Manual Chapter : Using Alerts

Applies To:

Show Versions Show Versions

Enterprise Manager

  • 3.1.1
Manual Chapter

Overview: Alerts

You can better manage the health of your network by configuring Enterprise Manager to alert you when specific system events occur. You can apply these alerts to individual devices, or to a device list, as well as to the Enterprise Manager device itself, so that you can monitor the events for your management system.

You can configure Enterprise Manager to manage alerts in these ways:

  • Send SNMP traps to a remote SNMP server
  • Send email alerts to a specific recipient using SMTP
Attention: To perform the specific tasks required to manage alerts, you must have administrator privileges with root access for the Configuration utility.

About configuring an SMTP server to send alert email

If you want to have a specific recipient receive an email message when an alert is triggered, you must configure Enterprise Manager to deliver locally-generated email messages using the internet-standard for electronic mail transmission, Simple Mail Transfer Protocol (SMTP). Before configuring SMTP email notification alerts, you must configure DNS resolution and create an SMTP server configuration.

Specifying the IP address of your DNS server

You must specify the IP address of your DNS server for communication to the F5 file servers and for SMTP email notification.
  1. On the Main tab, click System > Configuration > Device > DNS. The DNS Device configuration screen opens.
  2. In the DNS Lookup Server List area, in the Address field, type the IP address of the DNS server(s) you want to add. The system uses these DNS servers to validate DNS lookups and resolve host names. Then, click Add.
    Note: If you did not disable DHCP before the first boot of the system, and if the DHCP server provides the information about your local DNS servers, then this field is automatically populated.
  3. Click Update to save the changes.

Verifying DNS resolution

After you specify the IP address of your DNS server, you can verify that the address properly resolves.
  1. Log in to the command line as root.
  2. Type the dig <domain> command. For example, to query MX and siterequest.com, you would type dig siterequest.com mx. The result to this query should appear similar to this example, indicating that the address properly resolves. ; << >> DiG 9.2.2 << >> siterequest.com mx ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16174 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0 ;; QUESTION SECTION: ;siterequest.com. IN MX ;; ANSWER SECTION: siterequest.com. 86400 IN MX 10 mail.siterequest.com. ;; Query time: 65 msec ;; SERVER: 172.16.100.1#53(172.16.100.1) ;; WHEN: Mon Nov 8 14:32:07 2011 ;; MSG SIZE rcvd: 51

Creating an SMTP server configuration

You specify the SMTP server configuration so that you can send emails through an SMTP server.
  1. On the Main tab, click System > Configuration > Device > SMTP.
  2. Click the Create button. The New SMTP Configuration screen opens.
  3. In the Name field, type a name for the SMTP server that you are creating.
  4. In the SMTP Server Host Name field, type the fully qualified domain name for the SMTP server host.
  5. In the SMTP Server Port Number field, type a port number. For no encryption or TLS encryption, the default is 25. For SSL encryption, the default is 465.
  6. In the Local Host Name field, type the host name used in the SMTP headers in the form of a fully qualified domain name. This host name is not the same as the BIG-IP system's host name.
  7. In the From Address field, type the email address that you want displayed as the reply-to address for the email.
  8. From the Encrypted Connection list, select the encryption level required for the SMTP server.
  9. To require that the SMTP server validates users before allowing them to send email, select the Use Authentication check box, and type the user name and password required to validate the user.
  10. Click the Finish button.
You can now configure the system to use this SMTP server to send emails.

Configuring SMTP email notification for alerts

To configure Enterprise Manager to deliver locally generated email messages (such as alerts), you must have root access privileges to its command line, the system must be configured for DNS resolution, and you must first create an SMTP server configuration.
You specify an SMTP server to send alerts to a configured email recipient.
Note: Prior to Enterprise Manager version 3.0 and BIG-IP systems version 11.0, you configured postfix to deliver locally-generated email messages.
  1. On the Main tab, click Enterprise Management > Options > Servers.
  2. In the SMTP Server area, from the SMTP Configuration Name list, select the configuration you set up for your SMTP server.
  3. Click the Save Changes button.

Specifying defaults for alert options

Setting the default behavior for alerts ensures consistent alert actions and the ability to quickly add new alerts based on these standardized options. It is important to specify default behavior for alerts before you enable the alert options.
  1. On the Main tab, click Enterprise Management > Options > Alerts.
  2. If you want Enterprise Manager to send emails when an alert is triggered, in the Email Recipient field, type the email address of the user, or the alias, that you want as the default receiver for alerts.
  3. If you want to log alert events to a syslog file:
    1. In the Remote Syslog Server Address field, type the IP address of the remote syslog server where you want to store alert event logs by default.
    2. In the Maximum History Entries field, type the maximum number of alerts that you want stored in the syslog file. If the alert history reaches the limit you set, Enterprise Manager deletes the oldest entries to create room for newer entries.
  4. Click Save Changes.

Creating an alert for attack signature updates

Before Enterprise Manager can send alerts, you must verify the IP address of your DNS server. If you want Enterprise Manager to send SNMP traps, you must first specify the trap destination.
Create alerts for your devices to monitor specific system events.
  1. On the Main tab, click Enterprise Management > Alerts > Device Alert List.
  2. Click the Create button. The New Alert screen opens.
  3. In the Name field, type a name for the alert. Once you create the alert, you cannot change the name.
  4. From the Alert Type list, select the type of alert that you want to create. Depending on the type of alert that you select, the screen may refresh to display additional options, including threshold fields.
  5. If the alert type requires a threshold, for the Condition setting, specify a threshold value.
  6. For the Action setting, select the check box next to each action that you want Enterprise Manager to take when the alert is triggered. If you select the option, SNMP trap to remote server, you must have SNMP configured.
  7. If you selected the option to send an email for this alert and you want to specify an address different than the default, clear the Use default email recipient check box, and in the Email Recipient field, type an email address. By default, the system sends an email to the recipient you specified in the Options screen for alerts.
  8. If you selected the option to send a message to a remote syslog server and you want to specify an address different than the default, clear the Use default remote syslog server address  check box and in the Remote Syslog Server Address field, type a remote syslog server address. By default, the system sends the event to the remote syslog server address you specified in the Options screen for alerts.
  9. For the Devices or Devices Lists setting, in the Available box, select one or more devices from the devices or device list and click the Move button to move the selected devices or device list to Assigned.
  10. Click Finished.
Enterprise Manager notifies you if a device meets the criteria for the alert you selected.

Creating an alert for Enterprise Manager

To help maintain the health of the Enterprise Manager device, you can create system alerts to notify you when CPU, disk, or memory usage meets or exceeds a particular threshold.
  1. On the Main tab, click Enterprise Management > Alerts > EM Alerts.
  2. For the Conditions setting, select the check box next to each of the metrics on which you want to set an alert. The screen refreshes to display threshold fields for the conditions you selected.
  3. Retain the default values or type a new maximum in the threshold fields.
  4. In the EM Alert Actions area, for the Action setting, select the type of action that you want Enterprise Manager to take when the values you specified for the thresholds are met or exceeded.
  5. Click Save Changes.
Enterprise Manager informs you if the metrics you selected meet the thresholds you defined.