network fault management and it automation training
TRANSCRIPT
OpManager
Performance monitoring, health monitoring, WAN
monitoring, workflow automation
Network Configuration Manager
Configuration management, change
management, compliance auditing, user activity
tracking
OpUtils
IP address management, switch port
management, rogue detection, MAC IP
mapping
IT operations management
solutions
Netflow Analyzer
Bandwidth monitoring, forensics, traffic
shaping, DPI monitoring
Firewall Analyzer
Compliance management, firewall
policy management, log analysis,
network forensic audits
Welcome to a free OpManager training
session
TrainerSuresh Bagavathy
Evangelist for ManageEngine's ITOM suite
10 years' experience
Training schedule
Week Module Date Schedule Status
1st Discovery and
classification
October 25th 11:30 am EDT Completed
2nd Network/server
performance
monitoring
November 1st 11:30 am EDT Completed
3rd Effective fault
management and
IT automation
November 8th 11:30 am EST In progress
4th Dashboard and
widgets; business
views; 3D data
center builder;
reports
November 15th 11:30 am EST Upcoming
www.opmanager.com/training.html
Week 3
Effective fault management and IT
automation
1. How to identify the faults
quickly?
2. How to prioritize the problems?
All services are
currently UP
1. How to identify the faults
quickly?
2. How to prioritize the problems?
3. How do you get it resolved
quickly?
Agenda
• Alarm severity levels
• Threshold violation alarms
• VMware events
• Event log alarms
• Syslog alarms
• SNMP trap alarms
• Notifications
• Using an IT workflow to automate repetitive or scheduled tasks
• Tips and tricks
• Questions
Alarm severity levels
Severity Color code
Attention
Trouble
Critical
Service down
Clear
Device down
Interface down
Severity: predefined
Process down
Service down
URL down
Severity: predefined
Event log
Syslog
SNMP trap
Severity: configurable
Threshold-based alarms
• Configuring threshold values on an individual device
• Configuring consecutive times
• Configuring rearm value to remove cleared faults
• Using device templates to configure thresholds globally based on device
type
Threshold-based alarms
VMware events
Alarms for inventory changeso vMotion
o Host added/removed
o Host or VMs connected/disconnected
o VMs powered on/off
o VMs orphaned
o Scheduled task removed
o Etc.
VMware events
Event log alarms
Event log alarms
Prerequisiteso Check if WMI and RPC services are enabled on the Windows servers
o Default WMI ports: 135 & 445, 5000 to 6000 (TCP)
• Configuring event logs for a Windows server in OpManager
• Ignoring a specific event log from a Windows server
• Configuring OpManager to handle event floods
(http://help.opmanager.com/stopping-event-flood)• serverparameters.conf (OpManager/conf/OpManager)
• EVENTS_PER_HOUR 1000
• EVENT_FLOOD_SEVERITY Critical
• Creating a custom event log
Syslog alarms
Syslog alarms
Prerequisiteso Configure devices to forward syslog events to OpManager's server
o Default ports: 514 & 519 (UDP); configurable
• Creating a syslog rule
• Syslog receiver
• Using facility name, severity, or match text to filter and
clear syslog alarms (regex format)
• Identifying the syslog flow rate from OpManager
• Forwarding OpManager events (as syslogs) or received
syslog messages to another NMS platform
SNMP trap alarms
Prerequisites o Configure devices to forward SNMP trap events to OpManager's server
o Default port: 162 (UDP); configurable
• Creating an SNMP trap processor rule
• Using the failure component to combine SNMP traps received
from two different OIDs
• Using varbinds to filter and clear SNMP trap alarms
• Loading SNMP traps from vendor MIBs
• Processing unsolicited traps
• Configuring OpManager to handle event floods
• Forwarding OpManager events (as traps) or received SNMP
traps to another NMS platform
SNMP trap alarms
Notifications
Notification
cycle
Profile type- Send email or SMS
- Send modern SMS
- Run system
command
- Run program
- Log a ticket
- Web alarm
- Syslog
- Trap
Alarm criteria- Device down
- Service down
- Hardware fault
- Threshold violation
- Virtual device fault
- UCS fault
Device selection- Category
- Business view
- Devices
Schedule- All the time
- Selected time window
- Delayed trigger
- Recurring trigger
Preview- Verify inputs
- Add a profile
SMS: modem/app SMS/Clickatell/email-based
Log a ticket
Web alarm
Run system command
Run a program
Syslog
SNMP trap
Notification types
IT workflow automation
• Instant device check
• Test SNMP service
• Export/ Import available templates
o site to siteo https://resources.manageengine.com/resources/forum/opmanager/workflows
IT workflow automation
Create a workflow Associate devices Schedule/trigger tasks
1 2 3
Tips and tricks
Tips and tricks
• Configure device dependencies to stop polling a dependent
device when its parent device is down
• Suppress known alarms from an individual device
• Configure the downtime scheduler and stop polling devices
during maintenance windows
• Configure alarm escalation and notify the super admin when a
critical alarm is not cleared within a given amount of time
• Unified alarm console
• Widgets for alarms
youtube.com/opmanagertechvideos
help.opmanager.com
opmanager-
+1 (888) 720-9500 / +1 (408) 916-
9400
Need more help?
forums.manageengine.com/opmanager