For health monitoring purposes ArcMC has introduced Monitoring Rules. On trigger you are able to receive notifications sent to either SNMP, email or an audit(CEF)-event destination. So far so good, however we find alerts contain limited information.
For SNMP all information is pun into just 1 varbind. Which makes it hard to configure an Operations Agent SNMP Interceptor Policy (ITOM Suite). As we have to distinguish lots appliances it would be convenient for the source’s host name to be within a separate varbind. Also ArcMC Monitoring Rule names or maybe a description field would add useful information for our team handling health monitoring events.
As for the SNMP example written above this goes for email and audit-event notifications as well. To even put a possibility to follow-up into practice, additional custom parsing had to be created in order for ESM to handle an audit-event.
Please increase the amount of detail Monitoring Rule notifications provide to either kind of destination. Please add a source host name (monitored node), monitoring rule name, description. If applicable an agent name, device vendor and device product.