eTrust – Alert Manager Tricks

So I am testing a few things. As I originally had things configured three IT groups saw all the alerts for the clients in the three locations. This is because they all report back to one eTrust Server. The annoying thing was that they saw each other’s alerts. The human nature reaction is of course to read NONE of them. That brings us to making each site’s clients send to another Alert Manager. This was not hard for me since we also use CA Brightstor. So the servers that run tape backup and email alerts to only their local group could also forward alerts for eTrust. I changed the IP, setup the distribution list to email on each of those alert manager instances. What do we get? Nothing.

This morning it occured to me why. Both of those servers had THEIR alerting policy settings within eTrust Policy Manger set to forward to the main eTrust server. In essence relay after relay. The result is nothing gets through. So here is what you do.

  1. Make a new Branch for EACH of your Alert Manager servers
  2. Make a new Common/Alert Forwarding Policy object for each of those branches. make sure you check at least these two boxes: Local Alert Manger; Forward to client name: and put the server’s own IP address here.
  3. Now make your clients forward to that server’s IP. On your clients do not check Local Alert Manager. Event Log and Forward are what I recommend. With the forward being the IP of the Alert Manger you just setup.

One issue to be aware of. I think if you are not forwarding alerts to the main eTrust server then the data is not making it into the summary charts on the dashboard nor into the reports. I will watch it for a week and see if I am correct.

Share