Get OpenNMS
Get Involved
Get to Know Us
From OpenNMS
Configure event reduction using automations
A common task is to send a notification only if a certain amount of events of a particular type is being received within a certain amount of time. Here's an example of how to achieve this using automations.
Configuration
- vacuumd-configuration.xml
<automation name="blafaselautomation" interval="60000" active="true"
trigger-name="selectNumBlafasel"
action-name="doNothingAction"
action-event="realblafasel"/>
<trigger name="selectNumBlafasel" operator=">=" row-count="1" >
<statement>
select
distinct(ipaddr) as _ipaddr,
count(nodeid),
nodeid as _nodeid
from events
where
eventuei='uei.opennms.org/test/blafasel' and
eventtime >= now()-'2 minutes'::INTERVAL
group by nodeid,ipaddr
having count(nodeid) > 10;
</statement>
</trigger>
<action-event name="realblafasel" for-each-result="true" >
<assignment type="field" name="uei" value="uei.opennms.org/test/realblafasel" />
<assignment type="field" name="nodeid" value="${_nodeid}" />
<assignment type="field" name="interface" value="${_ipaddr}" />
</action-event>
This will create an event "uei.opennms.org/test/realblafasel" if the event "uei.opennms.org/test/blafasel" is being received more than 10 times within 2 minutes. The new event will have the same nodeid and IP address associated with it.
You can then set up a notification for the "real" event and be notified only once and only if the amount of events exceeds 10 within 2 minutes.
Problems during configuration
At first my idea was to configure a statement like "select all events of a certain type within the last 2 minutes" and then evaluate "row-count >= 10" and set the for-each-result field to false in order to not receive the same amount of "real" events as there were original events. That was a much simpler SQL statement. This also created the one "real" event, but it was impossible to include parameters/field of the original events into the new event. You can only include parameters if you configure "for-each-result=true".
