Professorinstance equivalence groups
We regularly encounter situations with clustered resource where an alert will always be active on a standby device. For example, the default for Palo Alto firewalls interfaces is to be operDown on the standby firewall. This leads to similar alerts on the connected switches. What I really care about is the status on the active member, but we get tons of alerts on the standby. You can't just disable them as the standby may be active at some point. What is really needed (and again, this is a general issue -- Palo Alto is just one example) is the ability to group equivalent instances. I hoped the Cluster Alerts feature might help, but it is not even close to fine-grained enough. I want to group (in this example) interface pairs so that the alarm triggers only when both instances are down. This applies to many similar situations in real life monitoring, and it is very painful to have to explain to our customers why this basic feature is missing. It is similar to the previously discussed device dependency issue, but different enough that I think it deserves its own focus.
Thanks,
Mark
At a high level, we'll let you group together instances across devices & then aggregate data across those instances and alert on the aggregate data. This should be helpful in clustered setups such as the example you've described, as well as more ephemeral environments where the aggregate data will provide historical data as devices & instances are being added / deleted from LogicMonitor.
