Escalations Question

[Max Hetrick]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

mark.potter at academy.com wrote:

> I have looked through the docs and the list and this seems right but I
> would like some confirmation before I implement service and host
> escalations. The situation is this: I have been tasked with getting a
> single email to helpdesk (they do email to ticket) per Nagios alert and
> no more. They don't want recovery or further notifications. This is the
> first one I have written for a group of webservers:
> 
> define  serviceescalation {
>         host_name                      
> plwsweb01,plwsweb02,plwsweb03,plwsweb05,plwsweb06
>         service_description             Apache - Maximum Connections
> Check,HTTP - Port 80 Check - Production Systems,Ping - Simple Ping Check
> - Production
>         contact_groups                  helpdesk,sysalertsinfra
>         first_notification              1
>         last_notification               1
>         notification_interval           30
>         }
> 
> According to my understanding, and I could be wrong, this will send the
> first notification to groups (helpdesk and sysalertsinfra) and the rest,
> if I define no further escalations, will go the default contact for that
> group.
> 

- From what you have specified here, the first and last notification will
go on this escalation to the contact_group you have listed. Since you
don't have the escalation options (w,u,c,r) listed, it will send the
alerts based off of whatever you have specified in the service
configuration definition.

You would need to make sure you have this listed if you only want your
escalation to send the critical.

escalation_options	c

Although, if you only want one page to go out on critical, then I
wouldn't mess with the escalation at all. I would specify the service to
only notifiy you once, and only once on a critical back in your service
definition.


Generally, you would use escalations like I explain here:

I use RT (Request Tracker) to receive alerts from Nagios. The first
notification defined through the service definition goes to my alarms
group. This sends notification to RT, my pager, and my bosses pager.

I then escalate the second notification, such as listed below, to only
go to my pager and my bosses pager every 60 minutes forever until one of
us responds.

> 1. Are the multiple services/hosts allowed here?

Yes. You can use hostgroupescalations:

define hostescalation{
        hostgroup_name          corp-monitors
        first_notification      2
        last_notification       0
        notification_interval   60
        contact_groups          itproblems
        }

> 2. Is there a better way to do this?

That depends on what you're trying or wanting to do. Hostgroup
escalations just saves you typing time if you want to escalate based on
hostgroups.

Services you won't be able to do in multiples, so you'll have to setup a
service escalation for each service on each host.

Hope this helps you a bit.

Regards,
Max
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFHVcizHoeeepPau2ERAsDlAKDKujxB9LjPvdV84AiVcHd6vTYb3ACgh69m
b5B5D8Cu9pSB0A/muC+JNVg=
=iAxc
-----END PGP SIGNATURE-----

-------------------------------------------------------------------------
SF.Net email is sponsored by: The Future of Linux Business White Paper
from Novell.  From the desktop to the data center, Linux is going
mainstream.  Let it simplify your IT future.
http://altfarm.mediaplex.com/ad/ck/8857-50307-18918-4
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null