network fault management and it automation training

OpManager

Performance monitoring, health monitoring, WAN

monitoring, workflow automation

Network Configuration Manager

Configuration management, change

management, compliance auditing, user activity

tracking

OpUtils

IP address management, switch port

management, rogue detection, MAC IP

mapping

IT operations management

solutions

Netflow Analyzer

Bandwidth monitoring, forensics, traffic

shaping, DPI monitoring

Firewall Analyzer

Compliance management, firewall

policy management, log analysis,

network forensic audits

Welcome to a free OpManager training

session

TrainerSuresh Bagavathy

Evangelist for ManageEngine's ITOM suite

10 years' experience

Training schedule

Week Module Date Schedule Status

1st Discovery and

classification

October 25th 11:30 am EDT Completed

2nd Network/server

performance

monitoring

November 1st 11:30 am EDT Completed

3rd Effective fault

management and

IT automation

November 8th 11:30 am EST In progress

4th Dashboard and

widgets; business

views; 3D data

center builder;

reports

November 15th 11:30 am EST Upcoming

www.opmanager.com/training.html

Week 3

Effective fault management and IT

automation

1. How to identify the faults

quickly?

2. How to prioritize the problems?

All services are

currently UP

1. How to identify the faults

quickly?

2. How to prioritize the problems?

3. How do you get it resolved

quickly?

Agenda

• Alarm severity levels

• Threshold violation alarms

• VMware events

• Event log alarms

• Syslog alarms

• SNMP trap alarms

• Notifications

• Using an IT workflow to automate repetitive or scheduled tasks

• Tips and tricks

• Questions

Alarm severity levels

Severity Color code

Attention

Trouble

Critical

Service down

Clear

Device down

Interface down

Severity: predefined

Process down

Service down

URL down

Severity: predefined

Event log

Syslog

SNMP trap

Severity: configurable

Threshold-based alarms

• Configuring threshold values on an individual device

• Configuring consecutive times

• Configuring rearm value to remove cleared faults

• Using device templates to configure thresholds globally based on device

type

Threshold-based alarms

VMware events

Alarms for inventory changeso vMotion

o Host added/removed

o Host or VMs connected/disconnected

o VMs powered on/off

o VMs orphaned

o Scheduled task removed

o Etc.

VMware events

Event log alarms

Event log alarms

Prerequisiteso Check if WMI and RPC services are enabled on the Windows servers

o Default WMI ports: 135 & 445, 5000 to 6000 (TCP)

• Configuring event logs for a Windows server in OpManager

• Ignoring a specific event log from a Windows server

• Configuring OpManager to handle event floods

(http://help.opmanager.com/stopping-event-flood)• serverparameters.conf (OpManager/conf/OpManager)

• EVENTS_PER_HOUR 1000

• EVENT_FLOOD_SEVERITY Critical

• Creating a custom event log

Syslog alarms

Syslog alarms

Prerequisiteso Configure devices to forward syslog events to OpManager's server

o Default ports: 514 & 519 (UDP); configurable

• Creating a syslog rule

• Syslog receiver

• Using facility name, severity, or match text to filter and

clear syslog alarms (regex format)

• Identifying the syslog flow rate from OpManager

• Forwarding OpManager events (as syslogs) or received

syslog messages to another NMS platform

SNMP trap alarms

Prerequisites o Configure devices to forward SNMP trap events to OpManager's server

o Default port: 162 (UDP); configurable

• Creating an SNMP trap processor rule

• Using the failure component to combine SNMP traps received

from two different OIDs

• Using varbinds to filter and clear SNMP trap alarms

• Loading SNMP traps from vendor MIBs

• Processing unsolicited traps

• Configuring OpManager to handle event floods

• Forwarding OpManager events (as traps) or received SNMP

traps to another NMS platform

SNMP trap alarms

Notifications

Notification

cycle

Profile type- Send email or SMS

- Send modern SMS

- Run system

command

- Run program

- Log a ticket

- Web alarm

- Syslog

- Trap

Alarm criteria- Device down

- Service down

- Hardware fault

- Threshold violation

- Virtual device fault

- UCS fault

Device selection- Category

- Business view

- Devices

Schedule- All the time

- Selected time window

- Delayed trigger

- Recurring trigger

Preview- Verify inputs

- Add a profile

SMS: modem/app SMS/Clickatell/email-based

Log a ticket

Web alarm

Run system command

Run a program

Syslog

SNMP trap

Email

Notification types

IT workflow automation

• Instant device check

• Test SNMP service

• Export/ Import available templates

o site to siteo https://resources.manageengine.com/resources/forum/opmanager/workflows

IT workflow automation

Create a workflow Associate devices Schedule/trigger tasks

1 2 3

Tips and tricks

Tips and tricks

• Configure device dependencies to stop polling a dependent

device when its parent device is down

• Suppress known alarms from an individual device

• Configure the downtime scheduler and stop polling devices

during maintenance windows

• Configure alarm escalation and notify the super admin when a

critical alarm is not cleared within a given amount of time

• Unified alarm console

• Widgets for alarms

youtube.com/opmanagertechvideos

help.opmanager.com

opmanager-

support@manageengine.com

+1 (888) 720-9500 / +1 (408) 916-

9400

Need more help?

forums.manageengine.com/opmanager

www.manageengine.com

THANK YOUSuresh Bagavathy

sureshb@zohocorp.com