Different Alert Levels

In MOM 2005 there are the following alert levels.

Level Values Description
Service Unavailable 70 The application is 100 percent unavailable.
Security Breach 60 The security of the application has already been compromised, or someone is attempting to expose a vulnerability.
Critical Error 50 The application requires action to correct an error condition.
Error 40 The application is experiencing transient errors that do not require action, or do not require immediate action.
Warning 30 The event does not require immediate action, or does not require any action.
Information 20 The application raises an informational event.
Success 10 A significant task has occurred successfully.

In SCOM 2007 you only appear to get Information, Warning and Critical. Instead of 7 levels there are now 3. A number of organisations want a “simple traffic light system” so three levels works for them but it is not very sophisticated for some organisations. There is however a new field called priority and this can be Low, Medium or High and works for each level so in effect you have 9 levels to work with.

Critical (2) High (2)
  Medium (1)
  Low (0)
Warning (1) High (2)
  Medium (1)
  Low (0)
Information (0) High (2)
  Medium (1)
  Low (0)

This can be displayed in the alerts console as in 2007 you can group alerts according to a number of fields and you can have 3 levels of groupings. Personalize the view:

clip_image002

And you see

clip_image002[4]

While it may help is sorting out alerts to prioritise I believe the advantage comes when using SMS text messages. If I am on call overnight I would only want to get alerts that are Critical and High. So creating an SMS Notification Subscription for that becomes easier. Although I believe the time zones should be in the Notification Subscriptions and not in the Notification Recipients as is done in 2007.

In the table I have also added numbers. That is because when you do overrides sometimes you get the words and sometimes you get the numbers. For example for Warning Medium in numbers:

clip_image002[6]

And Critical Medium with words:

clip_image002[8]

So if you are changing these with overrides bear in mind that it could be either words or numbers.

Advertisements

1 Comment

  1. Good point. who would want to be bothered in the middle of the night with something that can just as easily be handled during regular hours or in the morning. I’m not really a big fan of the seven alert levels. Some people just don’t have the time to analyze the difference between Error and Security Breach.

%d bloggers like this: