Database Reference
In-Depth Information
When this is migrated to an incident rule set in EM12c, the rule set is applied to the same target (the group
PROD-GROUP
) and it will be of type Enterprise. An event rule will be created in the rule set to cover the criteria for the
target availability specified in the notification rule. In the notification rule, the criterion is Database Down. In the
incident rule set, that translates to criteria where the event type is target availability, the target type is database, and
the target status is down, and because the action in the notification rule is to e-mail the users, that action is carried
over into the incident rule set as well. In addition, an incident object is created for this particular event. For the
metrics you may have selected on the Metrics tab in your notification rule, a metric alert rule is created where the
criteria is as follows: event type is metric alert, target type is database, and specific criteria are set for the metric alerts
as well. The action here again is carried over to e-mail the users, and in addition an incident is created for this event.
Incident Manager Guidelines
Now that you've seen how to use the Incident Manager functionality in the EM12c release, let's examine some
suggested guidelines on how to get the most out of this functionality. Before we do that, however, it is best to define
some goals that you might want to reach to ensure scalable, smarter monitoring with Incident Manager. At a high
level, these goals might be defined as follows:
•
Meeting your monitoring requirements. These will, of course, vary from customer to customer,
but in general terms, this means that appropriate notifications must be sent and incident
management operational processes must be followed. The easiest way of doing this is by
deploying monitoring standards.
•
Comply with security practices. Ensure that you follow the principle of least privilege when
granting target privileges. In other words, grant only the level of privilege that is needed to
perform the required monitoring.
•
Ease of management. It is important that your infrastructure does not become an
administrative headache, so make the best use of administrative groups so you can manage
“many as one,” while requiring minimal effort to monitor new targets.
Setting up target monitoring and roles for target privileges have been covered in Chapter 7, so let's just look at
suggested guidelines for setting up rules to manage incidents.
Managing Events and Incidents
One of the first considerations when managing events and incidents is to control events at the source. Just as in
performance management, where you want to ensure that only the work that needs to be done is actually done,
in Incident Manager it makes sense to have only those events and incidents occur that you want to respond to.
Unnecessary events put an unnecessary load on your system. The following are some things you may want to
consider toward this end:
•
Review your metric settings. It may seem obvious, but ensure that you set thresholds only on
metrics that you actually care about.
•
Adjust your metric thresholds based on metric trends. One of the more important actions
you can perform with your monitoring system is to track metric trends for some period of
time (how long will depend on how much history you might already have, as well as how
frequently metrics are measured) so you can take some intelligent decisions on what metrics
are important (which can then feed back into the previous bullet) as well as what levels your
thresholds should be set at.
