Combining two filters in a correlation rule - DataMiner Dojo

Skip to content

More results...

Generic selectors

Exact matches only

Search in title

Search in content

Post Type Selectors

Search in posts

Search in pages

Search in posts

Search in pages

Log in

Menu

Blog
Questions
Learning
Agile
Expert Hubs
Discover
PARTNERS
Pricing
More
>> Go to dataminer.services

Combining two filters in a correlation rule

Solved691 views11th July 2023

0

Ken O'Connor 506 20th May 2022 0 Comments

Hi.. I have question relating to combining filters in a correlation rule to pruduce one alarm.

A device generates two alarms at approximately the same time. These alarms are identified by their event ID's 34003 and 32001
I want to generate a correlated alarm which triggers upon these two alarms arriving together. They arrive within 10 seconds of each other but are related (if you get a 34003, 10 secs later you may a 32001 alarm for the device).
I dont want the correlated alarm to trigger individually on these alarms but trigger when these two alarms arrive within 10 secs of each other. so combining the alarm conditions into one correlated alarm.

Thanks

Marieke Goethals [SLC] [DevOps Catalyst] Selected answer as best 11th July 2023

3 Answers

Active
Voted
Newest
Oldest

1

Ive Herreman [SLC] [DevOps Catalyst]12.26K Posted 20th May 2022 2 Comments

Hi Ken,

Please find below a screenshot of a correlation rule that does exactly that.
I've added some annotation to show what every part of the rule does.

Please don't hesitate to reach out if you'd need more details on any of the configurations.

Ive Herreman [SLC] [DevOps Catalyst] Posted new comment 23rd May 2022

Ken O'Connor [DevOps Advocate] commented 23rd May 2022

Thanks Ive.. Do you have access to any of these scripting documentation???

Ive Herreman [SLC] [DevOps Catalyst] commented 23rd May 2022

You can find some more information through this link:

https://docs.dataminer.services/user-guide/Advanced_Modules/Correlation/Correlation_rule_syntax.html

You are viewing 1 out of 3 answers, click here to view all answers.

Please login to be able to comment or post an answer.

My DevOps rank

DevOps Members get more insights on their profile page.

My user earnings

0 Dojo credits

Spend your credits in our swag shop.

0 Reputation points

Boost your reputation, climb the leaderboard.

Recent questions

Table DMS problem loading 0 Answers | 0 Votes

Define an alarm which needed a human check to remove it from the alarm console 3 Answers | 0 Votes

c# Script that retrieves historical alarms 1 Answer | 0 Votes

Question Tags

adl2099 (103) alarm (47) Alarm Console (74) alarms (91) alarm template (82) Automation (209) automation scipt (101) Automation script (147) backup (66) C++ (47) Cassandra (172) Connector (87) Correlation (61) Cube (143) Dashboard (181) Dashboards (180) database (80) DataMiner Cube (51) DIS (74) DMS (70) DOM (135) driver (63) DVE (51) Elastic (81) Elasticsearch (114) elements (72) Failover (97) GQI (128) HTTP (70) IDP (72) LCA (88) low code app (147) low code apps (79) lowcodeapps (74) MySQL (53) protocol (188) QAction (76) security (83) services (46) SNMP (80) SRM (329) trending (81) upgrade (59) Visio (505) Visual Overview (333)

Privacy Policy • Terms & Conditions • Contact

© 2024 Skyline Communications. All rights reserved.

DOJO Q&A widget

Can't find what you need?

Explore the Q&A DataMiner Docs

[ Placeholder content for popup link ] WordPress Download Manager - Best Download Management Plugin