ITU X.733 defines a set of alarm reporting functions and defines several severity levels. Can those be mapped into the severity levels that come with DataMiner?
- cleared: The Cleared severity level indicates the clearing of one or more previously reported alarms. This alarm clears all alarms for this managed object that have the same Alarm type, Probable cause and Specific problems (if given). Multiple associated notifications may be cleared by using the Correlated notifications parameter (defined below).
This Recommendation | International Standard does not require that the clearing of previously reported alarms be reported. Therefore, a managing system cannot assume that the absence of an alarm with the Cleared severity level means that the condition that caused the generation of previous alarms is still present. Managed object definers shall state if, and under which conditions, the Cleared severity level is used. - indeterminate: The Indeterminate severity level indicates that the severity level cannot be determined.
- critical: The Critical severity level indicates that a service affecting condition has occurred and an immediate corrective action is required. Such a severity can be reported, for example, when a managed object becomes totally out of service and its capability must be restored.
- major: The Major severity level indicates that a service affecting condition has developed and an urgent corrective action is required. Such a severity can be reported, for example, when there is a severe degradation in the capability of the managed object and its full capability must be restored.
- minor: The Minor severity level indicates the existence of a non-service affecting fault condition and that corrective action should be taken in order to prevent a more serious (for example, service affecting) fault.
Such a severity can be reported, for example, when the detected alarm condition is not currently degrading the capacity of the managed object. - warning: The Warning severity level indicates the detection of a potential or impending service affecting fault, before any significant effects have been felt. Action should be taken to further diagnose (if necessary) and correct the problem in order to prevent it from becoming a more serious service affecting fault.
Hi Thomas, would this be different from handling the corresponding severity values at protocol/alarm template level?
I would agree with Alberto Thomas. The alarm severities in DataMiner can be freely defined, so it sounds like this is mainly a matter of configuring thresholds for each severity level to match this ITU recommendation. In other words, you would configure the 'critical' level for example only for alarms and conditions where you are confident that "it is service affecting and immediate corrective action is needed". So it is more about using a consistent definition for what you consider to be critical, major, minor, etc., and to apply that definition in the configuration of your alarm templates.