nas (Alarm Server)

The Alarm Server (nas) stores and administers alarm messages for the CA UIM Alarm product. The nas package contains two probes: alarm_enrichment and nas.
uimpga-ga
HID_nas_help
As of CA UIM 8.5.1, the ems probe is required to send alarm data to USM, and is installed as part of UIM installation or upgrade. 
The Alarm Server (nas) stores and administers alarm messages for the CA UIM Alarm product. The nas package contains two probes: alarm_enrichment and nas.
The alarm_enrichment probe is a preprocessor for the nas probe. Alarm_enrichment attaches to a permanent queue and receives alarm messages distributed by the hub. The messages flow into the alarm_enrichment probe, where messages may be enriched with additional information from external data sources using a Configuration Management Database (cmdb). The alarms are renamed to alarm2 and are sent to the nas probe for further processing.
The nas probe is a service probe that attaches itself to a permanent queue and receives alarm2 messages distributed by the hub. The nas probe stores information about received messages into a database.
The nas responds to a command set reachable by anyone with the correct access. When state changes occur, nas posts messages. Any application can subscribe to nas generated events. The enterprise console and event viewer both subscribe to nas events.
The nas cannot accept and manage alarms without message text. The 
Message text
 field cannot be blank.
 
Alarm Flow in CA UIM 8.5 or Earlier (Enrich and then Forward to nas)
 
nas architecture diagram
nas architecture diagram
The alarm_enrichment and nas probes are packaged, installed, and configured as a single unit. Each probe is displayed in the archive as a separate probe. Configure both probes with the nas probe configuration. The nas configuration is saved in the 
nas.cfg
 file.
 Some nas functionality requires the deployment and configuration of additional probes:
  • emailgtw - The email gateway (emailgtw) probe must be configured to send notification emails on alerts.
  • adogtw - The ADO gateway(adogtw) probe must be configured to use network transaction logging functionality.
alarm_enrichment probe
The alarm_enrichment probe can be configured to read data from various data sources. Each data source is referred to as a cmdb. Only JDBC compliant SQL database sources are supported.
Each data source is defined by the JDBC connect string, user login, password, and a query to extract the data. Every data source provides a user defined name to reference in the enrichment rules. Each 
enrichment_rule
 can reference one data source. A data source can be used by many enrichment rules.
Once you have defined the cmdb data source, define at least one enrichment rule.
Each enrichment rule defines a matching condition to match alarms to forward to the enrichment rule. The enrichment rule defines what alarm enrichment to perform, and the data source where additional information for the alarm is read.
When an alarm arrives, it is copied to a new event where:
  • the message identifier 
    NimId
     is modified to ensure it is unique.
  • the fields 
    qsize
    md5sum
     and 
    subject
     are removed from the incoming alarm.
  •  
    original_
     is prepended to all fields starting with 
    hop
    . For example, the field 
    hop0
     becomes 
    original_hop0
     in the outgoing alarm.
The alarm is matched against the configured alarm enrichment rules. An overwrite rule defines an alarm attribute and a value to which the alarm attribute is set. Once an alarm is processed against the alarm enrichment rules it is sent to the nas probe for further processing.
At a minimum, you need one routing rule to forward your alarms to your Alarm Server (nas). You can create more than one routing rule.
Items to consider:
  • Ensure that the data sources you are using can accept the number of requests the alarm_enrichment probe makes to get alarm information.
  • Keep an eye on latency, to ensure that the data source returns results quickly.
  • When accessing large and busy databases, consider running a shadow database for read-only queries.
nas probe
The nas probe has the following features:
  •  
    Auto-Operator
    • Aids the administrator in managing the alarm database.
    • Close and acknowledge certain alarms based on matching rules.
    • Automatically assign an alarm to a person or group.
    • Automatically send a GSM/SMS message when a criteria is met.
    • Send an e-mail when a criteria is met.
    • Execute a command for fixing the problem.
    • Use scripts when processing alarm messages matching the criteria defined for the Auto Operator profile. Scripts can also be run by the scheduler and by the pre-processing rules filters. You can create and edit these scripts using the Lua programming language.
  •  
    Notes
    Create text notes to attach to alarms. 
  •  
    Transaction logging
    The alarm server is capable of logging all the steps in the life of an alarm, the alarm transaction, from alarm generation through acknowledgement. 
  •  
    Message suppression
    Message suppression
     is a feature used to avoid storing multiple alarm messages caused by the same problem. When receiving a large number of identical alarm messages, you may by setting the 
    Alarm Suppression divisor
     to e.g. 100, store only the first alarm message received, delete the next 99 identical alarm messages, then store number 101, delete the next 99 identical alarm messages etc. Default divisor is 100.
  •  
    Assignment roster
    A list of operators or other assignment targets, such as a helpdesk, making it easier to assign alarms from within the Auto-Operator profiles or the various alarm consoles.
  •  
    Scheduling
    Scheduling making it easy to administer alarm filters and auto operator profiles (activating or deactivating) and run scripts.
  •  
    Replication
    Forward alarm messages to another nas. This is useful for getting alarms from lower level nas probes (behind a firewall) to an upper level nas probe that can be monitored by UMP.
 
More information
 
nas_4.6_AC