Not applicable.
1. Field of the Invention
The present invention relates generally to computer network management and more particularly to automatically defining conditions under which a user is notified of network activity.
2. Description of the Related Art
Network management has experienced explosive growth and become a fundamental part of network infrastructure. Network management is essentially a set of tools and processes that enables one to control, monitor, and troubleshoot a network. A network manager typically uses standalone or integrated network management software to collect and process management data from the network.
One of the functions served by network management software is the monitoring (or health polling) and notification of the state of various network devices. The state of a monitored device is reported, for example, as an entry in an event log dialog. As the use of network systems has grown, so too has the size of the networks. As such, many network systems are very complex. Likewise, network management for these large systems can be very complex. To provide a manageable interface, the network management software may be configured to report only changes in the state of a device. To further streamline reporting performed by network management software, a notification rule may be created to report only certain instances or severities of particular network changes.
A notification rule is a description of a type of event, or set of conditions, that triggers a notification. The notification rule tells the network management software when to notify a user or an administrator of an event. Generally, a notification rule is defined by a set of conditions relating to the device being monitored. These conditions may describe the present state of a device. Some event information that has been used to define notification rules are device types, alarm event types and alarm severity classes.
For example, a notification rule can be based in whole or in part on an alarm threshold condition to indicate when a network device, monitored by the network management software, exceeds or exits a certain operating state for that device. A rule for a network router device can be triggered using an alarm threshold set for monitoring the number of dropped or lost data packets. The alarm and subsequently the notification rule, is triggered when the number of dropped data packets exceeds the preset threshold. In addition, a corresponding alarm severity class can be set to limit triggering of the notification rule based on the extent to which the threshold had been exceeded. Alarm severity classes, for example, have included cleared (or informational), indeterminate, minor, major and critical alarm classes. For example, a number of dropped data packets only slightly exceeding the alarm event threshold is represented by a xe2x80x9cminorxe2x80x9d alarm, while a number of dropped data packets greatly exceeding the threshold is represented by a xe2x80x9ccriticalxe2x80x9d alarm. In addition, an xe2x80x9cinformationalxe2x80x9d alarm severity class has been established to provide information for devices not exceeding normal operating conditions.
Typically these notification rules have been created by a user or a network administrator. Much like the network systems they were designed to monitor, the notification rules have become increasing complex. Specifically, the user must step through a number of procedures to properly configure a notification rule for a particular device or a particular state of a device. Specifically, each of the event conditions included in a notification rule required that a user first retrieve the information describing the condition from somewhere within the network management software application. Next the user was required to manually enter in the relevant information into the notification rule. Finally, to complete the notification process, the user was required to specify a particular notification action that would be performed when the conditions defining the notification rule had been satisfied.
To further complicate the process, a number of alarm event and alarm severity combinations can be used. Typically, the combination of conditions for a particular notification rule was selected by taking the present state of a device. Specifically, the network management software would indicate the occurrence of an event for a device on the network and display such on a monitor at its location on the network server. An administrator then would typically desire that he be notified in the future upon subsequent like changes in the state of that particular device. Therefore, the notification rule would be created based on the set of conditions defining the state of the device in question.
The notification rule would include, a notification action specified by the administrator. These notifications actions included, for example, executing a script at the server location, reporting the particular event occurrence on a separate event log saved in the network management software, indicating a change in the state of the device by creating a sound on the host computer, sending an e-mail to a remote e-mail address, and sending a page to a remote receiver, for example the administrator""s pager. Any of these notification actions, or any combination thereof, would be performed by the network management software when the state of the monitored device matched the particular state upon which the notification rule conditions were based.
Configuring notification rules was time consuming, requiring a user or an administrator to manually configure all the information needed to define the notification rule. In addition, the administrator was usually left with no real way to test the specified notification action. In this way, upon creation of a notification rule, an administrator was unable to test the action without actually causing the event conditions that triggered the notification action to occur. A network administrator was, forced to either skip testing the notification to see if its effect is what is intended, or forced to attempt to create the event artificially to test the notification. Under many critical situations, creating an actual network problem may be undesirable from a systems standpoint, if not altogether impossible.
A system according to the present invention provides automatic notification of an event caused by a change in the state of a device connected to a network. A device, such as a network server, is monitored for activity. The present state, at any given time, is reported to a network management application. The application executes a notification action when the device activity satisfies a set of predetermined conditions, collectively termed a notification rule.
A system according to the present invention allows automatic prepopulating of the conditions comprising notification rule with the present state or set of conditions of a network device, as reported by the monitoring function. This simplified procedure avoids time-consuming manual searching of present device conditions and subsequent manual entry of these conditions into a notification rule. The notification rule functions as the trigger mechanism for a notification action. The notification action reports the occurrence of the event to the user in a manner specified by the user.
In addition, the present invention allows the notification feature to be easily tested by simulating the trigger for the notification action. The testing capability is performed without actually creating an event on the monitored device to trigger the conditions of the notification rule.