I recently had a call with a long-term customer who had been using Enterprise Alert for years without any major incidents. But in light of a recent proactive monitoring project, he also revisited Enterprise Alert and reached out to me to ask for my opinion on how he could improve the monitoring of Enterprise Alert from within the solution.
He already had some Policies set up to alert him on certain system events that might indicate something is not right. To be precise if the connection to his SCOM should fail for whatever reason he would receive an email or a voice call. When we sat down, we extended that use case to cover some additional components like his Exchange and Voice Integration. There are a couple of other things he could do to further improve the Logging and Monitoring of Enterprise Alert. As described in this Blog we published ages ago.
But since time didn’t stop requirements evolved and luckily also our options to meet those requirements. What we can now offer in addition to the “on Board” tools, is our Cloud Solution Signl4. Not only can we offer full hybrid setups, check here to see if this might be an option for you as well, but we can now also offer you the option to monitor your Enterprise Alert instance from the “outside”. In this case, Signl4 proactively monitors the health of your Enterprise Alert instance. It will not tell you precisely what’s going on but at least you know something is not right.
To take this monitoring to the next level you can dig into your Enterprise Alert config (logman.xml) and set it up to send an email in the case of severe system errors. To do that you have to do 2 things. First, you must set the alerting level to an appropriate level. I recommend at least 4 since warnings are not worth your time. If you set it to 5 you will only get the worst of the bad things that can happen.
The second thing you will have to make sure of is that the email is deliverable by the Enterprise Alert SMTP server. If you don’t need it for anything else, I recommend to hard-route it to the Signl4 SMTP server.
Now whenever something severe happens this configuration will send an email to Signl4 triggering an alert based on your categories.