You can create a custom Alert Management Training File by modifying a sample file or building one from scratch using a spreadsheet application. This file defines how OpsRamp should handle alerts based on their attributes.
Prerequisites
- Download a sample training file from the OpsRamp portal (recommended).
- Identify the attributes and outcomes relevant to your alert policies.
- Use a spreadsheet tool that can export CSV in UTF-8 encoding.
Create a Training File
- Open a spreadsheet application such as Microsoft Excel or Google Sheets.
- Use the sample training file as a template or start with a blank sheet.
- In the first row, define the column headers using attribute names (e.g.,
metric
,resource.generalInfo.resourceType
,incident.assigneeGroup.name
). - In the subsequent rows, enter the attribute values that represent specific alert conditions and the desired actions.
- Leave a cell blank if you want that field to match any value (acts as an “All Other” case).
- Save the file in CSV format using CSV UTF-8 (Comma delimited) encoding.
Important Guidelines
- Attribute names are case-sensitive and must follow the correct structure.
- Each row acts as a matching rule. The system applies the row with the most exact matches. If two rows match equally, the first one is used.
- Avoid using resource names like
resource.generalInfo.name
, as they change frequently and increase maintenance overhead. - Use higher-level attributes such as
resource.deviceGroup.name
,resource.serviceGroup.name
, orresource.generalInfo.resourceType
for greater stability.
Example
To route alerts for the disk.utilization
metric on Windows resources to a specific team:
metric | resource.generalInfo.resourceType | incident.assigneeGroup.name |
---|---|---|
disk.utilization | Windows | Windows Disk Management Support |
(empty) | Windows | Windows Support |
In this example:
- The first row handles
disk.utilization
on Windows. - The second row applies to all other metrics on Windows, using an empty
metric
cell.
Tip
Always test the training file with a limited scope before applying it broadly to avoid misrouted or suppressed alerts.×