Altiris Rules
Updated: 13 Jan 2011 | 15 comments
This issue has been solved. See solution.
Is there a document that exists which has samples of all the different rules that have been created/posted/contributed?
discussion Filed Under:
Comments
Hmm
You'll find MBHarmon's post to lay out and explain the differences in how each rule type is used:
https://www-secure.symantec.com/connect/articles/incident-vs-validation-vs-routing-rules
And he also posted a more detailed write-up for notify rules in particular:
https://www-secure.symantec.com/connect/articles/notify-rules-overview
Is there something you're trying to do at your organization that we could help you with?
Mike Clemson, Systems Engineer
Intuitive Technology Group -- Symantec Platinum Partner
My organization is
My organization is implementing Altiris HelpDesk Solution in July, 2010, so I am very new to the product. I have read the product guide and the articles you mentioned above. I am going to training in two weeks to absorb anything and everything I can about the product.
What I am looking for is a document that has samples of the different rules people have implemented in their organizations where I can say..."hmmm, I can use this in my organization."
We are going to use winuser as well as email to create incidents.
For email - when a user replies to the email, how can I prevent another incident created for the same ticket? If the email address is part of the cc:, how can I prevent a new incident created?
For winuser - I want to route an incident to a specific queue based on IP address. The manual says to enter 10.10.10 (this is the example given on the manual). I substitute that with our own subnets, but it is not working. If I enter the exact IP address of the device, then the routing rule works. What logic or setting am I missing?
Ideas
Preventing duplicate incident creations
If you use Altiris Helpdesk's ability to monitor inboxes, it will detect the incident number in the subject and add it to that incident. By default it detects in the format #<number>, e.g. #64484 in the subject line will add the details to incident 64484 as a new comment.
If a user e-mails you about an issue ("My monitor is dead") and then e-mails you again ("Hey, when are you going to fix my monitor?"), yes, this is two tickets.
On the winuser side, routing an incident to a specific queue based on IP address, managed_object_ip_address is the field used to record the IP address of the asset associated with the ticket. You must associate an asset in order to route based on IP address.
Provide a name and comment/description for the rule
Choose the group to whom you want to route the incident
Provide a When: condition; you probably want 'Only when the incident is new'
For conditions under And:, click <none specified>, and then click Advanced condition. In the top box, type WORKITEM(managed_object_ip_address), in the drop-down choose Contains, and in the bottom box type a.b.c.d, where you fill in enough of the IP address information to define the rule. Click OK. If you need multiple IP address ranges, change the ALL of these are TRUE to ANY of these are TRUE and add multiple Advanced conditions in this list.
Mike Clemson, Systems Engineer
Intuitive Technology Group -- Symantec Platinum Partner
I'll test you suggestion
I'll test you suggestion about the email address.
For the routing rule based on IP, that's exactly how I have my routing rule but it is not working for me. How do I associate an asset?
When you create the ticket
When you create the ticket and select a user, it auto-populates an asset or a list of assets, based on who uses them most often. You can also specfically search by asset name.
Does that make sense?
Mike Clemson, Systems Engineer
Intuitive Technology Group -- Symantec Platinum Partner
Yes, that makes sense. Have
Yes, that makes sense. Have you tried to search an asset based on IP? Can you search an asset by subnet - for example, I want all of my computers on 10.10.10? I do not get any result when I search using that parameter. However, if I search by IP address - 10.10.10.100 - I get a result of the asset with that specific IP address.
Here's what I'm trying to do - I want a routing rule which says - When any of these is true:
managed_object_IP_address contains 10.10.10
managed_object_IP_address contains 10.10.12
managed_object_IP_address contains 10.10.13
and so forth
Any incident that meets these criteria, to route to a queue called ABCD. The above rule does not work for me. The incident does not route to the queue I specify.
I guess I can route based on asset name (which works by the way). However, it is just making me "upset" I cannot get this to work based on IP address.
Is IP address working, but your routing fails? Or vice versa?
I'm not sure if it's your routing that fails, or if it's the asset association and associated lookup on the value that fails. To check, create a test ticket, associate and asset with it, and create a validation rule.
Display this message: "Your validation rule is correctly firing based on asset IP address."
When: Every time incident is saved
And:
When ALL of these are TRUE
"Asset IP address" contains "192.168"
<end>
Mike Clemson, Systems Engineer
Intuitive Technology Group -- Symantec Platinum Partner
When I look for an asset and
When I look for an asset and I type the asset name, click on Find, should it display the IP address of that asset? Right now, all it gives me is the serial number of the asset.
Searching for an asset
Can you provide a screenshot? I'm not sure what you're looking at.
Mike Clemson, Systems Engineer
Intuitive Technology Group -- Symantec Platinum Partner
I think what you're looking
I think what you're looking for can be added by clicking the "Format Table" button located on the solid grey bar above your results.
Simply add the field for Asset_ip_address and place it in the order you're looking for.
- Matt
I did format the table to
I did format the table to include the Asset IP address field, Asset Name, and the other default fields. The Asset Name appears but the Asset IP address of that Asset Name does not appear.
Interesting . . .
Does the address appear when you view the asset in Helpdesk solution?
Can you modify the asset from within helpdesk or is it imported from NS inventory?
- Matt
The IP address does not
The IP address does not appear when I view the asset in the HelpDesk Solution. The asset cannot be modified within HelpDesk. The asset is imported from Notification Server. When I use Resource Manager to edit the asset, under Resource Summary, Network tab, it does not show the MAC, Subnet Mask, DNS servers, etc. And where it should show the IP address, it says static instead. Even if the IP is a static IP, it should still show the actual IP address, right?
When I run a report of all computers, I can edit a computer and it shows the IP address there. So I know that the IP address information is available - I cannot just see it in HelpDesk Solution.
I really need to route via subnet rather than computer name. With the computer name, I am relying on the user to choose the asset and most of the time, they don't know what their computer name is. Any help in getting this to work is greatly appreciated!
Static IP resolution?
Was there any resolution to this issue? I also have machines where the information in the Resource Summary is only showing (static) in the IP address: field and nothing else. There is no other information in that section. When I check the Inventory Tab, there is no AeX AC TCPIP information listed in the Tree pane.
help please
I have to create a validation rule or an incident rule that serves so that if the employee is not assigned or dont belonging to that employee especific queue could not alter the ticket, summarizing that only queue members or the employee thath is currently assigned can to modify their tickets, I welcome your comments.
Would you like to reply?
Login or Register to post your comment.