Follow best practices when creating and managing alert policies to maximize their effectiveness.
Create custom alert policies to address site-specific concerns. This is a parallel practice to creating custom templates. Do not use the "STA" prefix when naming your customized versions. This prefix is used for the sample STA alert policies.
Unlike the predefined templates delivered with STA, the sample alert policies are not write-protected, and you can modify them directly. However, if you modify or delete the sample policies, you cannot restore them to their original state. For any modifications, it is recommended that you copy the sample policy and modify the copy while leaving the original unchanged.
See Create, Copy, or Modify an Alert Policy.
It is also recommended that you print a record of the sample policies as delivered, so you can re-create them manually if necessary. The sample alert policies are not write-protected and cannot be restored. You should keep copies of the sample policies even if you do not use them.
You should define alert policies using criteria specific to the policy entity type. For exchange and media validation alert policies, use criteria unique to exchanges and validations and not available for drives and media. Otherwise, you may create overlapping alert policies that result in multiple alerts and emails for the same event or resource attribute.
For example, you could create and enable all three of the following policies:
Warning policy for Media: Drive Health Indicator is MONITOR or Media Health Indicator is MONITOR
Warning policy for Drives: Drive Health Indicator is MONITOR or Media Health Indicator is MONITOR
Policy for Exchanges: Drive Health Indicator is MONITOR or Media Health Indicator is MONITOR
The Media and Drive alert policies would each generate an alert every 24 hours for each drive and media with MONITOR health. In addition, the Exchanges alert policy would generate an alert every time a drive or media with MONITOR health is involved in an exchange. You could potentially get scores of alerts from a single drive or media with MONITOR health.
A better approach would be to create and enable the following policies:
Warning policy for Media: Media Health Indicator is MONITOR
Warning policy for Drives: Drive Health Indicator is MONITOR
Policy for Exchanges: Alert: Drive Dump Available Is True
When defining alert policies for drives or media, you can use logical groups in the selection criteria. Because drives and media can belong to more than one logical group at a time, it is usually appropriate to use the "Contains" and "Doesn't Contain" operators when specifying the criteria, rather than the "Is" and "Isn't" operators.
It may be useful to define alert policies to notify you of duplicate volume serial numbers (volsers).