Hi all
I have a customer running ISE 2.2 and I am trying to set them up with email alerts for specific CRITICAL alarms only (e.g. disk threshold, certs expired, etc) but I don't have an ISE 2.2 system to test with. But I have an ISE 2.4 patch 5 lab and I thought that the email alerting should be similar (if not identical) ?
When I was testing I found that ISE would not send an email for the alarms I was testing because ISE had not yet generated the alarm itself, even though the actual event had really taken place!
e.g. I changed the config in ISE, but ISE would not create an Alarm for that - hence, no emails. And early on in my testing I enabled the feature to send alarms for ALL events and then by coincidence an Alarm was created and I received an email. This caused me to believe that I needed to enable this feature globally. But I think that was a red herring.
I need a reliable way to test this feature. I have chosen the NTP sync failure and Smart Licensing Registration, because these are things I can easily toggle to provoke events (e.g "Fewer VM Licenses installed" is a reliable alarm) .
Just beware that even though you create some fault/event in ISE, the Alarm event generation may be delayed by hours - and you won't receive any emails as a result. I don't know how the Alarming works in ISE. e.g. if I consistently break NTP, why don't I get emails about that?
I have been on a bit of a journey of discovery today, realising that ISE Alarms are generated at different intervals. e.g. ISE Inactivity is every 15 minutes. But NTP failures are only alarmed every 75 minutes. I have not seen this documented anywhere?
Does anyone have a reference of how often these various alarms are sent out? I am afraid of spamming my customer with ISE alarm emails.
