CA Automation Point

Automation Point Alert Manager zone/owner overview

  • 1.  Automation Point Alert Manager zone/owner overview

    Posted 10-08-2019 03:02 PM

    Hello all,
    We have implemented Automation Point 11.6.1 after doing the beta test.
    Aside from a minor inconvenience with the change in the database structure. (We did not need to maintain the data). The improvements added in the general release have met our needs.

    As a company Ensono currently has around 250-300 different LPARs that we will be pointing toward AP AM.
    That has left us with a challenge when it comes to the Zone setup. Having a larger user base of 300+ with as many LPARS this is a challenge. 

    Zone setup was created to add a layer of security. For example US or EU only clients can be placed into their own unique zone and only authorized employees would have access. For a global operation this allows one portal for all employees to view the necessary LPARS

    So I am going to breakdown the zone setup for a few scenarios. If you have 11.6.1 installed you will find the settings under Events Interface - Alert Manager Control Panel. Click Configure then Click on Zone/Owner definition.

    If you do not need to use zones and do not need to add owners to the alerts simply changed the Unassigned zone permission level to FULL and save.

    Remember every time you update Alert Manager Control panel and you need the changes to be implemented not only do you have to Cycle Automation Point and Tomcat.

    If you require any type of zone and restrict who has access to it. This becomes a bit more involved. Setting the permission level to FILE makes the most sense. I first created a folder inside the PROGRAM DATA – MY FILES and added a folder called PERMISSIONS. Inside that I create a file for each zone. Make your zone names meaningful. So with my USONLY zone I have a file called USONLY. I do a simple text file that actually has notes on that zone. I then give permissions to the users who need access.

    If you have a lot of users that you can group. Grouping users at the Windows Security Level in groups such as USONLY saves time. At this time, you still have to cycle AP and Tomcat to complete the process.

    If a user does not have access to the file, the user will not have access to the zone.

    The other factor here is the RESOURCE. Resource is key to what messages go to which zones. Some use cases may require a subset of messages going to more than one zone. Some tape messages may be needed just for the tape room and some may require operations see the message as well. This is where there are a few possible ways of doing this which will be tailored to your needs.

    The more complex your setup the more time you will need to spend on fine tuning this. I hope this makes this process a little less daunting. I still do not like that I can not quickly see variables or the number of steps in user setup and creation. Along with there is no flexibility at this time at the user level to control what they see inside the zone.