Hello, beginner CheckMK user here. I tuned down the deluge of service notifications on my site by going to Setup - Services - Service monitoring rules - Notified events for services, unchecked Service goes into warning state, Service goes into unknown state, Service goes into critical state, Service recovers to OK. That worked! Now I want to enable notifications for specific critical services on my Windows servers. I set a Windows service discovery rule for the services and confirmed that they are being monitored on the appropriate hosts.
I created a new rule in Notified events for services, checked all events, and set the service names under Services. No notifications. I have tried the rules in either order, no difference. I confirmed that the service I’m using as a test is showing as CRIT on the host in CheckMK. If I disable my earlier rule I return to the deluge of notifications about every single service again.
I have an environment with mostly monitored endpoints.
First rule disables all notifications of clients outside office hours. Easiest way to set outside office timeperiod, is to make a timeperiod with 24/7 and then exclude a previous made timeperiod with office hours
Second rule is both host as service notifications of important servers & devices to main mail address for monitoring.
Third rule is failover sending to bulk archive mail box for further future tuning of notifications. (-;
I would not use this rule set.
Use Setup > Notifications instead.
That being said, notifications are one of the most complex and complicated topics in monitoring, which means there are no shortcuts and no silver bullets. Take your time to set up notifications and test them, before going to production.