Laszlo,
From what I can tell in your screenshot, the problem is that you are requiring a match against ALL of the following conditions:
mempool_free greater 10
mempool_used greater 10
mempool_perc greater 10
Are you sure you to match against all of those conditions at the same time? Try cutting it down to just the mempool_perc value and then set a sensible threshold that isn't going to alert unnecessarily.
It also looks like you may be forcing the check to match against two sysNames, but a device will only have one sysName. If you want to do it that way, you should add an association rule group that changes the condition to OR and then list each of the sysNames there. Although I would be inclined to just make the check more generic to match a broader set of devices. By creating broad-matching checks, it will automatically apply to any new relevant devices that get added.
Michael
Just tested this and it works:
adam.
We have some Check Point firewalls and if i make an Alert check to their memory usage and try to associate it to these firewalls, after the SAVE CHANGES the check doesn't shows any associated items even if i set the hostname directly or use the exact hardware type of it like the attached pictures.
If i add the "Device Vendor in Check Point" it shows our other Check Point-made firewall but not that is in the attached picture (where the hardware is 15600 or the hostname is **fw01 .
Is it a bug or just i made a mistake?
