We get weekly alerts that servers are out of compliance because they are behind with a driver or firmware or whatever. We don't update things unless we have a problem so I simply want to turn these alerts off.
I looked through the Alert Definitions and tried to use the Filter and it was completely useless.
The email I received says it's Message ID RAC9000. When I typed that into the filter box for Message ID there were no results.
When I typed "compliant" into the Message Contains filter, it has a few results, but none of them matched the warning email that I received.
What is the disconnect between these things and how do I go about taking an alert email I received and then going to disable that in my Alert Policies if I don't want to receive alerts for that particular item?
Looking at the manual, I think you'll need to modify the compliance baseline. I'll try to get back to you in greater detail tomorrow, but in the meantime, you might reference the manual.
The main problem is that the information within OMEnt doesn't match up. Message IDs apparently aren't the same, wording in the alerts don't match, etc. When the email has a message ID and the alerts page has a list of Message IDs, they should match. The whole alerting section seems to be very disconnected from itself...
I can provide feedback regarding the wording of the alerts, but that's about as far as I can take that part of it. The Alert Definitions are MIB defined entries from the hardware. RAC9000 is an internally defined thing, so it's not in the Alert Definitions search
You can create an alert policy with device compliance checked, then check ignore at the end of the wizard, or uncheck it from the email policy.