Alert suppression

Alert Suppression – achieve better false alerts protection through dependency configuration in monitor groups

To help limit the number of alerts sent when critical devices fail, Site24x7 allows you to create dependency relationships between the critical device monitors and the monitors for resources that lay beyond these devices. A network outage usually triggers hundreds of alert messages, and calls to multiple personnel, even when a few of them were genuinely redundant. It's likely that you may burn through all your notification credits fairly quickly in such a scenario. To overcome such unforeseen usage of alert credits, you must set up a relevant Dependency Configuration in your monitor group. With dependent resources in your monitor group, Site24x7 will suppress all redundant alerts based on your dependency monitor's status. An entry is added in the alert logs mentioning the same.

Use Case:
Lets say, you've a monitor group configuration with monitors like router, websites, SSL certificates and web server; and, the web applications are connected to the internet via this router. Assume, the router fails, it's obvious that the web applications will be inaccessible from outside the router, which is equal to a failure. Unfortunately, this would still turn out to be catastrophic, because of the deluge of false alerts triggered. It leads to unforeseen exhaustion of your purchased alert credits and also leads to productivity loss for your IT team. 

Solution:

Dependency Configuration: The following conditions need to be adhered to in order to achieve better alert suppression and remove redundant alerts.
  • If your web application is initially detected as down during a poll, Site24x7 would check whether the web application is associated with any monitor group or not. If it's not associated with any group, Site24x7 will trigger alerts for your web application as normal.
  • If your web application is initially detected as down during a poll, and Site24x7 identifies your web application to be associated with a monitor group, Site24x7 will trigger alerts as usual, unless you've set up alerts suppression option in your dependency configuration.
  • In the case, where your web application is detected as down during a poll, and the alert suppression is also marked, you can create a rule that when the web application is down, no alert will be sent if at the same time your router is also down. If this rule is in place, each time the system detects an error with your web application, it will check the status of your router, and if the router is down, no alert will be sent for the web application. Site24x7 will capture and record all the data of the web application, including response data to the database. But, the alerting will be stopped. However, an entry will be added in the alert logs mentioning the same. You will be also notified of the error of the router and obviously all systems behind this router will be unreachable. If on the other hand, your web application is "DOWN" and the router is "UP", you'll be promptly notified about the web application's downtime.
  • If in case the dependent router's polling is still under progress, Site24x7 will wait for the updated status of the router, before deciding on whether to trigger or suppress the alert for the web application.
  • If the router is under maintenance, Site24x7 will automatically stop alerting.