Alert Suppression – achieve better false alerts protection through dependency configuration in monitor groups
To help limit the number of alerts sent when critical devices fail, Site24x7 allows you to create dependency relationships between the critical device monitors and the monitors for resources that lay beyond these devices. A network outage usually triggers hundreds of alert messages, and calls to multiple personnel, even when a few of them were genuinely redundant. It's likely that you may burn through all your notification credits fairly quickly in such a scenario. To overcome such unforeseen usage of alert credits, you must set up a relevant Dependency Configuration in your monitor group. With dependent resources in your monitor group, Site24x7 will suppress all redundant alerts based on your dependency monitor's status. An entry is added in the alert logs mentioning the same.
Use Case:
Lets say, you've a monitor group configuration with monitors like router, websites, SSL certificates and web server; and, the web applications are connected to the internet via this router. Assume, the router fails, it's obvious that the web applications will be inaccessible from outside the router, which is equal to a failure. Unfortunately, this would still turn out to be catastrophic, because of the deluge of false alerts triggered. It leads to unforeseen exhaustion of your purchased alert credits and also leads to productivity loss for your IT team.
Solution:
Dependency Configuration: The following conditions need to be adhered to in order to achieve better alert suppression and remove redundant alerts.
- If your web application is initially detected as down during a poll, Site24x7 would check whether the web application is associated with any monitor group or not. If it's not associated with any group, Site24x7 will trigger alerts for your web application as normal.
- If your web application is initially detected as down during a poll, and Site24x7 identifies your web application to be associated with a monitor group, Site24x7 will trigger alerts as usual, unless you've set up alerts suppression option in your dependency configuration.
- In the case, where your web application is detected as down during a poll, and the alert suppression is also marked, you can create a rule that when the web application is down, no alert will be sent if at the same time your router is also down. If this rule is in place, each time the system detects an error with your web application, it will check the status of your router, and if the router is down, no alert will be sent for the web application. Site24x7 will capture and record all the data of the web application, including response data to the database. But, the alerting will be stopped. However, an entry will be added in the alert logs mentioning the same. You will be also notified of the error of the router and obviously all systems behind this router will be unreachable. If on the other hand, your web application is "DOWN" and the router is "UP", you'll be promptly notified about the web application's downtime.
- If in case the dependent router's polling is still under progress, Site24x7 will wait for the updated status of the router, before deciding on whether to trigger or suppress the alert for the web application.
- If the router is under maintenance, Site24x7 will automatically stop alerting.
Related Articles
Alert suppression at the monitor level – Achieve better protection against false alerts through monitor-level dependency configurations
A network outage usually triggers hundreds of alert messages and calls to multiple personnel. However, some of those notifications will likely be redundant. Without the proper alert configurations, an outage event could quickly burn through all your ...
Alert suppression at monitor level – Achieve better false alerts protection through monitor level dependency configuration
Read the knowledge base article to learn more about monitor-level alert suppression.
What are the major differences between Monitor Groups and Tags
Monitor Groups A Monitor Group helps in logically grouping resources, and provides a business perspective of the resources. It can be used for: Filtering monitors in the Home tab - Monitor Status Page. Filtering monitors in Configuration Rules and ...
Configuring voice calls and SMS alerts for AppLogs
For the AppLogs Alerts that you configure in the AppLogs tab, you can set up email, SMS, voice calls, and instant messenger alerts at the monitor level. For example, if you want to configure email or voice call alerts for your Syslog monitor, edit ...
How to configure alerts to be sent to different users for different servers
Different server groups have different use cases and eventually, different directly responsible individuals (DRIs). An alert from a server should be directed to the proper DRI to ensure prompt action and minimized alert fatigue. With Site24x7, you ...