Alert Suppression – achieve better false alerts protection through dependency configuration in monitor groups
To help limit the number of alerts sent when critical devices fail, Site24x7 allows you to create dependency relationships between the critical device monitors and the monitors for resources that lay beyond these devices. A network outage usually triggers hundreds of alert messages, and calls to multiple personnel, even when a few of them were genuinely redundant. It's likely that you may burn through all your notification credits fairly quickly in such a scenario. To overcome such unforeseen usage of alert credits, you must set up a relevant Dependency Configuration in your monitor group. With dependent resources in your monitor group, Site24x7 will suppress all redundant alerts based on your dependency monitor's status. An entry is added in the alert logs mentioning the same.
Use Case:
Lets say, you've a monitor group configuration with monitors like router, websites, SSL certificates and web server; and, the web applications are connected to the internet via this router. Assume, the router fails, it's obvious that the web applications will be inaccessible from outside the router, which is equal to a failure. Unfortunately, this would still turn out to be catastrophic, because of the deluge of false alerts triggered. It leads to unforeseen exhaustion of your purchased alert credits and also leads to productivity loss for your IT team.
Solution:
Dependency Configuration: The following conditions need to be adhered to in order to achieve better alert suppression and remove redundant alerts.
- If your web application is initially detected as down during a poll, Site24x7 would check whether the web application is associated with any monitor group or not. If it's not associated with any group, Site24x7 will trigger alerts for your web application as normal.
- If your web application is initially detected as down during a poll, and Site24x7 identifies your web application to be associated with a monitor group, Site24x7 will trigger alerts as usual, unless you've set up alerts suppression option in your dependency configuration.
- In the case, where your web application is detected as down during a poll, and the alert suppression is also marked, you can create a rule that when the web application is down, no alert will be sent if at the same time your router is also down. If this rule is in place, each time the system detects an error with your web application, it will check the status of your router, and if the router is down, no alert will be sent for the web application. Site24x7 will capture and record all the data of the web application, including response data to the database. But, the alerting will be stopped. However, an entry will be added in the alert logs mentioning the same. You will be also notified of the error of the router and obviously all systems behind this router will be unreachable. If on the other hand, your web application is "DOWN" and the router is "UP", you'll be promptly notified about the web application's downtime.
- If in case the dependent router's polling is still under progress, Site24x7 will wait for the updated status of the router, before deciding on whether to trigger or suppress the alert for the web application.
- If the router is under maintenance, Site24x7 will automatically stop alerting.
Related Articles
What are the major differences between Monitor Groups and Tags
Monitor Groups A Monitor Group helps in logically grouping resources, and provides a business perspective of the resources. It can be used for: Filtering monitors in the Home tab - Monitor Status Page. Filtering monitors in Configuration Rules and ...
Steps taken by Site24x7 to prevent false alerts
Site24x7 is committed to zero false alerts and we have numerous measures in place to make sure downtime alerts from Site24x7 are genuine. Site24x7 eliminates false alarms by applying the "False Alarm Protector". Threshold and Availability Profiles ...
Troubleshooting false positive alerts in monitoring
Problem False positive alerts are being generated. Possible cause The monitoring system is down in some locations. The Website monitor might be configured for one location, such as Seattle, but may appear down when accessed from another location, ...
Alert Notifications badge
What is Alert Notification badge? View real-time status updates for all your monitors with the Alert Notifications badge on the top-right corner of the client dashboard. This feature ensures that no critical updates are missed, even on a static ...
How to enable or disable anomaly alerts
Understanding alerts In Site24x7, there are two different types of alerts in anomaly detection: Status change alert: Triggered when there is a change in the monitor status, such as Trouble, Critical, or Down. Anomaly alert: Triggered when irregular ...