Alert suppression

Alert Suppression – achieve better false alerts protection through dependency configuration in monitor groups

To help limit the number of alerts sent when critical devices fail, Site24x7 allows you to create dependency relationships between the critical device monitors and the monitors for resources that lay beyond these devices. A network outage usually triggers hundreds of alert messages, and calls to multiple personnel, even when a few of them were genuinely redundant. It's likely that you may burn through all your notification credits fairly quickly in such a scenario. To overcome such unforeseen usage of alert credits, you must set up a relevant Dependency Configuration in your monitor group. With dependent resources in your monitor group, Site24x7 will suppress all redundant alerts based on your dependency monitor's status. An entry is added in the alert logs mentioning the same.

Use Case:
Lets say, you've a monitor group configuration with monitors like router, websites, SSL certificates and web server; and, the web applications are connected to the internet via this router. Assume, the router fails, it's obvious that the web applications will be inaccessible from outside the router, which is equal to a failure. Unfortunately, this would still turn out to be catastrophic, because of the deluge of false alerts triggered. It leads to unforeseen exhaustion of your purchased alert credits and also leads to productivity loss for your IT team. 

Solution:

Dependency Configuration: The following conditions need to be adhered to in order to achieve better alert suppression and remove redundant alerts.
  • If your web application is initially detected as down during a poll, Site24x7 would check whether the web application is associated with any monitor group or not. If it's not associated with any group, Site24x7 will trigger alerts for your web application as normal.
  • If your web application is initially detected as down during a poll, and Site24x7 identifies your web application to be associated with a monitor group, Site24x7 will trigger alerts as usual, unless you've set up alerts suppression option in your dependency configuration.
  • In the case, where your web application is detected as down during a poll, and the alert suppression is also marked, you can create a rule that when the web application is down, no alert will be sent if at the same time your router is also down. If this rule is in place, each time the system detects an error with your web application, it will check the status of your router, and if the router is down, no alert will be sent for the web application. Site24x7 will capture and record all the data of the web application, including response data to the database. But, the alerting will be stopped. However, an entry will be added in the alert logs mentioning the same. You will be also notified of the error of the router and obviously all systems behind this router will be unreachable. If on the other hand, your web application is "DOWN" and the router is "UP", you'll be promptly notified about the web application's downtime.
  • If in case the dependent router's polling is still under progress, Site24x7 will wait for the updated status of the router, before deciding on whether to trigger or suppress the alert for the web application.
  • If the router is under maintenance, Site24x7 will automatically stop alerting.
    • Related Articles

    • Troubleshooting false positive alerts in monitoring

      Problem False positive alerts are being generated. Possible cause The monitoring system is down in some locations. The Website monitor might be configured for one location, such as Seattle, but may appear down when accessed from another location, ...
    • Monitor and validate DNS IP changes using regex

      DNS administrators often monitor their DNS servers to detect changes in domain resolution and ensure IP mappings remain secure and accurate. Problem When your organization adds or modifies an IP address for your domain name, it’s critical to: Be ...
    • Setting up a website monitor w.r.t content match and HTTP configuration

      Regarding the website defacement (content match) configuration, you can set keyword checks to find the existence and non-existence of keywords in your HTML response. As far as the HTTP configurations are concerned, we support HEAD, GET, and POST ...
    • How do I check if URL redirection works correctly using the Website Monitor?

      A webpage can be made available from more than a single web address using URL redirection. Most redirects are automated and it becomes difficult to track if the redirection works in a specific way. This can be verified using website monitoring in ...
    • Difference between a website monitor and a SOAP Web Service monitor

      Website monitor will support monitoring of any web application via POST, GET and HEAD methods of configuration. Learn more on the performance metrics provided for a website monitor. SOAP Web Service monitors , on the other hand, lets you to ...