You can now add default alerts to v2 alerting. The initial set includes:
- Auvik Collector Disconnected
- Auvik Collector Discovery
- Firmware Change on Network Element
- High Broadcast Traffic
- High CPU Utilization
- High Interface Utilization
- High Memory Utilization
- High Packet Discard(s)
- High Packet Error(s)
- High Storage Utilization
- Infrastructure Device Offline
- Network Element Offline
- Recent VMware Snapshot Not Taken
- Software Version Change on Network Element
- VMware Hypervisor CPU Module is Bad or Degraded
- VMware Hypervisor Hard Drive is Bad or Degraded
- VMware Hypervisor Power Supply is Bad or Degraded
- VMware Hypervisor RAM Module is Bad or Degraded
- VMware Snapshot Limit Exceeded
- VMware Snapshot Repository Size Exceeded
To add the default alerts, from your Auvik instance:
- Click on Manage Alerts
- Click on New Alerts
- Mouse over the gear(
) icon and click Add Default Alerts
- Click Add Default Alerts on the pop up that appears
After a few second a message will appear confirming that the new default alerts have been added and you will see a list of Alerts appear in your Manage Alerts > New Alerts section.
Existing alert definitions can be sorted and filtered to find the right one. Select one or more alert definitions to perform a number of actions on them.
New Alerts Management
Users will see both the existing Manage Alerts > Alerts and a new Manage Alerts > New Alerts in the lefthand navigation. Users can manage legacy alerts as they always have, while the new page allows users to create new alert definitions and to manage them in a similar fashion.
Similar to legacy alerts, users can navigate to any point in their account hierarchy to view, create and manage the alert definitions relevant to that site. Users can sort the table’s columns and filter the list using various properties using the Search Alerts text box.
|
Column |
Details |
|---|---|
|
Alert Name |
The given name of the alert definition. |
|
Severity |
Shows the severity of the alert definition. |
|
Status |
Indicates whether the alert definition is currently Enabled or Disabled. |
|
Description |
The general description of the alert definition. This is useful to help differentiate alert definitions from each other while managing a lot of them. This is set in the Create New Alert workflow in the Alert Description field and is different than the Trigger Message and Clear Message which are the user-customizable messages users can see on the trigger and clear of an alert in various notifications. |
|
Entities Applied To |
Lists the entities this alert has been applied to. This could be Collectors, All Devices, a specific Tag, or specific entities. |
|
Permission Access Level |
Displays the site the alert was created at, which implies the level of permission required to edit the alert. Since alert definitions can be applied to different sites a user may not have access to, this provides an indication why the user may not be allowed to edit the alert. |
By selecting a checkbox beside an alert definition’s name, users can either view, edit, delete, enable/disable or clone the selected alert definition.
|
Action Button |
Details |
|---|---|
|
View |
Display the selected alert definition in a read-only view. |
|
Edit |
View and be able to edit the selected alert definition. |
|
Delete |
Delete one or more selected alert definitions. You will be prompted to make sure you want to proceed. If you delete an alert definition it will be permanently removed. |
|
Enable/Disable |
Enable or Disable one or more selected alert definitions. Disabled alert definitions will remain in your list, but will no longer generate alerts and notifications. |
|
Clone |
Clone a selected alert to create a new alert definition using the parameters of the chosen alert as default. This is convenient if you have an existing alert with many of the settings you need for a new alert, but you just want to tweak one or two things for a separate alert. |
All Alerts View
Triggered alerts, whether from legacy alert definitions or new alert definitions, will continue to appear in the existing All Alerts page. Click on the row to view the Alert Details, or select a checkbox to perform any actions. V2 alerts cannot be dismissed manually but that will be addressed shortly.
Note: The Pause action button does not apply to 2.0 alerts (Check out Alert Delay for more details on how we’ve replaced the Auto Pause functionality).
A new field named Source in the Alert Details view will specify if this alert was created from a Legacy or New alert definition.
We recommend naming your alert definitions accordingly, so you can easily identify new Alerting 2.0 alerts from your legacy alerts (e.g. 2.0_Infrastructure Device Offline). If it’s ever unclear where a specific alert came from, just refer to this Source field in the alert details view.
Alert Definition Auditing
User actions to create, enable/disable and delete alerts are captured in the Audit Log. Additionally, edits of individual fields in the alert definition will appear in the Audit Log as well.
Managing Alerts in Multiple Sites and Creating Variants
Navigate to any site within your account hierarchy to view the alert definitions that have been applied to that site. Whether the alert definition was created at the site you’re viewing or at a parent site and then applied to the current site, it will be displayed here.
Editing Alert Definitions
Alert definitions don’t strictly follow a hierarchy in terms of sites inheriting other site’s alert definitions. Instead, an alert definition can be applied to any or all sites that is desired, even if it means skipping levels in the account hierarchy.
An alert definition can only be edited from the site of which it was created (mentioned in the aforementioned Permission Access Level column). When an alert definition is edited, the changes are applied to all sites that it is applied to.
Note: When any aspect of an alert definition is edited it is completely reset in terms of active alerts, Alert Delay timers and any other in-progress states. Due to aspects of the alert definition changing, like the trigger condition, Alert Delay timing elements, and clear conditions, any change to the alert definition will invalidate it.
For example:
-
If an alert definition for a specific site is 4 minutes into an Alert Delay timer (see Creating Alerts) set for 5 minutes and you change the alert definition by changing the Alert Delay timer value, the alert definition is invalided so the timer and other aspects are reset.
-
If an alert has been triggered and is active, but you then change the trigger condition, clear condition, notification channels, or any other aspect of the alert definition, it is invalidated and the active alert will be closed.
Creating Variants for Specific Sites
Sometimes there will already be an alert definition applied at a parent site, but you decide a child site should have a slightly different version or even that the child site should have another similar alert that runs in parallel to the original.
It’s easy to create variants of existing alert definitions by selecting the alert definition in the Manage Alerts > New Alerts table and clicking the Clone action button.
Start by navigating to the site where you want the different alert definition behaviour to start. For example, if you have an alert definition created at the global site level which is applied to all sites, but you want a multi-site and it’s children to have a different version of the alert, then navigate to that multi-site.
Select the alert definition of interest by clicking the checkbox to the left of it. Now click the Clone button to open an alert definition edit screen with the fields pre-populated based on the selected alert definition.
Now make any changes to the parameters of the alert definition (Check out Creating Alerts for more details), including setting which child sites this variant alert definition should be applied to. Any or all of the child sites can be selected --they don’t all have to be subjected to this new variant alert defined at the parent site.
Before saving this variant alert, if you’re immediately ready for this alert definition to be active, be sure to enable the alert definition using the toggle at the top of the page. If you’d rather make other adjustments to this or other alert definitions first, then leave the toggle off and you can always make the alert definition active later by using the Enable action button on the alert definition table (Manage Alerts > New Alerts) or by editing the alert definition again.
Examples
Say we have a few organizations set up in our global level site and each of those companies have several children sites. Let’s say we want to alert if memory utilization is >= 80%. We could set up a new alert definition at the global level site (Check out Creating Alerts) and apply it to all organizations and sites, then:
Create a Variant to run in Parallel
Quickly create a variant alert definition for CPU utilization by cloning the memory utilization alert at the global level site. An easy change of the trigger condition, while keeping all other settings, will get this new alert definition up and running fast. Both the memory and CPU utilization alerts would run in parallel for all sites under the global level site.
Create a Variant to Replace One or More Sites
Change the sensitivity of the memory utilization alert definition for a specific organization and it’s children while keeping other organizations and their sites the original value (>=80%).
Navigate to the organization we want to create the variant alert for, select the memory utilization alert definition and click the Clone action button. Change the trigger condition to >=60% and apply the alert to all the children sites belonging to this organization.
Finally, return to the global level site and edit the original memory utilization alert definition to now exclude the organization and its children from the original alert. Now the original memory utilization alert definition will run at >=80% for all organizations and site except for the one we created the variant alert for >=60%.
Check out Alerting 2.0 Activities - Creating Your First Alerts article for more examples.