Hello,
Forgive me if I missed a previous post on this but, I have been having a hard time finding any related material. I have found that as I learn more about how alerts can be constructed with Alert Manager, that I am now finding it difficult to choose an overall strategy/standard approach to creating the alerts as there are so many ways to get the job done. I've come to the point where I think i have two options to follow and I was hoping the community might have some insight. Here is where I am at
1. "Simple Alerts"
- Lots and lots of very simple alert definitions. Ex: Cpu % util > 80% Where CustomProperty = MyServerGroup
- Easy to understand
- Easy to troubleshoot
- Easy to create
- Difficult to keep track of so many alerts
- Large amount of work required to create so many alerts
2. "Advanced Alerts"
- Dynamic (make use of variables wherever possible)
- Complex (difficult for others to manage/maintain)
- Greatly reduced number of alert definitions
- Advanced knowledge required (SQL alerts, somewhat complex logic)
Myself I am leaning more towards advanced alerts but, I want to ensure that what I choose now is going to work well for the next few years as new team members come on board. Any thoughts/feedback/flaming would be appreciated, thank you!
