• State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 32 subscribers
  • Views 2039 views
  • Users 0 members are here
Options
Related
This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

New Modern Dashboard - Alert Stats

chad.every

Wanted to build a new modern dashboard widget that took the average time to acknowledge an alert and how much time that the alert took to close. 

One item to note is that i excluded alerts that were not acknowledged. Knowing that some alerts may appear and clear faster than anyone in the NOC might be able to handle them. This only focuses on alarms that have been acknowledged and subsequently cleared.

2020-09-08 14_50_20-Window.png

After dragging a new widget, i selected 'KPI Widget' from the list.

2020-09-08 15_02_40-Window.png

I added 2 values, one call 'Time to Acknowledge' and the other was 'Time to Close'

2020-09-08 14_59_58-Window.png

The SWQL query for each is the same except commenting out 1 line.

2020-09-08 15_00_54-Window.png

The first value uses this query. The second value comments out the first ROUND line and uncomments the 2nd ROUND Line.

If you want time longer or shorter than a week you can update the DAYDIFF line and change the amount of days to show, currently set at 7.

-- Scripts are not supported under any SolarWinds support program or service. 
-- Scripts are provided AS IS without warranty of any kind. SolarWinds further 
-- disclaims all warranties including, without limitation, any implied warranties 
-- of merchantability or of fitness for a particular purpose. The risk arising 
-- out of the use or performance of the scripts and documentation stays with you. 
-- In no event shall SolarWinds or anyone else involved in the creation, 
-- production, or delivery of the scripts be liable for any damages whatsoever 
-- (including, without limitation, damages for loss of business profits, business 
-- interruption, loss of business information, or other pecuniary loss) arising 
-- out of the use of or inability to use the scripts or documentation.

SELECT 
 ROUND( AVG( TOSTRING(MINUTEDIFF(ah.TimeStamp,ack.timestamp))),2) AS [Minutes Until Acknowledged]
--ROUND( AVG( TOSTRING(MINUTEDIFF(ah.TimeStamp,reset.timestamp))),2) AS [Minutes Until Reset]
FROM Orion.AlertHistory ah
LEFT JOIN Orion.AlertObjects ao ON ao.alertobjectid=ah.alertobjectid
LEFT JOIN Orion.AlertConfigurations ac ON ac.alertid=ao.alertid
LEFT JOIN (SELECT timestamp, AlertActiveID, AlertObjectID,message FROM orion.alerthistory ah WHERE eventtype=2) ack ON ack.alertactiveid=ah.AlertActiveID AND ack.alertobjectid=ah.AlertObjectID
LEFT JOIN (SELECT timestamp, AlertActiveID, AlertObjectID FROM orion.alerthistory ah WHERE eventtype=1) reset ON reset.alertactiveid=ah.AlertActiveID AND reset.alertobjectid=ah.AlertObjectID
WHERE
    DAYDIFF(ah.timestamp,GETUTCDATE())<7
    AND ah.eventtype=0
    AND ac.Severity IN (1,2,3)
    AND ack.timestamp IS NOT NULL
    AND reset.timestamp IS NOT NULL

Kudos to  for the original post here for the SWQL base i used.

Parents Reply Children
No Data

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 195,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification Media Vault Link Accounts
About THWACK Blogs For Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2024 SolarWinds Worldwide, LLC. All Rights Reserved.