We have to have several levels of alert escalation: for Tier 1 nodes and app monitors, emails every 15 minutes until fixed, Tier 2 - every hour, Tier 3 - once a day, ideally in the morning (haven't figured out the "morning" part yet). Then maybe we'll have Tier 4 with one-time alerts only, and Tier 5+ - no emails.
Because advanced alerts don't seem to allow for conditional escalation (e.g. based on severity or node / app tier), that means creating a bunch of separate alerts:
- Tier 1 node down: alerts every 15 minutes
- Tier 2 node down: alerts every hour
- etc.
Then I'd need several alerts (one for each type of escalation) for monitored volumes, interfaces, application monitors... That's a lot of alerts to maintain... Is there a way around that?
Besides that, what is the best practice for configuring these alerts for different types of escalation? Create a one-time alert for all types and tiers of servers, and then configure separate email-only alerts for escalation, with no NPM logging? Or a separate alert for each tier, like above?
Thanks!