1 Reply Latest reply on Nov 28, 2016 7:15 PM by mesverrum

    Alert Administration

    nick_scott

      We have recently had a few situations where our NOC was flooded with several hundred application alerts.  Because of the large number of alerts they were unable to quickly acknowledge/manage those alerts.  They expressed an overall degraded experience at the time of those large number of alerts.  During those flood of alerts the view they were using was a filtered All Alerts view (not the global All Alerts resource)

       

       

      (Filtered non global resource below)

      (Global Resource not utilized

       

      I am hoping and assuming that the global Alert resource is better suited in dealing with larger number of alerts where the NOC will not experience the sluggishness that previously occurred.

       

      If your wondering why we use the non global alert resource, its because we have a subset of devices that the NOC actively manages, those devices and their alerts are filtered through view customization

       

      If I do go the route of the global alert resource I will need to change are existing alerts using the "Team" custom property that is natively existing on the Global All Alert resource.  Otherwise the NOC will be seeing alerts on devices they are not responsible for.

       

       

      Has anyone else had issues with alert administration when not using the global resource ?  Has anyone experienced issues when using the "Team" filter associated with the All Alerts global resource ?  Looking forward to your responses, thank you.

        • Re: Alert Administration
          mesverrum

          The All Active Alerts resource should be filtered already if there is a view limitation applied to the page so you don't need to do anything extra there.

           

          In either case that resource should normally be completely fine with having several hundred alerts and on into the thousands. Maybe your server was bogged down by the actual alert actions associated with the alerts, but this would point to there being some performance issues with your system.  I have mixed up an occasional and/or condition and triggered a wave of 1,000 alerts and if things are running as they should be you barely notice it on the Orion side until your inbox explodes.

           

          -Marc Netterfield

              Loop1 Systems: SolarWinds Training and Professional Services

          1 of 1 people found this helpful