- 15 Feb 2023
- 2 Minutes to read
- Contributors
- Print
- DarkLight
- PDF
Alerting Overview
- Updated on 15 Feb 2023
- 2 Minutes to read
- Contributors
- Print
- DarkLight
- PDF
Alerting is a powerful tool for any analytics platform, cause we can't expect users to be sitting in front of our app 24/7. Set policies, get proactive notifications, then come explore in Analytics!
Alerting adds a new form of macro-level, derived metrics to the Skylight Analytics platform. This is a complex topic and will be covered across a series of articles with more to come as the use cases for this class of data are expanded. For more information, see: Alert Policies.
Overview
Alerting provides multiple new entry points into the Skylight Analytics dataset:
- Preemptive identification of issues
- Metric noise reduction
- Macro trending
- Alerting on third party data
- Upstream notification (via SNMP)
Skylight Analytics treats alerts as a peer datasource to ingested metrics, so alerts based metrics such as Raised Alerts
can be used directly alongside the typical Delay
or Traffic
metrics in Dashboards, Reports and Analysis contexts.
Alert Policies
Alerts are derived from conditions set against metrics within scoped (i.e. filtered) datasets.
- Session based alerts currently have access to all categorical metadata for filtering and a single ingested metric per policy.
- Capture based alerts currently are limited to application or zone based filtering but support multiple ingested metrics per policy.
Policies specify raise / clear conditions for specific time frames and metric thresholds.
By default the system supports up to 25 enabled policies at a time to control compute resources.
Alert Conditions
Two types of alert conditions can currently be set.
- Sustained Violations alerts are raised when a metric has breached a threshold for the entire interval of time, with a minimum interval of 1 minute.
- % Interval in Violation alerts are raised when a metric has breached a threshold for a % of the interval of time, with a minimum interval of 1 minute.
Alerts as a datasource
Because the conditions in policies can be set to only produce data (alerts) in interesting circumstances, alerts can be a powerful tool for both noise reduction (data is only produced when underlying metrics are interesting) and trending (more focused data can produce more accurate trends).
As noted above, alert metrics can be used in the same circumstances as more traditional metrics, but should be viewed as supplementary higher-order data with the more detailed source metrics used for analysis after alert data provides a focal point for an investigation.
Further discussion
To determine how alerts may be useful to you please take time to read the articles in this series provided above and don't hesitate to contact our Customer Success team; as we expand on alerting use cases within Skylight Analytics we're always looking for more input directly from our customers to help shape the product vision.
© 2024 Accedian Networks Inc. All rights reserved. Accedian®, Accedian Networks®, the Accedian logo™, Skylight™, Skylight Interceptor™ and per-packet intel™, are trademarks or registered trademarks of Accedian Networks Inc. To view a list of Accedian trademarks visit: http://accedian.com/legal/trademarks/.