Managing Alert Noise from your Network Monitoring System
The problem of alert noise is one of the most commonly voiced concerns among system administrators. A high priority is placed on reducing this noise, and this is a major source of complaints about current network monitoring solutions.
There are three key ways of reducing alert noise: correlating alerts, adjusting alerting thresholds and monitoring dependencies. By being able to correlate alerts, you’re able to create views that only show the pending alerts that are currently affecting your network. For example, if one of your monitored servers has exceeded its processor utilization threshold, you of course want to be notified. But if it later falls below that threshold, either through automated corrections, administrator action, or on its own, you no longer need it flashing at you as an alert.
The second way to reduce alert noise is by adjusting alerting thresholds. This can be done simply by tweaking the severity: say increasing the threshold for paging file usage from 80% to 90%. The most advanced network monitoring solutions give you far more options, however. For example, with baseline thresholding you can avoid setting a static threshold altogether, and instead be alerted if for example available memory is 20% less than the average of every hour of the last two weeks.
Another way of adjusting your alerting thresholds is to define how many times the status must exist before you are being alerted. If you’re notified of every spike, this may be too much noise for you. Try adjusting your alerting to only let you know if the threshold has been exceeded for three consecutive tests. This is a great way of limiting noise for less critical alert situations.
Finally, by being able to monitor dependencies you can prevent cascading alert floods. For example, if you have a 48-port core switch that goes down, you don’t want to get e-mails or SMS notifications that all the devices connected to it have gone down. You simply need to get that one, critical alert that your switch is down.
NetCrunch 9 is a cutting-edge network monitoring suite that takes the problem of alert noise seriously. Built-in alert correlation, advanced correlation with comprehensive conditional alerting, and monitoring dependencies ensure you’re only notified when you need to be.
Download it today and get 30 days of free tech support as well as live installation assistance with a dedicated technician. Setting up a proof of concept will cost you nothing, but may save you countless hours sifting through noise, and let you focus on the network problems that truly do need your attention.