Alerts and notifications
What are alerts?
Alerts are tasks that continually monitor active queries to look for and report on specific events or conditions. When the conditions of the alert are met, an alert notification is triggered.
Alerts can be delivered to servers, groups, or individuals either in real-time or at set intervals. For example, you may define an alert to notify you every time a specific status code appears in a web server event. Or, you might set an alert to be triggered if a server's average response time over a 30-minute period exceeds a set threshold.
Alerts are critical tools for monitoring system performance and data conditions. They can be defined on any kind of query and help you to:
- Troubleshoot systems
- Detect incidents in real-time
- Proactively recognize potential problems
- Identify security weaknesses
- Detect potential fraud or network threats
- Respond more quickly to server crashes
- Identify unexpected and/or unwanted operations occurring in your applications
- Detect inactivity
We start you off with a library of preconfigured alerts that are designed to work with queries built upon common networking data tables. You can activate these alerts to monitor conditions related to web servers, potential threats, Devo platform components, and much more. Read about these alerts here.
Alerts are created based upon active queries. Therefore, to create an alert, go to Data Search, open the relevant data table, and query the data. Once your query allows you to describe the conditions for triggering the alert, select New Alert Definition from the toolbar. For complete instructions, see Create a new alert.
Configuring alerts for distribution
Once you've created an alert, it will be automatically associated with your domain's default sending policy. This policy is partly defined by the delivery methods and the anti-flooding policy it is associated with.
A sending policy dictates how to send an alert, to whom, when, and how often. When the domain is created, there is a default sending policy that uses the e-mail address of the domain's creator as the recipient. This policy will distribute the alert by e-mail, to the domain owner, at any hour, all while respecting the default anti-flooding policy.
You will want to set up new delivery methods and sending policies to accommodate your organization's needs but there must always be a sending policy marked as the default policy. This will be automatically assigned to newly-created alerts.
Read more about sending policies here.
The delivery method dictates how an alert is sent and to whom. For example, a delivery method might be created to send an email to firstname.lastname@example.org, or to distribute the alert message via Pushover to mobile device users.
Read more about delivery methods here.
The anti-flooding policy limits the number of alerts to distribute in the event that the alert is triggered frequently over a short period of time. This way, the anti-flooding policy associated with a sending policy determines how often the alert message will be distributed.
Read more about anti-flooding policies here.
Working with triggered alerts
Once your alerts are activated, they will monitor the queries and trigger when the alert conditions are detected.
The Alerts Dashboard is available to all users of alerts to manage the steps taken in response to triggered alerts and to analyze the history of alerts.
Read more about working with triggered alerts here.
These are simple messages generated by Devo when certain events have occurred in the domain. They can be reviewed in the Notifications area of the web app.
Read more about notifications here.