Alerts and notifications

What are alerts?

Alerts are tasks that continually monitor active queries to look for and report on specific events or conditions. When the conditions of the alert are met, an alert notification is triggered.

Alerts can be delivered to servers, groups, or individuals either in real-time or at set intervals. For example, you may define an alert to notify you every time a specific status code appears in a web server event. Or, you might set an alert to be triggered if a server's average response time over a 30-minute period exceeds a set threshold.

Alerts are critical tools for monitoring system performance and data conditions. They can be defined on any kind of query and help you to:

Troubleshoot systems
Detect incidents in real-time
Proactively recognize potential problems
Identify security weaknesses
Detect potential fraud or network threats
Respond more quickly to server crashes
Identify unexpected and/or unwanted operations occurring in your applications
Detect inactivity

We start you off with a library of preconfigured alerts that are designed to work with queries built upon common networking data tables. You can activate these alerts to monitor conditions related to web servers, potential threats, Devo platform components, and much more. Read about these alerts here.

Creating alerts

Alerts are created based upon active queries. Therefore, to create an alert, go to Data Search, open the relevant data table, and query the data. Once your query allows you to describe the conditions for triggering the alert, select New Alert Definition from the toolbar. For complete instructions, see Create a new alert.

Configuring alerts for distribution

Once you've created an alert, it will be automatically associated with your domain's default sending policy. This policy is partly defined by the delivery methods and the anti-flooding policy it is associated with.

Sending policies

A sending policy dictates how to send an alert, to whom, when, and how often. When the domain is created, there is a default sending policy that uses the e-mail address of the domain's creator as the recipient. This policy will distribute the alert by e-mail, to the domain owner, at any hour, all while respecting the default anti-flooding policy.

You will want to set up new delivery methods and sending policies to accommodate your organization's needs but there must always be a sending policy marked as the default policy. This will be automatically assigned to newly-created alerts.

Delivery methods

The delivery method dictates how an alert is sent and to whom. For example, a delivery method might be created to send an email to itsystems@yourcompany.com, or to distribute the alert message via Pushover to mobile device users.

Anti-flooding policies

The anti-flooding policy limits the number of alerts to distribute in the event that the alert is triggered frequently over a short period of time. This way, the anti-flooding policy associated with a sending policy determines how often the alert message will be distributed.

Read more about anti-flooding policies here.

Working with triggered alerts

Once your alerts are activated, they will monitor the queries and trigger when the alert conditions are detected.

The Alerts Dashboard is available to all users of alerts to manage the steps taken in response to triggered alerts and to analyze the history of alerts.

Read more about working with triggered alerts here.

Notifications

These are simple messages generated by Devo when certain events have occurred in the domain. They can be reviewed in the Notifications area of the web app.