Forum Discussion

Joe_Tran's avatar
Icon for Advisor rankAdvisor
6 years ago

Allow Multiple LogicModule Selection for Alert Rules

My organization originally committed to only creating tickets for CRITICAL level alerts, but naturally marching orders came down to create tickets at WARNING with vastly different set of ticket parameters. The kicker--do this only for specific LogicModules. I figured this was easy enough, until I saw that I wasn't able to select multiple LogicModules for any given alert rule. These LogicModules varied names and datapoints. Creating a glob expression that is not going to cause someone to go cross-eyed would be herculean feat. 

So instead of adding multiple alert rules with the same set of parameters--level, escalation chain, device/website groups--save LogicModule, please add the ability to configure alert rules to accept multiple configured LogicModules. 

3 Replies

Replies have been turned off for this discussion
  • I've submitted a feature request in the past with a suggestion to have he ability to tag LogicModules data points, and then be able use the tags in alert rules.  That way there's be no need to plan out a naming convention for LogicModules or use complicated regular expressions.  Instead alert rule would apply to any data point form any module with the matching tags.  For example, we could then have a "database" alert rule for any data point with tag "database" regardless of LogicModule.

  • They did recently add tag matching for devices/resources, but not for instances or other elements.  I find tags for devices less useful as I can already use groups for the same behavior and all times I have used tags, it has been somewhat contrived (so far).  But it is valuable since it allows more abstract alert policy control without adding unnecessary groups.

    If we could match tags in all alert rule sections (where applicable), then the necessary grouping could be handled via those tags.  If instance groups could be actual groups rather than static macros (and if they could have properties) that could be referenced in the rules, that would also help.  ILP tag references in alert rules would help (and could get rid of the need for instance groups, at least for alert management).