Forum Discussion

mnappi's avatar
mnappi
Icon for Neophyte rankNeophyte
9 months ago

Summarized Alerts Based on Resource

Looking back at other tools (PRTG/Solarwinds), they both used to automatically summarize email and other alerts if a lot of alerts were coming from the same device in a brief timeframe.

LogicMonitor could create a lot less alert noise for us by using this simple trick of combining all alerts associated with one resource into one email or one PD incident if a lot of alerts are being fired in a brief timeframe.

LogicMonitor alerts seems to always be per instance datapoint all the time which maximizes the number of alert emails we get.

Then it seems like we need to rely on other tools to correlate these alerts together to reduce the number of alert notifications. For example, ServiceNow could be setup to keep appending new alerts to the same incident ticket based on the resource or through more complex types of correlation.

But the simplest correlation of alerts by resource could be very helpful by itself despite being imperfect.

This seems like this is a built-in (on by default) feature in other monitoring platforms.

Is there any way to do this with LogicMonitor?

2 Replies

  • jhupka's avatar
    jhupka
    Icon for Neophyte rankNeophyte
    25 days ago

    Another way to accomplish coupling & correlation is to utilize Service Insights.  When you define a service you can group together multiple devices/instances and treat their metrics as part of a greater thing.  You then end up alerting from the Service you create, and that gets sent on to the next step of your operations (PagerDuty, ServiceNow, etc).

    One note:  There are limitations on what things in the portal Services can be built on.  For example, the Websites monitoring is not supported at all by Service Insights.

    Service Insights might be an extra sku, like Edwin AI, if you don't already have it in your portal.