Network management: reduce alerts for better performance
This post is also available in: Spanish
When faced with the technological plenitude offered by almost any company’s IT infrastructure you might be tempted to think that installing a monitoring system to oversee each device, and alert your team when there’s an issue, is the best bet. Of course, here at Pandora FMS we love monitoring, but even we realize that less is often more.
“Man’s reach should exceed his grasp”, wrote Robert Browning, when he wanted to extol the human spirit and its insatiable ambition. However, when it comes to network monitoring, too much ambition will leave you trying to micromanage every node, which, if you try to do it manually, like the man in Browning’s verse, will leave little time for anything else.
What do you really need to monitor?
Basically, we’re talking about huge amounts of data, machines, devices, elements, components, gee-gaws, gadgets, and so on, so the best way to go about monitoring these elements is to set up automated alerts. Forego monitoring non-essential equipment and concentrate on business-critical hardware and software
Network Management and Alerts
Webster’s dictionary doesn’t have a lot to say about alerts in the monitoring sense, but we can define them as configurable responses to network events. These responses are channeled through messaging services such as email, Twitter, Telegram, SMS, or even as command executions. Alerts can employ custom properties to identify relational systems and thereby be created intelligently. It’s possible to set up alerts to trigger when certain conditions are met, such as an agent being unresponsive for 10 minutes, or when the CPU’s memory is overloaded.
Configuring alerts to this level of fine-tuning can be complicated on many monitoring tools, which is why Pandora FMS has a modular alerts system allowing the user to separate the triggering condition that launches the alert from the action to execute when the alert is triggered from the command executed.
Modularity is the key to simplifying alert configuration, and will save you time in the long run, as once a new alert is configured you don’t have to configure it again in case you decide to add another agent. Pandora FMS simplifies alert deployment of configured alerts, and makes network management much easier.
Deactivated or deleted alerts
Before cancelling or deleting an alert, remember you can also modify the alerts you’ve previously configured. Take a look at the trigger conditions and add new ones-hey presto! You’ve just reduced the number of alerts that are going to be unnecessarily generated, saving time and money. Give yourself a pat on the back!
Before deleting any alert definitively, you can decide to deactivate it and put it on Standby (the difference between the two states is that alerts on Standby are visible in the alerts view). This is useful if you’re doing some network plumbing and you don’t want alerts triggering at a specific time, for example.
Click on “disable alert” to deactivate an alert from the agent side.
And lastly, if you want to eliminate an alert from the agent you just have to click the trashcan icon on the right.
If your IT environment is composed of heavyweight machines and applications – real beasts – it’s almost impossible to know which machines are running smoothly, or what exactly has gone wrong and where. A monitoring tool gives you the necessary oversight, and a flexible monitoring system like Pandora FMS, with its custom options and module-based alerts, facilitates deployment and maintenance more than certain legacy systems that aren’t 100% integrated, or that don’t easily scale up when your organization does.
So, you’ve deployed your monitoring, configured your alerts, and installed your agents. But you don’t want to be disturbed by inconsequential alerts all the time. Hello, Cascade Protection!
Cascade Protection is a Pandora FMS feature that allows you to avoid a ‘flooding’ of alerts if a group of agents can’t be reached due to a connection failure. These kinds of things tend to happen if an intermediate device such as a router or a switch is down and all the devices behind it simply cease to be reachable by Pandora FMS. It’s probable the devices are working as they’re supposed to, but if Pandora FMS can’t ping them, it considers them to be ‘down’. For those about to be saturated with alerts, we salute you. For the rest, Pandora FMS devised Cascade Protection.
With Cascade Protection activated, only one alert gets triggered, indicating that the router, for example, is down. You’ll still see the rest of the downed elements marked in in red, you just won’t get swamped with alerts.
To get the most out of this function, configure an alert associated to a CRITICAL condition on all parents, and so avoiding triggering alerts on the child agents. Check out the Pandora FMS Wiki for more on how to set up Cascade Protection.
Check out more ideas on how to get the most out your monitoring tool by integrating Pandora FMS alerts in Twitter.