Alert policies for different applications

Do we need to create seperate policies for alert conditions of different applications OR Should we keep all the alerts along with their alert ids in Single Policy that is integrated with Alert Manager?

Hi @Srishti.Singla

You can have conditions from different apps under the same policy.

The policy will determine what notification channels and incident preferences will be used by the conditions that it contains so, it would depend on how you want or organize and group your conditions.

Please let me know if you have any doubts.

thanks

Rodrigo

okay, but keeping all alert conditions in single policy will let us know that failure occcured but won’t tell us which monitor triggered the alert i.e. monitor id is not mentioned in alerts.

If you use an NRQL alert condition FACETed on the monitor name or ID, then the ID will be passed in the notification, for example:

SELECT count(*) FROM SyntheticCheck WHERE result = 'FAILED' FACET monitorId
1 Like

Hi @Srishti.Singla

I’m wondering if you have any doubts?

Thanks @philweber for the solution.

thanks

Rodrigo

Hi @philweber
Ok, using facet monitor id we can get the id in the notification recieved but what if we have different notification channels for different applications and we have to use only one common DJAlert policy. How should we configure this scenario?

You cannot do that. Notification channels belong to the alert policy; if you want to notify different channels, you will have to create separate policies.

@philweber is correct about how policies relate to notification channels.

Policies are also currently a container that can buy used to group alert violations into the same incident in order to reduce noise, and improve the troubleshooting process.

#whats-on-deck
Later this year, we will be releasing a new capability called “Workflows”. This new capability will allow you to specify different notification destinations (aka channels) based on a flexible mapping of metadata about the Incidents. This will allow individual conditions in the same policy to use different notification destinations (channels). It will also allow you to do such things as send notifications for Incidents with a “warning” level severity to a different destination that you use for “critical” incidents, etc.
Follow the #whats-on-deck tag to be notified about the things that are in active development, and coming soon.

2 Likes

Hi @philweber,
I have used this alert condition to get alerts notification on any voilation in any of the monitors for a particular application and faceted monitor id as follows:

SELECT percentage(count(*), WHERE result=‘FAILED’) AS ‘ErrorRate’ FROM SyntheticCheck WHERE monitorId = '82e851bf-7960-491c-a814-9d9ab9e5eed9’OR monitorId = 'af69e278-cfa7-4f5d-8e71-b7a93d0e98f8’OR monitorId = '734641ec-c3bd-4f96-8008-19cedf78da95’OR monitorId = '3ab60f13-b1e1-4675-9bfa-1e636ec2d39e’OR monitorId = '5c3efed9-0532-4b17-bd97-2defeffd0b20’OR monitorId = 'cacbbfc6-2a4a-4319-8bc4-e3f468b00306’OR monitorId = '47115b0c-4685-4558-b6d7-a08a44ab8be5’OR monitorId = 'f3bb5afa-c83a-4575-9586-ba3290ae46d1’OR monitorId = 'ec3508ef-b972-4f45-ac0c-a405c331dcc4’OR monitorId = 'cf65e02f-d2d7-4255-941a-051c99a52d1c’OR monitorId = 'd68647a4-3990-41ef-ab63-8cd3e6ee34a5’OR monitorId = '740bb217-203c-45b7-82f5-a98c68c3d80e’OR monitorId = '4e4f7fed-0cb0-48dd-ac68-282a551b4c7c’OR monitorId = 'ef5197f8-c48d-4a39-bac7-cdba8e9246b9’OR monitorId = ‘ca7a700a-8115-4d6c-a344-8b56508ff17f’ FACET monitorId

But when i recieved the alert notification, i didn’t get to know the monitor id in it.

@philweber - Are you talking about monitor id in incident that occurs? Also please let us know if this query is fine in order to get notified when any monitor among suppose 20 monitors voilates that belongs to a specific application. And if 2 or more monitor fails, will this generate those many number of alerts at the same time?

@Srishti.Singla Have you resolved this? Alert manager is not a common notification channel that I have seen, if you are still having issues can you please provide a permalink to the notification channel, the condition, and an incident that did not go through the way you expected. Thanks