Do we need to create seperate policies for alert conditions of different applications OR Should we keep all the alerts along with their alert ids in Single Policy that is integrated with Alert Manager?
You can have conditions from different apps under the same policy.
The policy will determine what notification channels and incident preferences will be used by the conditions that it contains so, it would depend on how you want or organize and group your conditions.
Please let me know if you have any doubts.
thanks
Rodrigo
okay, but keeping all alert conditions in single policy will let us know that failure occcured but wonât tell us which monitor triggered the alert i.e. monitor id is not mentioned in alerts.
If you use an NRQL alert condition FACETed on the monitor name or ID, then the ID will be passed in the notification, for example:
SELECT count(*) FROM SyntheticCheck WHERE result = 'FAILED' FACET monitorId
Hi @philweber
Ok, using facet monitor id we can get the id in the notification recieved but what if we have different notification channels for different applications and we have to use only one common DJAlert policy. How should we configure this scenario?
You cannot do that. Notification channels belong to the alert policy; if you want to notify different channels, you will have to create separate policies.
@philweber is correct about how policies relate to notification channels.
Policies are also currently a container that can buy used to group alert violations into the same incident in order to reduce noise, and improve the troubleshooting process.
#whats-on-deck
Later this year, we will be releasing a new capability called âWorkflowsâ. This new capability will allow you to specify different notification destinations (aka channels) based on a flexible mapping of metadata about the Incidents. This will allow individual conditions in the same policy to use different notification destinations (channels). It will also allow you to do such things as send notifications for Incidents with a âwarningâ level severity to a different destination that you use for âcriticalâ incidents, etc.
Follow the #whats-on-deck tag to be notified about the things that are in active development, and coming soon.
Hi @philweber,
I have used this alert condition to get alerts notification on any voilation in any of the monitors for a particular application and faceted monitor id as follows:
SELECT percentage(count(*), WHERE result=âFAILEDâ) AS âErrorRateâ FROM SyntheticCheck WHERE monitorId = '82e851bf-7960-491c-a814-9d9ab9e5eed9âOR monitorId = 'af69e278-cfa7-4f5d-8e71-b7a93d0e98f8âOR monitorId = '734641ec-c3bd-4f96-8008-19cedf78da95âOR monitorId = '3ab60f13-b1e1-4675-9bfa-1e636ec2d39eâOR monitorId = '5c3efed9-0532-4b17-bd97-2defeffd0b20âOR monitorId = 'cacbbfc6-2a4a-4319-8bc4-e3f468b00306âOR monitorId = '47115b0c-4685-4558-b6d7-a08a44ab8be5âOR monitorId = 'f3bb5afa-c83a-4575-9586-ba3290ae46d1âOR monitorId = 'ec3508ef-b972-4f45-ac0c-a405c331dcc4âOR monitorId = 'cf65e02f-d2d7-4255-941a-051c99a52d1câOR monitorId = 'd68647a4-3990-41ef-ab63-8cd3e6ee34a5âOR monitorId = '740bb217-203c-45b7-82f5-a98c68c3d80eâOR monitorId = '4e4f7fed-0cb0-48dd-ac68-282a551b4c7câOR monitorId = 'ef5197f8-c48d-4a39-bac7-cdba8e9246b9âOR monitorId = âca7a700a-8115-4d6c-a344-8b56508ff17fâ FACET monitorId
But when i recieved the alert notification, i didnât get to know the monitor id in it.
@philweber - Are you talking about monitor id in incident that occurs? Also please let us know if this query is fine in order to get notified when any monitor among suppose 20 monitors voilates that belongs to a specific application. And if 2 or more monitor fails, will this generate those many number of alerts at the same time?
@Srishti.Singla Have you resolved this? Alert manager is not a common notification channel that I have seen, if you are still having issues can you please provide a permalink to the notification channel, the condition, and an incident that did not go through the way you expected. Thanks