Relic Solution: How To Achieve Compound Alert Behavior

Support: Alerts/Applied Intelligence (AI) Alerts
, , , ,
#1

Compound alerts

Compound alerts are cool, and a commonly requested feature. What are compound alerts? Simply stated, it’s when you set up multiple thresholds that are dependent upon one another. For example, I could set up a condition that would violate when my app’s CPU usage went over 90%, and another alert condition that would violate when my app’s memory usage went over 90%. A compound alert would not open an incident unless both states were present.

Up until recently, it has not been possible to set up compound alerts out-of-the-box in New Relic. Now that we have workflows, however, you can do it – I’ll show you how below.

How to get notified on a compound alert

Configuring conditions

  1. Select Alert conditions (Policies) on the sidebar.
  2. Choose an existing policy or create a new one to contain your conditions.
  3. Create conditions according to your needs in the policy.
  4. Make sure Incident Preference is set to By policy.
  5. Make sure the Correlate and suppress noise box is NOT checked.
  6. (optional) If you only want “compound alert” notifications, make sure that no notification channels are attached to the policy.

Configuring destinations

  1. Select Destinations on the sidebar.
  2. Create one or more destinations where you would like to be notified.

Configuring a workflow

  1. Select Workflows on the sidebar.
  2. Click on Add a workflow to create a new workflow.
  3. Under Select issues, click Build a query.
  4. Click Select or enter attribute.
  5. In the Filter your data section in the new workflow choose attribute conditionFamilyId, operator exactly matches, and enter the value of the first condition ID (for the condition id location see Screenshot 1 below).
  6. Click on the + AND button and repeat the process with the second condition id (see Screenshot 2 for an example of what this should look like).
  7. In the Notify section choose your configured destination and decide what the payload is going to look like.

Screenshot 1:

Screenshot 2:

**

And that’s it! This workflow will only open an Issue (and thus send notifications) when both conditions have opened an incident.

6 Likes
#2

Dear @Fidelicatessen ,
Thanks for this topic!
Could you please answer the following question:
I get notifications when the last condition from the compound alert ended.
Is it possible to get a notification, in the beginning, when all the conditions are met?

[Example of what do we have right now:
The workflow contains two conditions C1, and C2;
Let’s say C1 started violation at 10 am and ended at 11 am
C2 started violation at 10:30 am and ended at 11:30 am
Then I will get the notification at 11:30 am (when C2 ends)
What I would like to have, is to receive the notification at 10:30 am when C1 was violated and C2 just started ]
Best,
Roman

#3

Hi @Roman.Semenko

Sorry about the misunderstanding! I just learned that this is a limited release – we’ll work on getting your account(s) added to the feature as soon as possible.

1 Like
#4

[update]
Thanks, now I am getting a notification when the last needed condition starts.

1 Like
#5

Hey @Roman.Semenko,

Thank you for letting us know you are now getting the notification like expected. Please reach out if there is anything else we can help with. I hope you have a great day!