Derdack

Targeted Alert Notifications – Anywhere Actions

Derdack
  • Use Cases
    • Overview
    • Enterprise IT Alerting
    • IT Managed Services
    • Mobile Alerting in Manufacuring
    • Critical Operations Alerting in Banking & Financial
    • Field Service Dispatching in Energy & Utilities
    • Use Cases in other Industries
  • Products
    • Overview
    • Enterprise Alert®
      • Overview
      • Alert Notifications
      • On-call Duty Scheduling
      • Collaboration
      • Anywhere Remediation
      • Incident Mgmt. App
      • Integrations
      • Technical Support
      • Online Knowledge Base
      • Derdack FAQ
    • SIGNL4® Cloud
    • References & More
  • How to Buy
    • Overview
    • Pricing and Quotes
    • Find a local Partner
    • Azure Marketplace
  • About Derdack
    • About
    • Careers
    • Partner Program
    • Strategic Partners
    • Derdack Podcast
    • Contact Derdack
  • News & Blog
  • Request Demo
    • de de
  • News & Blog

    • Home
    • News & Blog
    • Technical
    • Alert Enrichment – Get all the Information you need to handle a critical Situation

    Alert Enrichment – Get all the Information you need to handle a critical Situation

    • September 21, 2016
    • Technical
    Alert Enrichment – Get all the Information you need to handle a critical Situation

    When an on-call person receives an alert it is essential that he or she understands it – immediately.

    The Problem:

    The information available from the backend systems (e.g. monitoring tools, facility management, etc.) is often quite cryptic and not self-explanatory.
    Sometimes alert messages are hard to read and understand:

    • Alert on XC3o84-CCP-DEC07, Error code: 1254, Timestamp: 1421920446797, Location: 52.4027477,13.0641529
    • Ticket TCK42564422 assigned to analyst cz1447.
    • NtpClient was unable to …. NtpClient will try again in 3473457 minutes ….
    • STOP: 0x00000F4 (0x0000000000000003, 0xFFFFFA8008BB7B30, 0xFFFFFA80008BB7E10, 0xFFFFF800031E88B0)
    • An error occurred while creating an error report.

    This is the case when the alert message is received by SMS or email and it gets even worse if the message is automatically spoken to the user in a voice call.
    Such information is good for machines but not for humans.

    • What does error code 1254 mean?
    • Is severity 3 high or low?
    • What server was behind IP 192.168.2.105 again?
    • Who is the user “cz1447”? How can I call him or her now?


    The Solution:

    So, how can you translate “machine-speak” into a more “human-speak”? The solution offered by Enterprise Alert is Alert Enrichment. You can replace or add additional information for the alert notifications to be sent out to the users.

    One option is to use scripting. Enterprise Alert offers the Scripting Host which is an add-on for enhancing alert workflows by using own scripts (Java Script or Visual Basic Script). All you need to do is to create a normal policy and then under the “Destination” tab chose a script (“Through Custom Workflows” under “Mode Options”).

    You can create or upload your script under “System” –> “Scripting Host”.

    You can then handle the alerting workflow in the script.
    A very simple script for forwarding an incoming event to a script and then generating an alert might look like follows:

    function OnNewEvent (eventObject)
    {
    var strExternalId = “”;
    var objTicket;
    var strBuilding = eventObject.getProperty(“Building”);
    var strServer = eventObject.getProperty(“Server”);
    var strErrorCode = eventObject.getProperty(“ErrorCode”);
    var strSeverity = eventObject.getProperty(“Severity”);

        // Send the alert message
    // Priority: 0: low priority, 1: major priority, 2: critical priority
    objTicket = EAScriptHost.TicketCreate(“rczachara”, “FF”, 2, “Alert in building: ” + strBuilding + “, on server: ” + strServer + “, severity: ” + strSeverity + “, error code: ” + strErrorCode);
    if (objTicket == null)
    {
    EAScriptHost.LogError(“Ticket not created”);
    }
    objTicket.SetProperty(“externalTicketId”, strExternalId);
    // Set the notification type to User alert
    // 0 = Automatic, 1: User alert, 2: Team Broadcast, 3: Team Broadcast to a schedule, 4: Team Escalation, 5: Team Escalation to a schedule, 6: Subscription Feed
    objTicket.SetProperty(“notificationType”, “1”);
    // Now send the ticket to Enterprise Alert for processing
    if (objTicket.Send() == false)
    {
    EAScriptHost.LogError(“Ticket not dispatched to Enterprise Alert”);
    }
    }


    The output of the alert text looks like follows:
    Alert in building: Berlin Office, on server: 192.168.2.105, severity: 2, error code: 1254

    So, how can you make this more readable? For example you can replace the severity number by an explanatory word:


    // Replace severity
    if (strSeverity == “1”)
    strSeverity = “low”;
    else if (strSeverity == “2”)
    strSeverity = “medium”;
    else if (strSeverity == “3”)
    strSeverity = “high”;

    Or, you can add some command line information like from “nslookup”:

    // Replace the IP address by the server name
    var obShell = new ActiveXObject(“WScript.shell”);
    var e = obShell.Exec(“%comspec% /c nslookup ” + + ” 2>&1 “)
    while(!e.StdOut.AtEndofStream) {
    var line = e.StdOut.ReadLine();

        strServer = line.replace(“Server: “, “”);break;
    }

    Or, you can even add extra information information from a database:

    // Add site information
    var strResult;
    // Get database connection
    var strDbConnectionString = “Driver=SQL Server Native Client 11.0;Server=sqlserver;Trusted_Connection=No;UID=SA;PWD=Derdack!;Database=EnterpriseAlert”;
    var oConn = DbGetConnection(strDbConnectionString);
    if (oConn) {
    if (DbCheckConnection(oConn)) {// Make the SQL query
    var rsUsers = DbGetRS(oConn, “SELECT Description FROM [MMEA].[dbo].[DemoSites] WHERE Site LIKE \’%” + strBuilding + “\’;”);
    if (!rsUsers.EOF)
    {
    strResult = rsUsers.Fields.Item(“Description”).Value;// Add the additional information
    strBuilding = strBuilding + ” (” + strResult + “)”;
    }
    // Close the database connection
    oConn.Close();}
    }

    At the end the alert text might look much better:
    Alert in building: Berlin Office (The key is at the reception.), on server: SQLSERVER2, severity: medium, error code: 1254 (Low disk space.)

    More examples where alert enrichment is helpful:
    •    Send one-time passwords
    •    Add contact information
    •    Add links to tickets or KB
    •    Reformat error codes
    •    Add location information
    •    Format notification depending on media
    •    Add site information
    •    ….

    Do do not let the user guess what an alert message really means and use Alert Enrichment …. 😉

    Please also do not miss the related video under https://vimeo.com/118599348.

    Tagged

    alertenrichment

    Share

    Related Posts

    Enterprise Alert 9.4.1 comes with fixes and the revised version of the sentinel connector app

    February 1, 2023

    Critical System Alerts via SIGNL4

    December 29, 2022

    Enterprise Alert 9.4 Update introduces Remote Actions for hybrid scenarios and proxy support for MS Teams

    October 25, 2022

    Upgrade your shopfloor alerting with Derdack

    September 8, 2022

    About

    DERDACK products combine automated alert notification workflows, 24/7 duty scheduling, ad-hoc collaboration and anywhere IT troubleshooting – reducing unexpected IT downtimes at large enterprises and organizations by 60%.

    Most popular

    • Derdack Company Take your ITIL incident management to the next level with Enterprise Alert
    • Mobile alert notifications for HP Service Manager (HPSM)
    • How to forward alerts to Microsoft Teams
    • Oncall Scheduling On-Call Schedule Management with Auto-Rotation
    • checking-mobile Enhancing SCOM alert notifications
    • Announcing Enterprise Alert 2019
    • Even, Alert, Incident, Notification Definition of Event, Alert, Incident and Notification
    • who-is-on-call-sharepoint Add a live “Who is On-Call” Dashboard into Sharepoint and other Tools

    Categories

    • Business (37)
    • Cloud Services (5)
    • Consultancy (1)
    • Customers (18)
    • Energy & Utilities (7)
    • Events (23)
    • Financial & Banking (4)
    • IT Ops (19)
    • Manufacturing (8)
    • News (48)
    • Schools (1)
    • Software (9)
    • Staffing (1)
    • Support (4)
    • Technical (141)
    • Transport & Logistics (5)

    Tags

    alert alert notifications Anywhere Resolution Anywhere Response Azure azure BMC customer reference Database derdack enterprise alert Enterprise Alert Enterprise Alert 2016 Enterprise Alert 2019 Gartner HPE HPE ITSM incident Incident Management Incident resolution incident response Industrie 4.0 Integration IT Alerting IT Operations Maintenance microsoft mobile Mobile App monitoring OMS on-call on-call schedule Operational Alerting rapid response release Remote Action REST API SCOM security SolarWinds NPM System Center update User Group voice

    Follow us

    • Twitter
    • Facebook
    • LinkedIn
    • XING
    • YouTube
    • Vimeo
    • Home
    • News & Blog
    • Technical
    • Alert Enrichment – Get all the Information you need to handle a critical Situation

    CONTACT US:
    Intl: +49 331 29878-0

    US: +1 (202) 470-0885
    UK: +44 (20) 88167095
    CH: +41 (31) 5391990

    CONTACT VIA EMAIL:
    info@derdack.com

    OFFICES:
    US & Europe

    NEWSLETTER:
    Sign up here

    CAREER:
    Latest job offers

    EVENTS

    • No Upcoming Events
    • Who we help
    • Products
    • How to Buy
    • About Derdack
    • News & Blog
    • Free Trial
    • Twitter
    • LinkedIn
    • XING
    • YouTube
    • Vimeo

     © 2022 Derdack – Imprint, Privacy policy

    • Use Cases
      • Overview
      • Enterprise IT Alerting
      • IT Managed Services
      • Mobile Alerting in Manufacuring
      • Critical Operations Alerting in Banking & Financial
      • Field Service Dispatching in Energy & Utilities
      • Use Cases in other Industries
    • Products
      • Overview
      • Enterprise Alert®
        • Overview
        • Alert Notifications
        • On-call Duty Scheduling
        • Collaboration
        • Anywhere Remediation
        • Incident Mgmt. App
        • Integrations
        • Technical Support
        • Online Knowledge Base
        • Derdack FAQ
      • SIGNL4® Cloud
      • References & More
    • How to Buy
      • Overview
      • Pricing and Quotes
      • Find a local Partner
      • Azure Marketplace
    • About Derdack
      • About
      • Careers
      • Partner Program
      • Strategic Partners
      • Derdack Podcast
      • Contact Derdack
    • News & Blog
    • Request Demo
    Manage Cookie Consent
    We use cookies to optimize our website and our service.
    Functional Always active
    The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
    Preferences
    The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
    Statistics
    The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
    Marketing
    The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
    Manage options Manage services Manage vendors Read more about these purposes
    View preferences
    {title} {title} {title}