Over time, Enterprise Alert continues to grow and more and more teams are starting to benefit from Enterprise Alert’s reliable alerting. As part of this process, Enterprise Alert almost always becomes a central component of the NOC and has practically trained the NOC admins. For this reason, here in support we rarely have the pleasure of presenting the features of our alarm center. I would therefore like to use this blog to introduce you to our alarm center and to show you how it makes it easier for you to operate the NOC.
Functions
As you can see, our alarm center is designed very clearly, but still offers many options for filtering, categorizing and sorting. On the left (blue frame) is the menu for filtering the entities available in Enterprise Alert. In this case, entities can be individual users, entire teams, readiness or tags.
In the middle above (red frame) you can find 4 filter options. The two filters open and closed do not require a lot of words, “You get what you see.” Applies here. Overdue includes all alarms in our alarm center that have not been successfully alarmed, be it that not enough users have accepted a broadcast or that an alarm has not been confirmed in time after all escalation levels have been exhausted by the system. In the Acknowledged tab you will find all alarms that have already been successfully acknowledged but not yet closed by the user. This overview is usually used to check / signal that the underlying problem is still being worked on.
On the right edge (green frame) are the filter options for the priorities that you can set for your alarms based on rules, either set yourself or taken from your source system.
In the middle (yellow frame) is the overview of the alarms. All alarms that match the filters you selected are displayed here. The alarms are always displayed with the current runtime of the alarmed entity and the current user to be notified. You will also receive initial information about the alarm here.
Lastly, I want to draw your attention to the two search fields at the top of the screenshot. These allow you to quickly find certain entities, be it tag, user, team or readiness. The search field next to it helps you to find specific alarms based on individual keywords. Do you know who is / was alerted? Do you know what roughly needs to be included in the alarm? Do you know which policy triggered the alarm? Do you know which source system is behind the alarm? Just as the answer is “yes” even once, the search can use this information to provide the desired alarms.
This allows you not to lose the overview even with a large number of alarms and to find specific alarms quickly and efficiently even after the alarm has been raised, should auditing be necessary.
If you have found the alarm you are looking for and would like to know more, all you need is a double click.
Here you have a detailed overview of all relevant alarm parameters. Whereby the most used / most interesting parameters for the NOC are response time and the time until the problem is closed. In most cases, this is enough to verify whether and why SLAs were or were not being observed. Furthermore, all notifications that were sent in the context of this alarm are also listed here. If you want to know more about a specific message, all you need to do is click on it and you will be forwarded to the corresponding notification in the notification log and can see further details there. No more uncertainty as to whether the alarm has actually been received, no more problems with proving the SLA.
Alarm dispatching
Many customers also use our alarm center in NOC operation to manually redistribute alarms. Most of the time, these are incoming tickets, which the NOC operator can then easily view in the alarm center based on the active alarms, teams, on-call or individual users according to capacity utilization and availability. The option is also used to enable the person on call in the event of a serious failure to change from the role of “first aider” to the role of “disaster coordinator” by distributing his own alarms to other standby personnel via the alarm center address the problem as effectively as possible.
Redistributing the alarms is very easy. Find the user, the team or the readiness to whom you want to forward the alarm from the entities (blue frame) and simply drag and drop the alarm onto the new target for the alarm. The system will then immediately begin to escalate. Of course, traceability remains available for these alarms and you always have a direct link to the original alarm.
Summary
The Enterprise Alert alarm center is the go-to feature if you either want to monitor or even control your alarming process. The alarm center offers a multitude of filter options that make it easy not to lose track of even a large number of alarms. The ability to reassign alarms transforms the alarm center from an excellent dashboard into an easy-to-use alarm management tool that helps you use your resources more efficiently.
Do you already use the Enterprise Alert alarm center or did this blog inspire you to do so? Do you have anymore questions? Let us know at support@derdack.com.