Managing and Organizing High Alert Volume Using Rollup
Rolling up Alerts to Decrease Alerts Console Clutter
Sometimes, the best thing for an IT Ops operator is to simplify the alerts information flowing across the console. By selecting a lead alert and then selecting the alerts to roll up into that lead alert, you can significantly reduce the amount of repetitive alerts on the Console. For example, you may have an operator in charge of addressing all the disk full alerts. Instead of forcing the operator to search for each disk full alert, you can roll all of them up into a lead disk full alert so the operator can find all of them at once.
Rolling up Alerts to Connect Events
You may have an IT Ops issue that is creating lots of dissimilar alerts, and you may want to roll them up into one lead alert for an operator so that operator can see the impact of the IT Ops issue just by accessing the lead alert and drilling down into the alerts rolled up under that lead alert. For example, if you have a disk down and that disk stores print spool and email data, you will see disk down, print spooler, and email alerts flowing across your alerts console. You can roll up those print spooler and email alerts into the disk down alert and point your operator at it so your operator has all the information needed to address the leading and all downstream issues lighting up your console.
Configuring Alert Rollup for Your Environment
Rolling up alerts comes with lots of related features that let you customize the functionality to the needs of your specific environment. You can configure the feature to close rolled up alerts when lead alert is closed, include rolled up alerts in reports and exports, and automatically group alerts on roll up.
Finding those Nested and Lead Alerts
Only the lead alert appears in the Alerts console, but the rolled up alerts do not. You can expand the lead alert to see the alerts that you rolled up into it. When filtering the console, the lead alerts are returned but any rolled up alerts are not. However, you can include a condition in the Filter Builder that searches lead or rolled up alerts by using the Has Nested Alerts and Lead Alert ID conditions. This way, you get the power of rolling up alerts with the ability to find the individual lead and rolled-up alerts.