Feature Spotlight: Infrastructure Monitoring with Advanced Event Suppression

Video

ScienceLogic has taken a 4-tier approach to event suppression in regard to infrastructure monitoring, ensuring your IT team is empowered to focus on the events that truly matter, instead of fighting fires. This drives efficiency and creates time to address forward-looking projects.

Video Transcript

In the world of infrastructure monitoring, the bane of every IT manager’s existence is handling unimportant events. Countless hours can be spent sorting through a flood of unactionable events to find the one event that really matters.

At ScienceLogic, we’ve taken a 4-tier approach to event suppression. This ensures that your IT team only focuses on the events that matter—driving efficiency and opening up their time to take on forward-looking projects.

The first part of our 4-tier approach is simply disabling a series of alerts for unimportant events. The user simply filters by technology and event type, and then selects, “Disable.”

The second approach is event suppression based on parent/child relationships. A great example is VMware, where an ESXi host goes down. All of the alerts coming from the VMs associated with that ESXi host, are suppressed. We can do the same with topologies like CDP.

In this example, we are doing suppression based upon the proximity to the ScienceLogic collector. We see that this router has a down network interface, which should be connecting it to this other device. The availability alerts to all of the devices on the right hand side of the screen are suppressed. Further, note that we’ve suppressed over 100 availability alerts—only displaying the one that matters.

The third approach is alert suppression for groups of elements or devices. We set rules within the platform, and as devices meet those rules, they are automatically added to a logical grouping. In this case, we are selecting this group by IP address subnet range and organization name.

If a device belongs to the organization and is in that subnet range, it will be added to this group. Then, you simply add this device group as one of the suppression rules associated with a particular event you want suppressed.

Lastly, we allow you to set advanced rules so you can delay scheduling an event until it occurs a set number of times within a specific time window. Further, you can set weights for each event, so that if multiple events happen at once, the most important one is logged with the others suppressed.