Recently a member of the support team at SolarWinds posted “Cutting Down On Alerting Noise: Guest Post From Support”.
The challenge of alert fatigue and noise is a big one. Many companies have attempted, and still are attempting, to solve this issue. BigPanda, is an example of such a company.
In the original post, three tips are detailed.
The first tip discusses custom properties – which allows you to control who gets alert and if they are sent at all. This is great and useful to ensure that whoever does get alerts, should get them.
The second tip instructs you to teach Orion what the dependencies are between your devices. This is something that I have personally rarely seen a user of SolarWinds NPM do.
The third tip though, is a bit more interesting. The ability to create custom conditions – essentially teaching Orion how to look at more than one parameter to provide you with a more interesting and actionable alert. The challenge here, though, is that it is up to the user to define these. How will the user think of what to define? How much effort will it take them? This is a great feature, which SolarWinds introduced in NPM 11.5, but I’d be interested to see who uses it and how.
The reason this post is so interesting to me, and us at indeni, is that it strikes a chord with what we’re doing. Our operating assumption is that alerts must be actionable and as few and far between as possible, to ensure alert fatigue doesn’t settle in. To do that, we need to factor in relationships between devices (see tip #2 above) and complex conditions that factor in dozens of parameters (see tip #3 above).
Our approach is proven – 97% of the alerts we issue get actioned immediately. That shows that alert noise isn’t a problem in our approach. I can tell you, however, that knowledge generation, the mechanism through which you determine relationships and complex conditions, is one. That’s the really tough nut to crack.
Thankfully, we’ve got smart guys working on that. 🙂
So – if you’re an Orion NPM user and are looking to get far deeper insight into devices made by Check Point, F5, Palo Alto Networks and others (see our supported technologies list) – you need to try indeni. One important feature about indeni is that it can replace your NPM for the specific devices indeni already supports, and you can have indeni’s alerts forwarded to directly to your ticketing system.
If you found this article interesting, you should sign up for our newsletter.
Fill out the form below.[ninja_form id=20]