Versions Compared

Old Version 9

changes.mady.by.user Igor Shakhbazyan

Saved on

compared with

New Version 10

changes.mady.by.user Igor Shakhbazyan

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Active monitoring system throws an alert "server is unreachable";
  2. On SimpleOne instance, in accordance with the settings specified, the Exception event was created, identical to the alert and having Active status;
  3. The Debounce engine has started to work, and the specified period should pass before any actions can be undertaken (for example, three minutes).
  4. Checking the status of the event associated with this alert (the monitoring system updates alert states, and the event statuses synchronize with them):
    1. If the event status is still Active - raise the Incident immediately;
    2. If the event status has changed to Inactive, then the Incident will not be raised.

...

  1. Active monitoring system throws an alert "disk space is running out, X Mb left".
  2. On SimpleOne instance, in accordance with the settings specified, the Warning event was created, identical to the alert and having Active status;
  3. As opposed to the Exception events, we do not launch the Debounce engine and do not start a countdown. In accordance with the settings specified, to launch the Debounce engine, there must be two active Warning events for this alert.
  4. If the second Warning event was received, then the Debounce engine launches and the specified period should pass before any actions can be undertaken.
  5. Checking the status of the events associated with this alert (the monitoring system updates alert statuses, and the event statuses synchronize with them):
    1. If all the events are still Active - raise the Incident immediately;
    2. If at least one event is Inactive, then the Incident will not be raised.

...

Information events are the lowest-priority events, and they are merely informational. An example of the information event is user authorization notification. In there, it is only necessary to gain many similar events for a specified period, for example, ten login -logoff events of the same user per minute.

...

  1. Event Monitoring collects ten login -logoff events of the same user per minute;.
  2. After that, it raises an incident about suspicious activity. In this case, the Debounce engine is not used.