Skip to main content

Advanced

The Advanced alarm rule template provides monitoring capabilities by allowing you to create complex alarm conditions using multiple variables, related entities, and custom expressions.

advance2.png

Configuration

  1. Rule Name: Enter a descriptive name for your advanced rule.

  2. Description: Provide detailed context about what this rule monitors.

  3. Target Entity: Select the primary entity type to monitor (Application, Host, Storage, etc.)

  4. Max Data Delay: Set the maximum time (in minutes) that IO will wait before evaluating the alarm.

    Recommended minimum: 5 minutes for most advanced rules to account for metric aggregation across multiple entities.

    The system provides this important guidance:

    • Metrics from different entities may arrive at different times.

    • Aggressive alarm calculations can trigger false positives.

    • Data delay helps reduce false alarms and system load.

    • If new data arrives before the delay expires, IO evaluates immediately.

    advance_rule.png

  5. Variables: The Variables section is the core of Advanced rules, allowing you to define relationships between entities and create complex conditions.

    • Select Entity Relationships:

      1. Choose from available entity types (Compute Resources, Storage, Network, etc.)

      2. Select the specific entity type (e.g., "Tier" for application tiers)

    • Configure Variable Properties

      1. Variable Name: Assign a reference name (e.g., RV1, RV2)

      2. Metric/Property Selection: Choose between - Metric: Numerical performance data and Property: Entity attributes or states.

    • Apply Filters (Optional).

  6. Rule Expression and Conditions

    • The visual Expression Builder provides a user-friendly interface for creating complex conditions without writing code.

    • For advanced users who need maximum flexibility, the JSON code option enables.

    • When checked: "Alarm will be triggered if all the conditions inside any of the group will be met" - This creates OR logic between groups and AND logic within groups.

    • Click Add Threshold to create new threshold conditions.

      1. Choose from your defined variables (RV1, RV2, etc.)

      2. Select the target entity's direct metrics.

      3. Reference calculated values from expressions.

      4. Each threshold can be assigned one of four severity levels: Critical, Warning, Info.

      5. Window Setting: Defines the evaluation period for your thresholds.

  7. Configure notifications.

    You can set up a notification plan for the alarm rule to notify users when the alarm is triggered.To add users to the notification plan, click the Add box and check the users to be added. You can also use an email distribution list for the notification plan.

    Note

    Available users are determined by the users listed in the LDAP and User Management sections of the Settings tab.

    The Also Notify field provides the ability to email alarm notifications to people who are not registered users of IO. Unregistered users added to this field can only receive initial notifications about new cases, but do not receive any succeeding notifications, such as investigation updates.Check the Enable SNMP box to send alarm details to a configured SNMP trap. You can use SNMP traps to automatically trigger actions based on your specific requirements.

  8. Choose Action.

    You can choose a default action, which might be predefined in your system. Alternatively, you can select actions such as sending notifications through Webex, Teams, Slack, or other integrated platforms.

  9. Save Rule: Once you have configured all the necessary parameters, click "Save" to create your new alarm rule

In this section: