Alerts
An SLA violation can be configured with one or more alerts. A Sentinet alert is an event triggered on certain conditions, for example when an SLA is violated or registered X.509 certificates are about to expire. (See the X.509 Certificates Management Infrastructure chapter in this guide for more details.)
Each SLA can be configured with one or more alerts. Click on the ALERTS tab.
To add a new alert, click the + Add button, to modify an existing alert, click the [...] button.
Each alert is configured with the following properties:
Property | Description |
---|---|
Name | Alert-friendly name |
Minimum Alert Generation Period | Each alert event of that type is generated not more often as specified by the value of this property. For example, some alerts may be generated not more than every 10 minutes, while others may be generated not more than once a day. |
Enabled | Enables or disables alert generation. |
Alert Actions | An alert can be configured with one or more alert actions. For example, an alert event can trigger sending emails and logging error messages in the Windows Event viewer. Custom alert actions can be added to add custom alert processing. |
Minimum Execution Period | The period of time in which the defined actions are performed, in the examples shown in the figures on this page, the violation alert (above) is generated every minute, but the corresponding “Send Email” event (next figure below) only occurs every 24 hours. |
Alert Actions
Each alert can be configured with one or more independent alert actions, that will execute once an event is triggered. Sentinet provides two built-in alert actions, Send Email(s) and Write to Windows Event Log. Custom alert actions can be registered with Sentinet and configured with alerts.
Every alert action has two common properties -- Minimum Execution Period and Enabled flag. An alert action can be executed upon alert triggering, but no more than every Minimum Execution Period value. For example, some alert actions can be instructed to execute at minimum once a day (for example: Send Email), while others may execute every minute (for example: Write to Windows Event Log). The Minimum Alert Generation Period property of the alert is different from the Minimum Execution Period of the alert action (see example above). Minimum Alert Generation Period may instruct to generate SLA violation events every minute, while Minimum Execution Period may cause Send Email alert action to act upon accumulated events every 1 hour (in this example, it might be impractical to receive emails every minute). The Enabled flag allows stopping and resuming of alert action execution (for example, the Send Email action can be temporarily or permanently disabled from sending emails).
Click one of the alert actions management buttons to add a new or modify an existing alert action.
Select one of the built-in alert actions or a custom alert action from the drop-down list. Before a custom alert action can be selected, it must be registered with Sentinet (see Custom Alert Actions chapter).
Send Email(s) Alert Action
The Send Email(s) alert action automatically delivers emails to all Sentinet users that have specific access to the Repository folder in which the SLA is created. This alert action can be additionally configured with specific email addresses.
The Send one email per address field specifies whether a single email will be sent to all recipients or each email is sent separately.
The Send one email per alert field specifies whether one email may contain multiple alert events or one email will be sent per event occurrence.
The Subject and Body fields specify the templates for the email subject and the email body. The templates may include tokens that will be replaced with the actual alert data.
Common template tokens are:
{Id} - alert database identifier
{TypeId} - alert type database identifier
{TypeName} - alert type friendly name
{Subtype} - alert subtype
{SourceTypeId} - alert source type database identifier
{SourceTypeName} - alert source type friendly name
{Description} - alert description
{DateTime} - alert generation time in the reporting time zone
{DateTimeUtc} - alert generation time in UTC
Service Agreement specific template tokens are:
{Data.ServiceAgreementId} - database identifier of the violated service
agreement
{Data.ServiceAgreementName} - friendly name of the violated service
agreement
{Data.ViolationStartDateTimeLocal} - the most recent violation's date
and time reported in the service agreement reporting time zone
{Data.ServiceAgreementTimeZone} - service agreement time zone identifier
Write to Windows Event Log Alert Action
The Write to Windows Event Log alert action logs custom Windows Events. Third party management tools can be further configured to monitor these specific Windows Events and custom scripts execution.
The Write to Windows Event Log alert is configured with standard Windows Event properties described in https://technet.microsoft.com/en-us/library/cc765981.
Custom Alert Actions
Before an alert can be configured with a custom alert action, they must be registered with the Sentinet alerting system (see Sentinet Extensibility chapter for generic description of the Sentinet extensibility features). Navigate to Repository root tree item, first select CONFIGURATION, then EXTENSIBILITY tab and click the + Add above the Custom Alert Actions table.
Provide a friendly name for the custom alert action, the assembly that contains the code for the custom alert action implementation and type (.NET class) that implements Sentinet's Alerting API interface. Optional default configuration for the Custom Alert Action (see the Sentinet CustomAlertHandler sample for more details on how to develop custom alert actions).
Once registered, this alert action can be selected from the list of the registered custom alert actions.
The custom alert action component may contain its own (optional) configuration, which can be in free-form text format or in XML as designed by the custom alert action developer.
Custom alert processing is a very powerful Sentinet extensibility feature; it allows developers and administrators to extend the Sentinet Alerting system with active and proactive systems recovery, reliability and high-availability capabilities. For example, an SLA is configured with certain metrics to trigger custom alert processing and when these metrics are violated, can automatically start additional cloud instances to support increased system load.
Alerting System
The Sentinet Alerting System is executed by the Sentinet Agent Windows service configured to execute each scheduled task on its own schedule and based on its own pattern. The relationship between the tasks relevant to the Sentinet Alerting System, alerts and alert action properties is shown in the diagram below.
Agent Task Frequency is configured in the agent's Nevatech.Vsb.Agent.exe.config file, while all other time intervals are configured using the Sentinet Administration Console described earlier in this chapter. Sentinet provides great flexibility in configuring alerts and alert actions and requires a certain level of responsibility of Sentinet users to assign relative time intervals that make sense.