TEC1118795: Introscope Alert Troubleshooting and Best Practices

Document created by Hallett_German Employee on May 25, 2016Last modified by SamCreek on May 25, 2016
Version 2Show Document
  • View in full screen mode

Author: Hallett_German

     Document ID:  TEC1118795

     Last Modified Date:  4/7/2015

 

  • Products
    • CA Application Performance Management
  • Releases
    • CA Application Performance Management:Release:9.7
  • Components
    • COMMUNICATION SERVICE PROVIDER EXTENSION

 

Description:

This provides some information on Introscope Alert troubleshooting and best practices.

 

Solution:

1. Logging just SNMP alerts

Add the following into the IntroscopeEnterpriseManager.properties file on the Enterprise Manager:

log4j.logger.Manager.SNMPAlertAction=DEBUG, snmplogfile      
log4j.additivity.Manager.SNMPAlertAction=false
log4j.appender.snmplogfile=com.wily.org.apache.log4j.RollingFileAppender
log4j.appender.snmplogfile.layout=com.wily.org.apache.log4j.PatternLayout
log4j.appender.snmplogfile.layout.ConversionPattern=%d{M/dd/yy hh:mm:ss az} [%-3p] [%c] %m%n log4j.appender.snmplogfile.File=logs/perflog.txt
log4j.appender.snmplogfile.MaxBackupIndex=2
log4j.appender.snmplogfile.MaxFileSize=20MB

 

2. Avoid using Nested Summary Alerts. These can lead to unpredictable alert behavior.  Below is a setup that is not recommended.

Summary A contains Simple alerts 1-3.
Summary B contains Simple Alerts 4-5.

Summary A also contains Summary B.

*With the above setup, a single alert can cause the entire Summary A alert to move to Danger, thus making it appear as a false positive.  Summary alerts are best used to group Simple Alerts together.  It is not recommended to group Summary Alerts together.

 

3. To track down why a summary alert is a certain color, examine each associated simple alert and find the one with the same color (alert state). Summary alerts inherit from the highest alert condition of the simple alerts.

 

4. Review your Alert configuration particularly the Resolution and Trigger Alert are set to the perform the desired behavior.  Also double check that you are sure you want to alert when ALL metrics go above the Caution/Danger line or when an individual metric goes above the Caution/Danger line.

 

5. Check if alert blackout configuration is set up correctly to receive/not receive alerts.

 

6. Check that the Action configuration is correct if expecting a certain action.

 

7. To be sure that your alert has cleared, set the Trigger Alert Notification to "Whenever Severity Changes" on your Simple Alert.  This tells you when the alert has triggered and when the alert has cleared.

 

8. To verify if the alert is not masking a false positive, go directly to the metric in the Investigator to view its behavior.  Sometimes the regex in the metric grouping that the Alert is based on may not configured properly.

 

 

 

Search the Entire CA APM Knowledge Base

 

search-kb.jpg

Attachments

    Outcomes