Alerts and Events

Events

Events are created to analyze the data in the occurrence of any events of traffic. The user can either create an event to analyze the impact of traffic on the complete Application or just the services offered as shown below.

User Defined Events

User defined events provide the detailed information of the various events created by the user such as services, application, host, smart flow and so on. It also provides the information such as the time at which the event was created/modified, the scope of the event, and the properties.

Blue/Green Events

The blue-green event is a technique that reduces downtime and risk by running two identical production environments called Blue and Green. At any time, only one of the environments is live, with the live environment serving all production traffic. The Blue/Green option in the events screen provides the various information such as Blue/Green event details, Type/Status of the Blue/Green event, and the Time at which the Blue/Green event occurred. The below figure shows the various information displayed on the Events page.

_images/image_events_NEW1.png

Creating a new Event

To create a new Event, follow the below steps:

  1. Click Configuration > Events, click NEW EVENT
_images/image_events_NEW2.png
  1. To create a new event for an Application, select the radio button next to Application in Scope.
_images/image_events_NEW3.png
  1. Click NEW EVENT. Provide the Name of the event, choose the scope of the event, provide the description, and the time at which the event is created and Save. The user can either create an event for an Application or a Service.
_images/image_events_NEW4.png

To view the Analytics data of the Events, go to Analytics > Events.

Note

Follow the same steps as above to create a new Blue/Green Event.

Alerts

An alert is a notification generated by the system, based on a condition (or set of conditions). An alert can be set for a specific service. As shown below.

The Alert condition allows the user to set different conditions depending on what alert notification user is looking for, the user can either set a single alert condition or multiple conditions based on the requirement. The user can choose any of the Alert conditions from the list below.

  1. Average CPU Utilization
  2. Sum Network In
  3. Sum Network Out
  4. App Server Errors (Count)
  5. WAF Events (Count)
  6. App Server Monitoring
  7. App Server Error Percentage
  8. App Server Connection Errors (Count)
  9. App Server Latency
  10. App Sever Pending Requests

Average CPU Utilization: Alerts are raised based on average CPU utilization over the previous threshold (in minutes) of application servers is above, below or equal to a specified threshold. This alert information typically helps to detect changes in load/traffic to scale the infrastructure accordingly.

Sum Network In: Alerts whenever the total size of the requests reaches a threshold over the previous threshold (in minutes). This alert information helps to detect if someone is trying to upload huge data, or if too much of data is coming in a short time. This alert may also flag an attack.

Sum Network Out: Alerts whenever the total size of responses reaches a threshold over the previous threshold (in minutes). This alert information helps to detect if someone is trying to download huge data, or if too much of data is being served over a short period of time. This alert may also flag any data theft.

App Server Errors (Count): Alerts the user when the count of Error responses from application servers reaches a threshold number over the last set threshold (in minutes). This information helps user to debug the servers for errors. This alert may also perform scanning prior to any attacks.

WAF Events (Count): Alerts are flagged based on the number of events generated by the Web Application Firewall (WAF) based on the policies applied. This alert helps user to check for an attack or false positives, upon which can block or fine tune the policies.

App Server Monitoring: Alerts user if an application server is responding to out of band health monitoring or not. This alerts helps user to check the application server for health and fix.

App Server Error Percentage: Alerts user what portion of traffic is resulting in errors. Alerts raised on absolute error counts may not always make sense. This alert helps user to troubleshoot the server when errors go disproportionately high.

App Server Connection Errors (Count): Alerts user if the count of the Application server failure, or if the TCP connection reaches or crosses a specified threshold. This alert information helps user to troubleshoot the application server for health issues or to scale the infrastructure.

App Server Latency: Alerts user if the average response time of any application servers reaches a threshold in milliseconds. This alert formation helps user to troubleshoot the application server for response time or to scale the infrastructure.

App Sever Pending Requests: Alerts user if the requests in the queue to be accepted are piling up or not. This alert information helps user to troubleshoot the application server or to scale the infrastructure.

Creating a new Alert

To create a new Alert, follow the below steps:

  1. Click Configuration > Alerts
_images/image_alerts_NEW1.png
  1. Click on NEW ALERT
_images/image_alerts_NEW2.png
  1. Provide the Name, set the Condition (check the box next to multiple conditions to set more than one conditions), set the duration in minutes, set the frequency of alert checks before any alert is raised.
_images/image_alerts_NEW3.png
_images/image_alerts_NEW4.png
  1. Check the box Send Email for an email to be sent to the registered account with alert notification. Also, check the box Webhook and enter the URL in the format https:// to which the alert related information is posted.
_images/image_alerts_NEW5.png