User’s Guide – version 1.6 | NetWatch |
Chapter 4- The Alerting System
How NetWatch Alerting Works
NetWatch can throw alerts when certain events occur or if thresholds are exceeded on the network. When an alert is thrown, it is logged to the database and displayed on the http reports and indicated on the NetWatch visuals. It can also be forwarded to various recipients.
What Can Trigger an Alert?
There are various different types of alert, all caused by different events or conditions:
Device Alerts
These are alerts that occur on a device as a whole. Currently there is one type of device alert:
-Service List Alert
This alert is triggered whenever services are added to or removed from a device. This can happen, either during manual discovery of a device in the Edit Devices or Add Devices sections, or automatically, if NetWatch detects that SNMP interfaces have been added or removed from a router.
To add or edit the Service List Alert, go to Add Devices or Edit Devices in the Admin section and proceed through the wizard to Step 3. Select the option to “Record an alarm if services are added to or removed from any of these devices”.
Service Alerts
These alerts can be triggered on one or more services within the devices:
-Status Change Alert
Triggered when a service changes state. This is relevant to all services that have the concept of state, i.e. Ping Test, TCP Port Test and SNMP Interface test
-Response Time Alert
Each of the services mentioned above involves a poll of some sort, whether it be a Ping operation, TCP port connection or an SNMP poll. These services are configured with an expected response time for the operation. NetWatch can trigger an alert when the response time exceeds a set multiple of that expected response time.
-Utilisation Alert
You can set network traffic thresholds for the purpose of alerting. The utilisation alert will trigger when traffic rises above a set percentage utilisation, either immediately or after the traffic level is sustained over a specified time period.
27