What is an Alert?

Alerts are a key component of the Enginsight platform. They allow you to be alerted when a specific event or problem occurs in your IT infrastructure. This can be a website failure, newly installed software, certain behavior of captured metrics and much more.

You can also use Alarm to react autonomously to a system event. Via Plugins you can run a script on one of your hosts or use alarms triggered by Webhooks outside the Enginsight platform, e.g. for a ticket system.

Alert Overview

In the overview, you can check all the alarms you have added and search them using the search bar. You can also sort the alarms according to when they were last modified or created.

You can also see from the alerts overview...

• which and how many assets are being monitored.

• whether there is an issue for an alert.

• who should be notified when the alert is triggered.

From the overview you can also disable and delete alerts.

Issues-Overview

At Issues you can display all triggered alerts.

Further information on issues can be found here.

Create an Alert

You can create a new alert under 'Alerts' → 'Create Alert'. First define an 'Kind of Alert'. Here you define whether the alert should be triggered by a event of a host, endpoint, observation or watchdog.

Next, you configure the alarm by making 'General Settings', specifying the type of 'Notification', setting 'Automation' and 'Additional Options'.

Listing of all alerts

Quick Alerts

You will also find Quick Alert buttons distributed throughout the platform. For example, on metrics, processes or certificates.

By clicking on a Quick Alert button, you can immediately switch the corresponding alerts.

General Settings

First define a 'Reference', i.e. which host, endpoint, observation or watchdog an alert should be set to. You can either switch alerts to a specific asset (Exclusive) or via tags ("All with the tags") to multiple assets at once.

Under 'Requirement' you define the scenario that should trigger the alert, e.g. an increased CPU usage.

Now define a 'Description' of your alert. You can either give it a title or enter complete step-by-step instructions on how to react to the alert. If your description is longer, you can also enter an alias so that you can still see a handy title in the alert overview.

Notifications

Under 'Notifications' you can define who should be informed by e-mail or additional notification channels (Messenger integration or SMS). The alerts always appear in the issues overview, visible to all team members.

You can either select individual users or add the alert to a group.

Groups

The team members added to Enginsight can be grouped together. This makes the management of alerts much more effective as they can be assigned to a group of people with a single click. For example, groups for specific departments can help you ensure that the right team members are getting notified.

You can create new groups and edit existing groups under 'Settings' → 'Groups'.

Messenger integrations

Besides the possibility to be notified by email or SMS, we are working on integrating different messenger services. So far, these include Slack, Mattermost and Microsoft Teams. To be informed in this way, you only need a simple link between your Enginsightaccount and the messenger service. Here you can find the instructions for the messenger integration of Slack, Mattermost and Microsoft Teams.

Teams Notification

Microsoft Teams is an instant messaging service for communication within work groups. With Enginsight it is possible to connect a desired team channel to the alert system with just a few clicks.

Linking of Teams and Enginsight

To connect a Team Channel to Enginsight, first switch to Teams (either as an app or in the browser). Then use the left navigation menu to go to Teams. Here you can now select the channel where you want to be notified by alerts. If you want to create a new channel for this purpose, use the button on the bottom left.

Now switch to the desired channel. In this example, we will use the 'General' Channel of the 'Enginsight Development Team'. Then click on the 3 dots next to the channel and select 'Manage Teams'.

Then go to 'Apps' and then click 'More Apps' to prepare this channel for incoming Webhooks.

Then search for Webhook and click on the suggested App 'Incoming Webhooks'.

This will open a window in which you can see the team to which you are adding this app. If this is not the desired team, switch to the team you want to be notified and search for 'Webhook' among the different apps. Then click on Install.

Now you can select the channel of the team where you want to be alerted. Then click on 'Set up'.

Now you can assign a name that will be displayed as the sender of incoming alerts. You can then, if you want, upload a logo which will be displayed as sender image. Then click 'Create' to get a link that you need to place in the Enginsight platform.

Copy the link and then click Done. You have already set up everything you need in teams and can switch to the Enginsight platform.

Just copy the link and paste it into your Enginsightaccount, under the section Additional Notification via Microsoft Teams, for all desired alerts.

You will then receive the following messages for triggered and corrected alarms:

Slack Notifications

Slack is an instant messaging service for communication within working groups. With Enginsight it is possible to set up an alert that will alert you via Slack in addition to mail.

Linking of Slack and Enginsight (automatic)

Go to the desired alarm, which shall cause a slack notification when triggered. Under the item 'Other Options' you will find the option 'Additional notification via Slack'. Select the checkbox to open the tab and then click on 'Connect to Slack'.

Then log in to any of your workspaces in the popup window. You should then be able to select a channel in which the notifications should be sent. Then click on 'Authorize' and the linking is complete.

If the automatic linking fails and no slack channel has been set, you can also add slack manually. The instructions for this can be found right below this paragraph.

Mattermost Notification

If you already use Mattermost, you can connect your Enginsight to any channel with a few clicks.

Linking of Mattermost and Enginsight

First switch to Mattermost. Call up the 'Main Menu' in any channel by clicking on your name or the menu icon in the upper left corner. Then select 'Integrations' to release incoming webhooks.

A new window will be opened. Click here on 'Incoming Webhooks'.

Now you have an overview of all allowed webhooks. You can delete or edit them at any time. To create a new Webhook click on 'Add Incoming Webhook' in the upper right corner.

Now you can name the Webhook, give it a short description and select the channel where the alarms should be posted.

That was it already. Just copy the link and add it to all desired alerts in your Enginsightaccount under the section 'Additional Notifications via Mattermost' within each alert.

Automation

You have automation possibilities via alerts either with webhooks or with plugins.

Webhooks

Webhooks offer you the possibility to use triggered alerts outside the Enginsight platform. For example, do you have an internal messenger in your company? Use Webhooks to use information about alerts directly in other applications.

Create Webhook

Under the navigation item 'Alerts' you will find the subitem 'Webhooks' on the left side. If you have not yet created a Webhook, you can click on the 'Create Webhook' tile in the middle of the screen. If not, you will find the same button in the upper right corner.

In addition to a meaningful name and a description, you can now specify the target, the method and the type of content. You also have the option of transmitting user-defined HTTP headers to your webhook, which enables flexible customization and control of HTTP requests.

Then click 'Add Webhook' to create the Webhook.

Format of a Webhook

Here you can find information about the format of a webhook:

{
    "resolved": false,
    "belongsTo": "endpoint",
    "alert": {
        "name": "Testalarm",
        "_id": "123456789abcdefAlert"
    },
    "scenario": {
        "payload": [{
            "triggered": true,
            "value": 1000,
            "threshold": 100,
            "operator": "gt",
            "aggregator": "avg",
            "scenario": "property",
            "property": "endpoints_websites.website.total"
        }]
    },
    "reference": {
        "hostname": "https://www.         .com/",
        "_id": "123456789abcdefReference"
    }
}

This example shows a POST Method Webhook that was triggered by an alert that controls the response time of an endpoint. Under 'Alert' you get the internal ID and the name of the corresponding alert. Under 'Scenario' you find the payload with all relevant functions such as threshold, measured value and information about the type of alert (scenario, property, ...). Under 'Reference' you find the information about the reference of the alarm. The field 'Resolved' indicates whether the alert is currently triggered or has been resolved. The attribute 'belongsTo' defines the type of reference (host, endpoint, observation).

Plugins

By using plugins you can set autonomous reactions to your host in response to a triggered alarm.

You can read more about plugins here.

Additional Options

As further settings you can assign an alert category to the alert, namely either "Information", "Warning" or "Critical condition". This determines how often the new alert is triggered and thus also how often an e-mail is sent.

• Critical condition: 1 time per day

• Warning: 1 time per week

• Information: 1 time per month

The alert option 'Inform Responsible Persons' allows you to automatically notify the responsible persons defined for the asset about triggered alerts, even if they have not been manually defined as recipients.

You can also activate an 'Additional Notification' when the alert has been resolved, i.e. the alert scenario no longer exists.

Finally, you can also 'deactivate' the alert directly. This allows you to prepare alerts without directly activating them.