Alert Management

Common Alert Management Scenarios

  • Alerts in SCOM

Alerts in SCOM are generated by individual rules or monitors to indicate a specific issue. A monitor can generate an alert when it enters an error state while a rule may generate an alert to indicate some critical issue that is not directly related to the health of a managed object. Management packs include a variety of workflows that create alerts for the application or service that they manage. Part of the process of configuring a new management pack is tuning it to ensure that you don’t receive excessive alerts for issues that you don’t consider critical. Live Maps will help you tuning alerts settings with its alert management features.

  • SCOM Alert Storms

It is not uncommon for a mid-size enterprise to get over 1,000 alerts every single day. For an IT team of 2 or 3 people, clearly this is not sustainable to respond to and the usual result is to ignore the alerts and leave the SCOM console away from view. With its alert management features, Live Maps helps to suppress the 80% of alerts that are non-critical and highlight those alerts that require immediate attention as business affecting. Providing a 360′ degree view of the Business Services also helps you to correlate the issues affecting end-users which are related to application or infrastructure issues.

  • SCOM Cascading Alerts

Another common scenario is SCOM cascading alerts. In many occasions one critical failure in the IT environment will set off a cascade or flood of alerts that can overwhelm a System Admin who doesn’t know where to start on the root-cause. Live Maps helps group these alerts and supress them down to individual business services. Using the related services ability within Live Maps further helps pinpoint the initial point of failure that has affected downstream services. A common example is a failure in Active Directory which feeds many other business services such as Exchange and Sharepoint.

  • SCOM Tuning

A standard practice for all SCOM administrators is to “Tune” all of the Management Packs to limit the number of alerts. This means changing the alert thresholds of monitored objects so they only generate alerts when items go critical. SCOM uses a Health Roll Up which means that if any object in a Group goes red then the red state flows up to the highest level object in that Group. A common practice is too turn off the alerts for lower level objects which solves the Alert Storm problems. Live Maps alert correlation means that only business impacting alerts are prioritized, removing the need for time spent on SCOM tuning. Read more about SCOM tuning the easy way here.

Our Solution

Live Maps Alert Management for SCOM and OMS

Live Maps groups all of the objects in System Center Operations Manager (SCOM) into their related business services using three perspectives: End-user/Application/Infrastructure. We use the End-user perspective as the primary indicator of a business service and show its related SLA. Only if an end-user is affected then it should count against your main SLA. When the application or Infrastructure layer go red it is a signal to the IT Operations team that some action is needed but not as critical as when the end-user is affected. Only alerts that affect the overall performance of the business service are highlighted in a red/yellow/green fashion. Notifications are sent only when a Business Service goes red rather than an individual component that is fully redundant.

View Live Demo >
  • “If there was a problem in SCOM, we would get countless email alerts that wouldn’t necessarily point out what or where the problem was. Live Maps does an excellent job of telling us where we need to look so we can quickly get to the root-cause of the problem and solve issues before the residents are affected.”

    Peter Bol
    Systems Engineer - Municipality Aphen aan de Rijn
  • “Savision Live Maps provides the context necessary for us to properly find the most important alerts. Understanding the service’s context has really helped us zero in on what alerts we need to act upon.”

    Jens Hübel
    Head of the IT Control Center - City of Frankfurt

Fill in the form below and access our online demo