Create Alerts
    • Dark
      Light
    • PDF

    Create Alerts

    • Dark
      Light
    • PDF

    Article summary

    Create alerts to be notified of important events and to run automated scripts.

    How do alerts work?

    The Edge DX alert system runs every minute and searches back through a specified data index for devices that match alert activation conditions. The length of time that the alert system searches back through the data index is called the Time Window. If a device matches the alert conditions a specified number of times (called Number of Hits), within the Time Window then that device activates the alert.

    For example, consider an alert with Time Window = 10 minutes and Number of Hits = 2. The alert activates if a device meets the alert conditions at least 2 times within the last 10 minutes.

    Note that some data from Edge DX is collected only once every 10 minutes, so we recommend that you use a Time Window of at least 600 seconds. Additionally, make sure that the Number of Hits is not too high for the data collection interval (for example, it is impossible for data collected once every minute to have more than 10 hits in 10 minutes).

    When an alert activates:

    • An event is stored in the System Events log with Type = ALERT.
    • The follow-up actions configured for the event are executed.

    Alert notifications identify all devices that have met the conditions for the alert.

    How to access your alerts

    To create new alerts or view/edit your existing alerts, go to the Devices section of the DEX platform and go to Configuration > Alerts.
    Alerts

    Create an alert

    1. On the Alerts page, click Add Alert.
    2. Enter a Name and a Description for the new alert.
    3. In the Conditions section, define the following fields:
      • Device Platforms - Determines which scripts are available to be selected as a follow-up action after the alert is activated. Note that the platform selection you make here does not determine which devices can activate the alert. To do this, you can add a condition to the alert based on the Platform field (1 = Windows, 2 = macOS, 3 = Linux).
      • Time Window - The length of time that the alert system searches back to check whether the alert's activation conditions were met. Read above for more information.
      • Number of Hits - The number of times that the activation conditions must be met within the Time Window for the trigger to activate. Read above for more information.
      • Retrigger Delay - The minimum duration between subsequent alert activations. If the retrigger delay duration has not passed since the last alert activation, then the alert won't activate even if it meets all of its conditions.
      • Data Index - The data index used for the alert's activation conditions.
      • Conditions - Click +Add Condition to specify the condition that causes the alert to activate. You can add multiple conditions, but they must be based on fields from the same data index. If you add multiple conditions, they all must be met for the trigger to activate (they are combined with AND operators).
    Important

    When creating an activation condition based on a text field (string), you must use "Contains" instead of "=". To see the data type of each field, open the relevant data index on the Data settings page and hover over the tooltip next to the list of columns in the index.

    1. Designate follow-up actions for the alert, to be executed when the alert is triggered. Select from the following follow-up actions:
    Action NameProcedure for Designating the ActionAction Executed when the Alert is Triggered
    Webhook URLEnter a URL.An HTTP POST is sent to the URL.
    System ScriptSelect a system script from the menu. (This option is available only if you selected a specific Device Platform in the alert's conditions.)The script is executed on the device that triggered the alert.
    User ScriptSelect a user script from the menu. (This option is available only if you selected a specific Device Platform in the alert's conditions.)The script is executed on the device that triggered the alert.
    SurveySelect a survey from the list. Only on-demand surveys are available in the list. Learn more.The survey is delivered to the device that triggered the alert.
    Email AddressesEnter an email address, or string of semi-colon separated email addresses.An email is sent to the email address(es).
    Create a ServiceNow ticketRead ServiceNow Integration for details on how to set up and use the ServiceNow integration.A ServiceNow ticket is created.
    1. Click Create Alert.

    Shortcut: create alerts directly from a device metrice

    When you are on the device drilldown page, you can click the alert icon next to a widget to quickly create an alert based on the metric shown in the widget. After you click the alerts icon, the relevant fields in the alert configuration page are preconfigured to target that metric.

    Edit or delete an alert

    To delete an alert, click the trash icon next to its name.

    To edit an alert:

    1. Click the alert's name.
    2. Make your changes to the alert configuration.
    3. Click Update Alert.

    It is not possible to temporarily disable an alert.

    Troubleshooting

    If your alerts aren't working as expected, consider the following tips:

    • If a device comes back online after a few hours and uploads its data you might not get an alert because the system takes into account the time that the event happened, NOT the time when it was uploaded to the server.
    • Check Configuration >Data to confirm that the the event you think you should have received an alert about was recorded in the database, and that its recorded _created_local time occurred within the configured Time Window.
    • Check if the Retrigger Delay is set too high. The Retrigger Delay parameter prevents you from being flooded with alerts every 60 seconds, but if it is configured to a value which is too high, you might not receive alerts for an excessively long period of time.

    Was this article helpful?