Tiered threshold monitoring

Document ID : KB000096474
Last Modified Date : 27/09/2018
Show Technical Document Details
Introduction:
Frequently, it is required to monitor and set alarms on thresholds for Bandwidth utilization so that these can then be used to notify relevant parties to take remedial action. This KB article outlines ow to do this.
Question:
How can a monitoring threshold rule be setup? For example, how can a rule be setup so as to raise the following:
  1. A CRITICAL alert on Bandwidth (BW) utilization when above 90% for 30 minutes.
  2. A MAJOR alert when BW Utilization is above 80% for 30 minutes.
  3. Then clear alerts and reset to Normal when below these.
Environment:
Any CAPM environment
Answer:
To get the tiered affect you must overlap the monitoring.  So:
  • For a MAJOR event, a breach would have to occur about 80% utilization for 30 minutes continuous (i.e. 80%-100%).  
  • The CRITICAL event breach would have to occur about 90% utilization for 30 minutes continuous.  When you get the critical event breach, both conditions will be satisfied so you will actually get 2 events (Critical and Major). 
The alert thresholds must be configured this way otherwise if the MAJOR event is set to 80% to 89% utilization and the CRITICAL event set to greater than 90% then events can be missed if the utilization fluctuates between 80% and 90%, and subsequently, alerts not raised.
Additional Information:
This is further explained in greater detail in our CAPM docops guide:

https://docops.ca.com/ca-performance-management/3-6/en/building/configure-threshold-profiles