Step 8 - Escalation

Define alert groups and alert recipients

Overview

When a device group unexpectedly goes offline, alerts are escalated to alert groups that you define. Generally, alert groups are organised around support function. For example, a Comms alert group is linked to switches, routers, firewalls, and load balancer device groups, and a Systems alert group is linked to Linux, MySQL, and Apache device groups. You can also define specific instructions for sending alerts to a given alert group.

During installation, Megamon creates default alert groups and example recipients.

Recipients define who receives alerts for specific alert groups. The contact field for a recipient can contain an email address for plaintext or HTML email alerts or mobile phone number for SMS alerts.

Note: A single recipient can be a member of multiple alert groups.

Add a new alert group

To add a new alert group, complete the following steps:
  1. Navigate to SettingsEscalation
  2. Select the Groups tab.
  3. Select Add Alert Group.

Configure recipients

To configure who receives alerts and how, navigate to Settings → Escalation then select the Recipients tab.

A small number of recipients are partially set up during the installation process to demonstrate different ways that you can configure recipients.

Recommendation: Edit the default 'All alerts' recipient to capture an alert.

Send a test alert

To send a test alert, complete the following steps:

  1. Navigate to SettingsEscalation
  2. Select the Recipients tab. 
  3. Select Send Test to send a test email or SMS alert. 

Sending a test alert confirms both the alert recipient and the SMTP server configurations are working correctly.

Alert recipient schedules

You can define recipients who only receive alerts during specific periods of time. Megamon defines these periods of time as Alert Schedules. Alert schedules are useful for teams who work shifts and recipients need to change every eight or nine hours.

Create a new alert schedule

To create a new alert schedule, complete the following steps:

  1. Navigate to SettingsEscalation
  2. Select the Recipients tab. 
  3. Select Schedule for a recipient in the table.
    The popup dialog shows all existing schedules for this recipient.
  4. Select Add Active Period.

You can specify multiple active periods to accommodate both simple and complex schedules.

Note: Active recipients who do not have any active schedules receive alerts at all times.

Regular expression alerts

Megamon can use regular expressions (regex) to generate alerts from syslog entries for devices that are configured to send syslog messages to Megamon. Megamon comes with a sample set of regex alerts, but you can define any number of custom regex alerts for syslog messages.

Add a new regex alert

To create a new regex alert, complete the following steps:

  1. Navigate to SettingsEscalation
  2. Select the Regex Alerts tab.
  3. Select Add Regex Alert.