Alarms 

    NetFlow Analyzer generates and displays alerts once the configured threshold is violated, you can create Alert profiles based on you requirement from Settings -> NetFlow -> Aggregated/Real-Time Alert Profiles. Alerts are generated based on the RAW data collected in the database. 

    NetFlow Analyzer gives you the option to create two types of alert profiles:

    Real-Time Alert Profile - In a Real-Time Alert Profile the event is generated when the data usage threshold per minute is violated more than the permitted number of times.

    Aggregated Alert Profile - In an Aggregated Alert Profile the event is generated when the total volume/packets over the given period of time crosses the set threshold.

    You can see the alerts and its events based on the severity configured in Alert Profile like Critical, Trouble, Attention and Service down. You can click on the severity to get the list of Alarms generated for that severity. 

    You can click on the Filter icon to change the view of the Alarms in NetFlow Analyzer, also you can sort the alarms by time on which it is generated by clicking on the icon  on the left side column.

    Filter Description
    Active Alarms

    List up all the recent active alarms.

    All Alarms List up all the alarms for all category
    NFA Alarms  List only NetFlow Alarms
    NCM Alarms List only Network Configuration Add-on alarms
    Severity List Alarms based on severity an event has occurred
    Category List all category alarms

    You can set the different view from the right hand side top for Alarms to display under the Alarms tab using the below option:

    View Description
    List view  Allows you to view the Alarms in list view
    Block view  Allows you to view the Alarms in Block view
    Color view  Shows Alarms and events in color view based on severity
    Sorting  You can sort the Alarms based on Message, Source, Category, Technician, Severity, Time.
    Search  Allows you to search Alarms based on  Message, Source, Category, Technician, Severity, Time.

    You can click on each alarm for a detailed view on the Alert generated, and view the Traffic and Application statistics during the time the Alert was generated. Any technician who checks the alert can add notes for others to understand. 

    You can also delete an Alert form the view by selecting the Alert and then click on the delete icon  on the right side top. 

    Events 

    When an threshold is violated in your network, an event occurs and multiple events correlate to trigger an alarm. An event can not be deleted from the UI. Event for an Alert is stored for 7 days by default in the database and deleted automatically. 

    Types of Alerts

    NetFlow Analyzer allows you to customize alerts and the type of notification. You can choose to be notified via SMS, email, SNMP trap, SysLogs, web alarms, run a program, or log a ticket.

    1. For email and email based sms, email address will have to be provided.
    2. For Chat based alerts, NetFlow Analyzer intergrates with Slack. It helps you get notified via the 3. Slack channel when an alarm is generated.
    4. The Run Program option lets you automatically execute a script or a program when an alert is generated.
    5. The Log a Ticket option lets you log tickets in ServiceDesk Plus/ServiceNow when an alert is generated.
    6. Web Alarms notify you with a sound alert when a critical alarm is generated.
    7. For SMS based alerts can be generated by providing the mobile number.
    8. This option allows you to get notified through SysLog messages.
    9. This option allows you to get notified through SNMP Trap messages.

    Logging SDP Tickets

    NetFlow Analyzer also allows you to log alerts as SDP tickets. Service desk plus is available as an plug-in, and it has to be integrated with NetFlow Analyzer under Settings → Basic Settings → Add-ons/Products Integration → ServiceDesk Plus and configure the ServiceDesk Plus add-on integration, for this option to be available.

    For logging the alert as a ticket, provide ticket details such as category, priority, and group. You can also assign it to a particular technician based on severity and category of the alert. Every time an alert is generated, it will automatically be logged in as an SDP ticket and assigned to the particular technician, based on the details provided. You create a private knowledge base in SDP to resolve repetitive network bottlenecks quickly. You can also announce known network issues in SDP’s ‘announcements’ to help reduce number of tickets created for the same issue.