Alarm Analytics

doisaas
HID_Alarm_Analytics
DX Operational Intelligence
is a machine learning–driven, advanced analytics solution designed to help IT operations teams deliver a phenomenal user experience, improve service quality and drive operational efficiencies. 
By using Alarm Analytics in
DX Operational Intelligence
, you gain the following benefits:
  • Reduce alarm noise from multiple products
  • Correlate alarms across products to identify the root cause
  • View probability bands to determine buildup to an alarm
  • Fine-tuning alarm threshold by analyzing the historical pattern
Access Alarm Analytics
Alarm Analytics is a capability that provides overview and insights into service and derived alarms. You can view the following information in the
Alarm Analytics
page:
  • Service, raw, and anomaly alarms
  • Alarm situations
  • Alarms by device type and severity
  • Variance in alarms for a period across devices, groups, and services
  • Top five devices, groups, and services generating the most number of alarms
To access Alarm Analytics,
Follow these steps:
  1. Log in to DX Operational Intelligence.
  2. Click on the Distribution.png icon from the navigation-panel.
    The Service alarms page opens by default.
  3. After logging-in, you can access Alarm Analytics in the following ways:
    1. View Alarms in Context of a Service
      1. Click on the
        Services
        icon in the navigation panel.
      2. From the
        Services
        homepage, click on a service.
        The service summary page appears.
      3. Navigate to the
        Alarms overview
        section, where you can view the service alarms, anomaly alarms, and raw alarms for the selected service.
      4. Click on an alarm type. You can now view the alarms for the alarm type for the selected service.
    2. View Service Alarms
      1. Click on the Distribution.png icon from the navigation panel.
        The
        Service
        alarms
        page appears.
        By default, the
        Service alarms
        page lists service alarms that have been generated in the last one week.
    3. View All Alarms
      1. Click on the Dashboard Layout.PNG icon, click on
        All Alarms
        .
    4. View Situation Alarms
      1. Click on the Dashboard Layout.PNG icon, click on
        Situation Alarms
        .
Alarm Categories
Alarms can be classified into the following categories:
  • Anomaly Alarms:
    An anomaly alarm gets generated when a metric value deviation is detected by the Data Science Engine for the configured metrics, by using machine learning algorithms. This alarm is generated when a threshold is crossed for the configured metric value. For more information on Anomaly detection, see the Anomaly Detection and Dynamic Threshold Alerts use case.
  • Service Alarms:
    A service alarm is a group of alarms that affect one or more business services and are related to an incident, which is identified by the time it occurred and its root cause. The root cause is the alarm on the topologically deepest device in the affected business service. All situations reported by alarms in the group are due to the identified root cause.
  • Raw Alarms:
    Alarms that are generated from source products such as CA Unified Infrastructure Management, DX NetOps Spectrum, CA ADA, and DX APM or any custom data source.
  • Situations Alarms:
    Alarms are grouped based on context using machine learning algorithms. Clustering clubs alarms together based on distinct dimensions and groups them together for triage or further analysis. Thus, clustering enables users to filter through a huge number of alarms and analyze alarms that are contextually relevant.
Overview of the Alarm Analytics Page
The Alarm Analytics page displays the service, anomaly, situation, and raw alarms that are generated in the defined period. By default, the alarms that are generated for one week are displayed. The Alarms page displays a table of
Service
,
Situation
, and
All Alarms
with other details according to your selection criteria.
alarm table.png
The following table describes the various columns in the Alarms table:
Not all Columns are available for
Service
,
Situation
and
All Alarms
in Alarm Table.
Column Name
Description
Column / Row-level Alarm Action
Enables you to perform row level alarm actions or column level to perform bulk alarm action.
Severity
Indicates the severity of an alarm. The following colors indicate the severity:
  • Red: Critical
  • Orange: Major
  • Yellow: Minor
  • Light Blue: Informational
  • Black: Unknown
Alarm Type
Displays the alarm type.
Message
Displays the description for an alarm.
Entity
Indicates the device or application name.
Service(s)
Displays the service which is impacted by an alarm.
Source
Displays the product from which the alarm is generated.
Ticket
Displays the ID generated by ticketing system. Click
Open ticket
link to open a ServiceNow ticket corresponding to the alarm.
Owner
Indicates the owner of the the Alarm. If the alarm is Unassigned, click Dashboard Layout.PNG, select
Assign to
and assign the alarm to the respective person.
Last Updated
Displays the date and Time when the alarm was last updated.
Distribution.png
Click the column header to sort the Alarms table in ascending or descending order.
Alarm Actions
The Alarm actions let you perform a specific action on an alarm. These actions are categorized as follows on Alarm Analytics page:
  • Alarm Management
  • Ticket Management
  • Email Notification
AlarmManagementGIF
Prerequisite:
The following table describes the supported alarm actions for different alarm types and source products:
Source Product
Alarm Actions
DX NetOps Spectrum
acknowledge, unacknowledge, ticket, assignment, unassignment, clear
CA UIM
ticket, assignment, unassignment, clear, Hide, UnHide
DX APM
acknowledge, unacknowledge, ticket, assignment, unassignment
CA ADA
acknowledge, unacknowledge, ticket, assignment, unassignment
Alarm Type
Alarm Actions
Anomaly alarm
acknowledge, unacknowledge, ticket, assignment, unassignment
Custom alarm
acknowledge, unacknowledge, ticket, assignment, unassignment
Notes:
  • If the Southbound Gateway to Spectrum and UIM is configured then only action updates will be sent to the source products. Otherwise, alarm actions will be within
    DX Operational Intelligence
    .
  • Any Spectrum and UIM alarm action update in DX Operational Intelligence is sent to DX NetOps Spectrum and CA UIM products.
  • Any alarm actions update in DX Operational Intelligence is not sent to CA ADA and DX APM products.
  • For anomaly, prediction and custom alarms, the alarm action updates will be within DX Operational Intelligence.
  • Clearing service alarms will clear all related alarms.
  • If a root cause alarm is cleared, all underlying alarms get closed and the service alarm gets closed.
  • If a root cause alarm is cleared and root cause alarms get generated, the service alarm will not be closed.
  • Alarm action on multiple UIM or Spectrum setups is not supported.
  • No alarm actions are supported for the Situation alarm.
Alarm Management
You can use the bell icon.png icon to manage alarms, acknowledge assigned alarms and clear the assigned alarm.
Follow these steps:
  1. In the
    Alarm Analytics
    page, select multiple alarms from the Alarms table and click the (bell) icon to perform bulk operations. Alternatively, click elliptical.png  next to
    Owner
    column to perform a single alarm action. The Alarm Management menu appears.In this dialog, you can perform the following actions:
    alarm view.png
    • Click the
      Assign to
      option and select the user to whom the alarm is to be assigned.
    • Click the
      Acknowledge
      option to acknowledge the alarm. A green tick appears, which indicates that the alarm is acknowledged.
    • Click the
      Clear
      option to clear all alarms.
    • Click the
      Hide
      option to hide the alarm detail in the database. The alarm in the user interface is grayed to indicate that the data is hidden in the database.
    • Click the
      UnHide
      option to un-hide the alarm detail from the database.
    • Click the
      Un-Acknowledge
      option to un-acknowledge for an alarm.
    • Click the
      Un-assign
      option to remove the assignment for an alarm.
Ticket Management
You can manage tickets in ServiceNow directly from the Alarm Analytics page. You must configure the ServiceNow notification channel to manage tickets update.
  1. Select alarms from the table and click the Ticket Management Icon.png (Ticket Management) icon.
  2. Click
    Open ticket
    to open a ServiceNow ticket corresponding to the alarm. Alternatively, click the
    Open Ticket
    link under the
    Ticket
    column for an alarm.Email Notification table.png
  • For service alarm, you can open a service alarm ticket or root cause ticket by clicking the
    Open Ticket
    link under the
    Ticket
    column.
  • The Open Ticket link is visible only when the ServiceNow notification channel is configured.
You can redirect back to the DX Operational Intelligence user interface by using the link provided in the ServiceNow ticket. Also, you can redirect back to DX Operational Intelligence by using the link sent through email, a ticket is created for the selected alarms in ServiceNow.
Email Notification
You can notify users about an alarm directly from the Alarm Analytics page. You must configure the SMTP server to send emails to the recipient. Click the Email Notification Icon.png (Email Notification) icon. Select one or more distribution lists to notify them about the alarm through email.
If you do not configure the SMTP server, a success message appears but the email is not sent to the recipient.
Email Notification table.png