Maintaining and debugging automation policies

Effectively maintain your Cloud Pak for AIOps policies and debug issues that might arise. The following sections contain some suggestions for finding the relevant policies, determining their usage, and seeing potential issues.

Determining what policies are firing for alerts

The Alert details side panel is accessed in the Alert Viewer. Double-click an alert in the table to display the Alert details for that alert. The Information section is open by default. From here, you can access additional information about the alert properties including policy information.

  • Click Raw to display the raw alert property data in JSON format. In this example, under "insights" you can see the policy ID that is associated with this alert.

    Policy ID in Alert details
    Figure. Policy ID in Alert details

  • The Alert details side panel also contains policy information for alerts that are grouped based on scope. To view this, collapse the Information section and expand Scope-based grouping. Click Scope-based policy associated to this alert to go directly to the associated policy in the Policies UI.

    Scope-based policy link in Alert details
    Figure. Scope-based policy link in Alert details

Finding policies that are related to incidents

  • An Incident overview shows you the automation policy that created the incident. To access an incident overview:

    1. In the main navigation menu, click Operate > Incidents.
    2. From the Incidents tab, select an incident from the list and click the text in the Title column.

    The side panel with the source policy is displayed by default on the Incident overview page. Click the link to go directly to the associated policy in the Policies UI.

    Source policy in incident overview
    Figure. Source policy in incident overview

Using the policy table and side panel to determine policy usage and issues

  • When something unexpected occurs, for example an incident gets created and you don't know why. Or a runbook is attached to a specific alert and you don't know why. The first place that you can go to investigate is the Policies UI. Click the Last run column header to sort the policies by the date and time they last ran. Now, you can see the policies that fired and caused the unexpected occurrence.

    Sort policy table by Last run
    Figure. Sort policy table by Last run

  • When you click a policy of interest in the table, a Policy details side panel with multiple information sections opens on the right side of the table. Here you can see how many times a policy has failed, and the last time it failed.

    Other useful information that you find in the side panel are things like the Matched count. If something is occurring too often, there will be a high match count. Conversely, a policy with a matched count of 0 that has been in the system for a month is not benefitting you because it's not running. A policy that isn't running does not have a Last run time and does not have a Matched count, so you can use these measures to determine whether you have policies that are firing too much or not enough.

    Policy details side panel
    Figure. Policy details side panel