Root Cause Analysis (RCA) plugin
The root-cause analysis (RCA) plugin receives a subset of enriched events from the Event Gateway and determines which of the events are root cause and which events are symptoms. RCA only receives events that affect the routing of traffic through the network.
A failure situation on the network usually generates multiple alerts,
because a failure condition on one device may render other devices
inaccessible. The alerts generated indicate that all of the devices
are inaccessible. Network Manager performs
root cause analysis by correlating event information with topology
information, thereby determining which devices are temporarily inaccessible
due to other network failures. Alerts on devices which are temporarily
inaccessible are suppressed, that is, shown as symptoms of the original
root cause alert. Root cause alerts are shown in alert lists and topology
maps; if the severity_from_causetype
ObjectServer
automation has been created and enabled, then these root cause alerts
have the highest severity so that operators can easily identify them.