Troubleshooting alerts

You can troubleshoot alerts by running predefined actions on an alert, including administrative actions such as acknowledging an alert and creating a ticket based on an alert, and information retrieval actions, such as running ping or traceroute commands against the resource on which the alert occurred.

Procedure

  1. Click an alert of interest in the table on the Alerts page..
    A side panel that contains multiple information sections opens in the table. The first section is called the Actions section and displays a set of actions that can be performed on the selected alert.
    If you to perform actions on multiple alerts in one go, then select multiple alerts using Shift-Click.
  2. In the Actions section, select the action to perform on the alert.
    The actions available are as follows. For more information on each of these troubleshooting actions, see the links at the end of the topic.
    Acknowledge
    Acknowledge an alert when you want to work on that alert. You must be the alert owner to perform this action.
    De-acknowledge
    De-acknowledge an alert if you are no longer working on it. You must be the alert owner to perform this action.
    Create new incident
    If you believe that multiple alerts form part of a single real-life incident, then you can create a new Netcool® Operations Insight® incident based on those alerts. For more information, see the Creating incidents link at the end of the topic.
    Add to incident
    If you believe that one or more alerts belong together with an existing Netcool Operations Insight incident, then you can add those alerts to that incident. For more information, see the Creating incidents link at the end of the topic.
    Prioritize
    Use this command to change the severity of an alert. You must be the alert owner to perform this action.
    Suppress/Escalate
    Suppress an alert to remove it from all operator alert lists. Escalate an alert to promote it to the Escalated alert list filter, where it can get attention from a wider range of support people. You must be the alert owner, in order to perform these actions.
    Take ownership
    Take ownership of an alert if you want to work on resolving that alert. Once you have ownership of an alert, you can perform other actions on it such as Acknowledge, Prioritize, Suppress, Escalate, and Delete.
    User Assign
    Use this command to assign an alert to another user. That user then becomes the alert owner.
    Group Assign
    Use this command to assign an alert to a group.
    Delete
    Delete an alert to remove it from the alerts list. You must be the alert owner to perform this action.
    Ping
    Use this command to run the ping command against the network resource specified in the Node field of the alert.
    Event Search
    Use this command to perform a historical alert search against the selected alert.
    Create ticket
    Use this command to create a ticket for the selected alert.
    Search Humio
    Run this command to retrieve Humio data for this alert.
    Note: This alert is only available if the Humio integration has been set up. For more information, see the Adding the Search Humio action link at the end of this topic.