Alert Summary Widget

The Alert Summary widget provides summary of alerts by severity or resource, aggregated by number of alerts or occurrences. Perform the steps below to configure settings for the Alert Summary widget.

Data

The Data tab enables you to select the resources for which you want to view the alert summary.

Perform the following steps to set the widget settings for Data tab.

  1. For datasource and resource type settings, please refer to section Select Widget Resources in section Create.
    Important:
    Resource Type, Object, allows you to search on object description, device display name, and plugin.ObjectName. You must enter a string in double-quotes. Search can also be performed on a word. You may enter one or more strings/words in Resource Type > Object.

    Example# 1
    If you enter "IP of device" echo CPU196640, these are 3 key terms to search on. All objects containing IP of device, echo, and CPU196640 will be available to choose from.
    IP of device is in double-quotes as the search is on all words with space in between. A string can have one or more spaces in it.


    Example# 2
    If you enter IP of device echo CPU196640, these are 5 key terms to search on. All objects containing IP, of, device, echo, and CPU196640 will be available to choose from.


    Example# 3
    If you enter CPU, all objects containing CPU will be available to choose from. It can return objects such as CPU196640, CPU196632, etc.

  2. Alert Summary visualization does not support Result limit.
  3. Click Run to generate an Alert Summary report based on the configuration.
    Note: Run button is only available when one or more fields are changed in the Data tab.

    Example

    Alert Summary Data

Analyze

The Analyze tab enables you to define settings for the data you retrieve and to use data analysis features.

Alert Summary Analyze

Perform the following steps to set the widget settings for Analyze tab.

  1. Under AGGREGATION, select one of the following options.
    Important: From Charts tab, if Summary visualization is chosen, only aggregation by Severity is supported. You will notice that Severity option will be chosen by default and you will not be allowed to change the aggregation. Aggregations by Device, Device Group, and Object Group are not supported.
    From Charts tab, if Treemap visualization is chosen, aggregations Device, Device Group, and Object Group are supported. It does not support aggregation by Severity.
    1. Device - to display alerts for specific devices.
    2. Device Group - to display alerts at the device group/device type level.
    3. Object Group - to display alerts for specific object groups.
    4. Severity - to display alerts by severity.
  2. Under DISPLAY AS, select one of the following options:
    1. Occurrences - to dis play the number of occurrences of alerts.
    2. Distinct - to display the number of distinct alerts.
  3. Under Time, by default, timespan / time zone selected is All Time New_York. Click the button to change the timespan / timezone. Select one of the following options:
    1. Past n hours, days, weeks, months, quarter, year - to display data from n hours, days, weeks, months, quarter, or year ago until now.
    2. Today - to display data from 12:00am today until now.
    3. Yesterday - to display data from 12:00am yesterday until 12:00am today.
    4. Last week, month, quarter, year - to display data from 12:00am on the first day of the last completed week, month, quarter, or year to 11:59pm on the last day of the last completed week, month, quarter, or year.
    5. This week, month, quarter, year - to display data from 12:00am on the first day of the week, month, quarter, or year until now.
    6. Customize the time span with From and To date / time.
    7. Click Select button to choose the modified timespan / time zone.

Filter

The Filter tab enables you to apply filters to display the results.

Alert Summary Filter

Perform the following steps to set the widget settings for Filter tab.

  1. Click the Attribute drop-down and select one of the following options. Perform the actions for the item you select.
    • Alert ID - to filter results by the alert ID.
      1. Click the Operator drop-down and select Equals to display results that match the value you specify. Select Not equals to display results that do not match the value you specify.
      2. In the Value field, specify an alert ID.
    • Alert Status - to filter results by the alert status.
      1. Click the Operator drop-down and select Equals to display results that match the value you specify. Select Not equals to display results that do not match the value you specify.
      2. Click the Value drop-down and select one of the following options:
        • Open - to apply the filter to open alerts.
        • Closed - to apply the filter to closed alerts.
        • Both - to apply the filter to both open and closed alerts.
    • Alert Type - to filter results by the alert type.
      1. Click the Operator drop-down and select Equals to display results that match the value you specify. Select Not equals to display results that do not match the value you specify.
      2. Click the Value drop-down and select one of the following options:
        • Traps - to apply the filter to traps.
        • Alerts - to apply the filter to alerts.
        • Flow - to apply the filter to flow.
    • Assignee User - to filter results by the user the alert is assigned to.
      1. Click the Operator drop-down and select Equals to display results that match the value you specify. Select Not equals to display results that do not match the value you specify.
      2. Click the Value drop-down and select either a user or Unassigned.
    • Device Name - to filter results by the device name.
      1. Click the Operator drop-down and select Contains to display results that contain the value you specify. Select Doesn't contain to display results that do not contain the value you specify.
      2. In the Value field, enter complete or part of the device name.
    • Message - to filter results by the alert message.
      1. Click the Operator drop-down and select Contains to display results that contain the value you specify. Select Doesn't contain to display results that do not contain the value you specify.
      2. In the Value field, enter complete or part of an alert message.
    • Policy ID - to filter results by policy ID that triggered the alert.
      1. Click the Operator drop-down and select Equals to display results that match the value you specify. Select Not equals to display results that do not match the value you specify.
      2. In the Value field, specify a policy ID.
    • Policy Name - to filter results by policy name that triggered the alert.
      1. Click the Operator drop-down and select Equals to display results that match the value you specify. Select Not equals to display results that do not match the value you specify.
      2. In the Value field, specify a policy name.
    • Severity - to filter results by the alert severity level.
      1. Click the Operator drop-down and select Equals to display results that match the value you specify. Select Not equals to display results that do not match the value you specify.
      2. Click the Value drop-down and select an alert severity level (Emergency, Alert, Critical, Error, Warning, Notice, Info, Debug).
    • Show Ignored - to filter results by whether alerts have or haven't been ignored.
      1. Click the Operator drop-down and select Equals to display results that match the value you specify. Select Not equals to display results that do not match the value you specify.
      2. Click the Value drop-down and select one of the following options:
        • Yes - If you selected Equals, this displays ignored alerts. If you selected Not equals, this omits ignored alerts.
        • No - If you selected Equals, this omits ignored alerts. If you selected Not equals, this displays ignored alerts.
    • Threshold ID - to filter results by the ID of the threshold that triggered the alert.
      1. Click the Operator drop-down and select Equals to display results that match the value you specify. Select Not equals to display results that do not match the value you specify.
      2. In the Value field, specify a threshold ID.
    • Threshold Name - to filter results by the threshold name.
      1. Click the Operator drop-down and select Equals to display results that match the value you specify. Select Not equals to display results that do not match the value you specify.
      2. In the Value field, enter complete or part of the threshold name.
  2. Click Add to add the new filter. The filters you add appear under the Add/Remove buttons.
  3. To remove any filter(s) from the list, select the check box for filter(s) you would like to remove and click Remove.

Linking

The Linking tab enables you to select a data element and link it to a related report or report template. Perform the following steps to add, delete, and edit links.

Alert Summary Report Linking

Perform the following steps to set the widget settings for Linking tab.

  1. Include report links allows report consumers to click on a data element such as, device name, and link it to the related report. Enable to include the report link that you configure. If you want to prevent the report link from being included, disable it. Continue with the steps below to configure the report link.
  2. By default, Report Link 1 is enabled.
    Note: If you wish to exclude the report link, disable Report Link 1.
  3. The Clicking on drop-down has only one possible data item - Value. When report linking is enabled, clicking on this data item will link to the report or report template that you specify below.
  4. Click the Links to report drop-down and select one or more reports or report templates to display when you click on the data item that you specified in the previous step.
  5. To remove the report link, click images/Trash icon.png.
  6. If the report link has been deleted, you may click images/Add report link button to add.

Charts

The Charts tab enables you to define how you want to display the report data.

Visualizations

The charts provide 4 visualizations.

Alert Summary Visualization Charts

Summary

Important: The Summary visualization only supports aggregation by Severity. It does not support aggregations by Device, Device Group, and Object Group.

The Summary visualization displays the total number of alerts for the specified resource. Perform the following steps to set the widget settings for the Summary visualization.

  1. Select the Summary visualization by clicking Alert Summary visualization.
  2. SUMMARY TITLE
    1. Enable Show title to enter the title name in the text field provided and display it in report. Else, disable it.
    2. Enable Show subtitle to enter the sub-title name in the text field provided and display it in the report. Else, disable it.
      Note: Subtitle in the report only shows the resources that the user has permissions to view.
  3. SUMMARY VISUALIZATIONS
    1. Select the Include time span check box to display the time span at the top of the visualization.
    2. Select the Breakout by severity check box to display the total number of alerts for each severity level in addition to the total number of all alerts.
    3. Select Don't show severities with zero occurrences check box to hide the severities that have zero occurrences.

    Alert Summary visualization
  4. Click images/ChainTo icon to chain to Alert Details, Alert Summary, or Logs.

    Example: Chain Alert Summary to Alert Details
    Select severities Critical and Error in Alert Summary. You will see the chained Alert Summary > Alert Details show all instances of severities Critical and Error in the report.

    Alert Summary visualization

Pie

The Pie visualization displays the data as a pie graph. Perform the following steps to set the widget settings for the Pie visualization.

  1. Select the Pie visualization by clicking Pie icon.
  2. PIE CHART TITLE
    1. Enable Show title to enter the title name in the text field provided and display it in report. Else, disable it.
    2. Enable Show subtitle to enter the sub-title name in the text field provided and display it in the report. Else, disable it.
  3. PIE VISUALIZATIONS
    Important: In the Pie visualizations below, aggregation selected from Analyze tab is Device.
    1. It provides 3 different visualizations.
      • Donut
        Alert Summary Pie visualization - Donut
      • Pie
        Alert Summary Pie visualization - Pie
      • Nightingale
        Alert Summary Pie visualization - Nightingale
    2. Select Don't show severities with zero occurrences check box to hide the severities that have zero occurrences. This field is only available when Analyze tab > AGGREGATION has the Severity option selected.
    3. Under Radius, extend the bar to the right to increase the radius or shorten the bar to decrease the radius.
    4. Enable Show labels to display labels for the device name, object name, indicator name, and percentage of the pie graph. Else, disable it.
    5. Enable Show tooltip to display tooltips when you hover over sections of the pie graph or over labels (if labels are used). Select the check box for each of the following options that you would like to apply to the tooltips:
      • Severity - to display severity levels.
      • Occurrences - to display the number of occurrences of alerts.
      • Distinct - to display the number of distinct alerts. If you do not want to display the tooltips, disable Show tooltip.
    6. Enable Enable "Others" to add a slice called Others that rolls up values below the percentage value entered in field Percentage.
  4. LEGEND
    1. Enable Enable legend to display a legend for the graph. Else, disable it.
    2. Select one of the following options:
      • Standard - to display legend in the standard format.
        • Click the Position drop-down to specify where you would like the legend to appear in relation to the graph. The position is set to Bottom by default. Other options include Top, Left, and Right.
      • Table - to display the legend in table format. Select the check box for each of the following options that you would like to apply to the tooltips.
        • Name - to display the device name.
        • Occurrences - to display the number of occurrences of alerts.
        • Distinct - to display the number of distinct alerts.
        • Percent - to display the percentage of the pie graph for the section.

Bar Chart

The Bar Chart visualization displays a graph of qualitative independent variables. Perform the following steps to set the widget settings for the Bar Chart visualization.

  1. Select the Bar Chart visualization by clicking Bar icon.
  2. BAR CHART TITLE
    1. Enable Show title to enter the title name in the text field provided and display it in report. Else, disable it.
    2. Enable Show subtitle to enter the sub-title name in the text field provided and display it in the report. Else, disable it.
  3. BAR VISUALIZATIONS
    Important: In the Bar visualizations below, aggregation selected is Severity.
    1. It provides 2 different visualizations.
      • Horizontal - to display horizontal bars.
        Alert Summary Bar visualization - Horizontal
      • Vertical - to display vertical bars.
        Alert Summary Bar visualization - Vertical
    2. Select Don't show severities with zero occurrences check box to hide the severities that have zero occurrences. This field is only available when Analyze tab > AGGREGATION has the Severity option selected.
    3. Under Spacing, extend the bar to the right to increase the amount of space between bars or shorten the bar to decrease the amount of space.
    4. Enable Show tooltip to display tooltips when you hover over sections of the pie graph or over labels (if labels are used). Select the check box for each of the following options that you would like to apply to the tooltips:
      • Severity - to display severity levels.
      • Occurrences - to display the number of occurrences of alerts.
      • Distinct - to display the number of distinct alerts.
    5. If you do not want to display the tooltips, disable Show tooltip.

  4. LEGEND
    1. Enable Enable legend to display a legend for the graph. Else, disable it.
    2. Select one of the following options:
      • Standard - to display legend in the standard format.
        • Click the Position drop-down to specify where you would like the legend to appear in relation to the graph. The position is set to Bottom by default. Other options include Top, Left, and Right.
      • Table - to display the legend in table format. Select the check box for each of the following options that you would like to apply to the tooltips:
        • Name - to display the device name.
        • Occurrences - to display the number of occurrences of alerts.
        • Distinct - to display the number of distinct alerts.

Treemap

Important: The Treemap visualization only supports aggregations by Device, Device Group, and Object Group. It does not support aggregation by Severity.

The Treemap visualization displays data in a hierarchical format to enable you to drill down a single level depending on the resources you select. Perform the following steps to set the widget settings for the Treemap visualization.

  1. Select the Treemap visualization by clicking Treemap icon.
  2. TREEMAP TITLE
    1. Enable Show title to enter the title name in the text field provided and display it in report. Else, disable it.
    2. Enable Show subtitle to enter the sub-title name in the text field provided and display it in the report. Else, disable it.
  3. TREEMAP VISUALIZATIONS
    1. Enable Show tooltip to display tooltips when you hover over sections of the pie graph or over labels (if labels are used). Select the check box for each of the following options that you would like to apply to the tooltips:
      • Severity - to display severity levels.
      • Distinct alerts - to display the number of distinct alerts.
      • Total occurrences - to display the total number of occurrences of alerts. If you do not want to display the tooltips, disable Show tooltip.
  4. LEGEND
    1. Enable Enable legend to display a legend for the graph. Else, disable it.

    Alert Summary Treemap visualization

    Example: Severity Details
    Severity 'Emergency' - click in 'emergency' box in the screenshot above

    Alert Summary Treemap - Emergency visualization

    Severity 'Warning' - click in 'warning' box in the screenshot above

    Alert Summary Treemap - Warning visualization
    Note: Repeat the same for all severities. In this example, the number of alerts are 0 for severities Alert and Info. Due to this, there is no visualization available for these scenarios.