Alert Manager

Axon can send alerts when specific events take place within the environment. Administrators can manage alerts centrally using Alert Manager.

Alert Manager is an interface for configuring which events should trigger alerts, to whom those alerts should be sent, and the delivery method to be used. It is comprised of two tabs, the Alerts tab and the Distribution Profiles tab, both of which are described in detail below.

To access Alert Manager, from the Dashboard:

1. Click the Administration cog in the lower-left hand corner.

2. In the Overview section, click Alerts.

Alerts Tab

The Alerts tab is used for creating and managing alerts, and specifying which events trigger an alert to be sent.

Create an Alert

To create an alert, from the Alert Manager screen:

1. Click the Alerts tab.

2. Click Add Alert.
   The Add Alert drop-down menu opens.

3. Select the Alert type you wish to create. For example, Silent Log Source.
   The appropriate configuration panel appears to the right.

4. Enter a unique Alert Name.

5. Optionally, enter a Description for the alert.

6. Click the Select Distribution Profiles button.
   The Select Distribution Profiles window appears.

7. Select one or more Distribution Profiles to associate to the alert.

To create and edit Distribution Profiles, see the Distribution Profiles Tab section below.

8. Once the desired distribution profiles have been selected, click Confirm.

9. Configure the alert-specific parameters. For information on alert type-specific parameters, refer to the documentation for that alert type. The available alert types are:

   1. Silent Log Source

10. Click Save.
    The alert is created successfully and added to the Alerts tab.

Edit an Alert

To edit an existing alert, from the Alert Manager screen:

1. Click the Alerts tab.

2. In the Alerts grid, click on the alert you wish to modify.
   The Alert panel opens on the right-hand side of the page.

3. Make any desired changes to the alert.

4. Click Save.
   The alert is updated successfully.

Delete an Alert

To delete an existing alert, from the Alert Manager screen:

1. Click the Alerts tab.

2. In the Alerts grid, click on the alert you wish to delete.
   The Alert panel opens on the right-hand side of the page.

3. In the top-right corner of the Alert panel, click the three-dot menu.

4. Click Delete.

5. Click Yes, Delete.
   The alert is deleted successfully and removed from the Alerts tab.

Distribution Profiles Tab

The Distribution Profile tab is used for creating and managing distribution profiles, which specify the recipients as well as the delivery method for a given alert.

If an alert does not have at least one distribution profile associated with it, nobody will receive the alerts that it generates. Therefore, a warning displays when trying to save an alert if there are no distribution profiles associated with it. A single alert may have multiple distribution profiles associated with it to allow for greater flexibility in managing alert recipients.

Create a Distribution Profile

To create a new Distribution Profile, from the Alert Manager screen:

1. Click the Distribution Profiles tab.

2. Click the Add Distribution Profile button.
   The distribution profile configuration panel appears on the right.

3. Enter a unique Profile Name.

4. Optionally, enter a Description for the profile.

5. Select the Delivery Method.

Email is currently the only supported delivery method, so the email delivery method is selected by default on all Distribution Profiles.

6. In the Recipients section, determine who should receive alerts that use this distribution profile.
   Recipients can be added by Role, Axon User ID, or by email address.

Sending email alerts to an email address that is not associated to an Axon login is supported.

7. Click Save.
   The distribution profile is created successfully and appears in the Distribution Profiles tab.

Edit a Distribution Profile

To edit an existing distribution profile, from the Alert Manager screen:

1. Click the Distribution Profiles tab.

2. In the Distribution Profiles grid, click on the distribution profile you wish to modify.
   The Distribution Profile panel opens on the right-hand side of the page.

3. Make any desired changes to the distribution profile.

4. Click Save.
   The distribution profile is updated successfully.

Delete a Distribution Profile

To delete an existing distribution profile, from the Alert Manager screen:

1. Click the Distribution Profiles tab.

2. In the Distribution Profiles grid, click on the distribution profile you wish to delete.
   The Distribution Profile panel opens on the right-hand side of the page.

3. In the top-right corner of the Distribution Profile panel, click the three-dot menu.

4. Click Delete.

5. Click Yes, Delete.
   The distribution profile is deleted successfully and removed from the Distribution Profiles tab.

System Distribution Profiles

Every Axon tenant is created with three Distribution Profiles available for use out of the box. If they are not needed, these system profiles can be deleted. The profiles are described in the table below:

Sample Alert Configuration Scenario

The following example describes a time when an administrator may want to create an alert, and the steps they would take to do so.

An administrator wants to configure a Silent Log Source alert to send an email to all Axon administrators anytime a critical log source goes more than five minutes without sending any data. To accomplish this, they go to the Alerts tab of Alert Manager and configure a Silent Log Source alert. As part of the alert configuration process, they have to select at least one distribution profile. They want the email alert to go to all Axon administrators, so they select the Email All Administrators distribution profile. Now, anytime a monitored log source goes more than five minutes without sending data, all Axon users with the Administrator role will receive an email alert.