Alert Processing
Moogsoft AIOps processes alerts using the following components. These components are responsible for performing analysis, adding information to alerts, and noise reduction techniques.
-
Events Analyser: A standalone process that analyses tokens in events and assigns each token an entropy value. The Events Analyser can use any text field in an event but, by default, it uses the event's description. This process runs periodically and does not form a part of the alert processing workflow.
-
Alert Builder: Processes events from the Message Bus. It:
-
Deduplicates events into alerts.
-
Calculates the entropy of alerts.
-
-
Enricher: Enriches alerts with additional information.
-
Maintenance Window Manager: Marks alerts as 'In maintenance' if they match a scheduled maintenance window filter. You can set up maintenance windows for planned maintenance, such as scheduling a fix or regular maintenance of a system.
-
Alert Rules Engine: Allows conditional processing of alerts, such as managing link up/link down processing.
-
Empty Moolet: An optional component that enables further processing of alerts or Situations. It usually runs as a standalone process but it can also be embedded in the processing chain. Moogsoft AIOps provides an example Empty Moolet in the form of an Alert Manager.
The following diagram shows the alert processing components in a typical implementation of a workflow chain in Moogsoft AIOps:
 |
Each component comprises a Moolet supplemented by Moobots.