https://worldofeuc.com logo
Join Slack
Powered by
Here's what i'm looking to do. Does anyone know i...
# _general
r
Here's what i'm looking to do. Does anyone know if a product like this exists? Basically an Alert Intermediary. I want to dump all of my alerts to this system, where it has a decision engine. Then based on that decision engine, can forward "X" to my ticketing system. For example. I have CPU monitoring on a server. Getting a single High CPU alert... Who cares? However, If I get 20 of them in 30 minutes, then forward something to my ticketing system for someone to look at. Does this exist? Can something like Splunk do this? Is anyone doing this today? I would love to hear some thoughts.
g
Hi. Maybe something like this? :) https://ntfy.sh/
r
I was more thinking in the lines of Iris 6 or AI Arbiter or something.
g
Ok. Then I have no further idea. Maybe someone else. Good luck :)
r
Thank you!
😊 1
j
What "alerts" are you getting? Most of the monitoring tools out there for EUC can react to an alert firing x times in x minutes.
j
Pager Duty
m
splunk itsi
r
@James Rankin Think MSP wide. Every possible alert that could come from any tool out there (non-security). PRTG can alert on basically anything with custom Powershell. All alerts that would come from an RMM, etc/etc/etc.
I will check Pager Duty out, and Splunk itsi out
m
we were also looking into some Aiops tools
since what you are looking for is essentially noise reduction and alert correlation
like Bigpanda
(yes thats the name of the product)
r
yeah, that's basically right. They call them Alert Arbiters or something like that
r
You can do this with Datadog. You can set thresholds on alerts to send when it sees a given amount over some duration
Or you can say if it gets an alert, wait for 10 minutes to see if it gets another one. Then send
r
Datadog was on my list to check out for sure
3 Views
Open in Slack
PreviousNext
Powered by