In the world of IT, alerts ๐ are very important to know that there is something going on that is not normal behaviour.
General alerts: ๐
- Application performance degraded ๐
- CPU utilisation is too high ๐ป
- Memory consumed is greater than the specified threshold, like 80% ๐ง
- and many more… โพ๏ธ
So what do we generally do? ๐
We create a rule that whenever a certain criterion is met, it should send an alert. Okay, we test in lower environments by simulating the real-time scenario.
We kept on adding alerts for all the possible scenarios that can fail, avoiding any corner cases. Thinking we should not be deprived of alerts of anything unusual happening.
So we did it. Yeah!! Pat on our backs. ๐
With this, we assume that we have covered everything. Yet unknowingly, we introduced a bigger problem. ๐ฌ
Alerts are implemented in the actual PRODUCTION. Now we see alerts coming now and then. Thus, overloading the mailboxes. ๐ง
Now, what happens next is that the team starts ignoring those alerts, considering them as usual. Or setting up rules to automatically route to some other folder, or even auto-delete. ๐๏ธ
Now, when the real issue occurs, an alert is sent, but is ignored gracefully by the rules in our mailboxes. ๐คซ
Thus, chaos starts after the application crashes. ๐ฅ
So what went wrong here? ๐
Alerts were there, the team was notified, but why were they ignored? ๐ค
Having too many alerts makes it hard for the team to take any action. ๐
Now what to do? ๐คท ๐
Removing alerting is also not a valid option. โ
The only viable options here are:
- To optimise the alerting in such a way that it can reduce the number of alerts. ๐ ๏ธ
- Fixing the apps to avoid known failures and ignoring of the alerts. Thus, reducing overall number of alerts๐ง
- Never categorise any alert as a KNOWN alert. ๐จ Most of time, when we see a series of same KNOWN alert coming continuously, the known alert becomes a ALERT of CAUTION. โ ๏ธ
Original Post: LinkedIn
What are your thoughts or feedback on this? I’d love to hear about your experiences! ๐