Kaseya Community

Reducing number of alerts...

  • I have Application, Security, and System event log sets to alert on All. Additionally, I have an Ignore Set for each event log type.

    What Im having trouble with is deciding which alerts are safe to ignore. I know this is subjective, but we get alerts in the morning for machines that power on, then a bunch of errors occur, because the NIC isnt active yet, etc. Errors like: Cannot find domain controller. I know these are innocuous because its obvious the machine is powering up. But, I dont want to ignore this particular event, because it could be valid/important under other circumstances.

    So... my question is what would be the best way to handle these types of alerts? I cannot 'ignore these events at startup' kind of thing.

    Does everyone just suffer with this?

    M

    Legacy Forum Name: Reducing number of alerts...,
    Legacy Posted By Username: mariaworld
  • I realize I can set alerts to fire only after event occurs X times within Y period of time. Should I set ALL EVENTS to alert based on that type of schedule?

    What values are people using? I see one forum thread that says to fire an alert if the error occurs 1 time in 30 minutes.

    Legacy Forum Name: Event Sets,
    Legacy Posted By Username: mariaworld
  • I have a simialr issue with warnings, some seem important while most are just printer driver issues due to the user using RDP etc and don't really cause any issues.

    How does one filter out the numerous warnings that XP throws in the event logs so often?

    Legacy Forum Name: Event Sets,
    Legacy Posted By Username: george
  • george
    I have a simialr issue with warnings, some seem important while most are just printer driver issues due to the user using RDP etc and don't really cause any issues.

    How does one filter out the numerous warnings that XP throws in the event logs so often?


    We use ignore event monitoring sets. You just have to build them up over time based on the computers you manage and what you wish to monitor. For the RDP printer-related settings, there is a tool from MS that you can use to eliminate them. It is called the Terminal Server Printer Redirection Wizard or some such.

    Michael

    Legacy Forum Name: Event Sets,
    Legacy Posted By Username: RCS-Michael
  • Thanks Michael, I'm off to find that for sure...Smile

    Does everyone build there own event monitoring sets? or just use the ones in Kaseya?

    Cheers

    George

    Legacy Forum Name: Event Sets,
    Legacy Posted By Username: george