Add Alerts Rules

Alert: Cisco has made the end-of-life (EOL) announcement for the Cisco Industrial Asset Vision (IAV).

Alerts

The events which need the user's attention are notified to the users through Alerts. Alert Rules are defined only for alerts and configuring notifications.

Using the Alerts feature, the user can view the details of all the alerts associated with the sensors, bridges, and gateways. The user can also add, edit, and delete rules for generating the alerts.

IAV features two types of alerts:

  • System-generated — The system generates alerts when any anomaly is detected during the course of the operation of the system such as when a sensor, a bridge, or a gateway is unreachable. These can be created from Templates. See Add Templates.
  • User-generated — The user-generated alerts are raised as per the rules configured by the user.

The Alerts page shows the list of alerts filtered based on the Organization Hierarchy level that is selected. Only the levels accessible to the currently logged-in user are shown in bold text. Selecting a specific level in the hierarchy will filter the data and widget values of the alerts present under that hierarchy level and all of its child levels. The filtered alerts are displayed in the right pane of the page. The number next to a level is the Active Alerts count for that level which by default is aggregated to show the count of alerts on that level and the levels below it. If you want to see only the counts at a specific organization level, then, click Settings on the top of the Organization Hierarchy pane and select Local Alerts under Number Display.

The Organization Hierarchy pane and all the levels can be collapsed and expanded.

Notes:

  1. When you navigate to the Alerts page from the dashboard page (from the widget that displays the alerts count), the displayed alerts are the alerts filtered based on the Organization Hierarchy level selected in that page.
  2. When you navigate to the Alerts page from the inventory pages (Assets, Sensors, Network Devices, and Bridges), the displayed alerts are the alerts filtered based on the Organization Hierarchy level selected in that page. Along with this, the filters like Active alerts for those Assets, Sensors, Network Devices, and Bridges are applied.
  3. When you navigate to the Alerts page from the Asset's, Sensor's, or Network Device's, and Bridge's summary pages, the filters like Active alerts and Severity are applied for that particular Asset, Sensor, Network Device, and Bridge.

View an Alert

  1. From the left pane, click Alerts. In the right pane, on the top of the screen, the widget displays the total number of alerts from the past year (365 days) and the alerts count according to the severity.
  2. The bottom section shows the list of Active Alerts based on the filters selected. Status and First Occurrence are the filters applied by default. You can remove or change the filters. These filters are applied only to the bottom section that lists the alerts and not the top widget which shows the alerts count.
    1. Apply filters by
      1. Date and time—The options are for Today, Yesterday, Last 7 Days, Last 30 Days, and a Custom Range. For the Custom Range, you can also select the times.
      2. Device—Select All Sensors, All Network Devices, or All Bridges.. You can also search for the devices in the Search bar. Start typing to narrow down the search (at least 3 characters are needed to show the matching device names). When this filter is selected, the Asset filter is disabled.
      3. Asset—Select All Assets. You can also search for the assets in the Search bar. Start typing to narrow down the search (at least 3 characters are needed to show the matching asset names). When this filter is selected, the Device filter is disabled.
      4. Severity—Select an option from Critical, Major, and Minor.
      5. Status—Select one or more options from Active, Cleared, and Acknowledged.
        Notes:
        1. The displayed alerts are the aggregated alerts (alerts in the selected level and all its child levels) filtered based on the selected Organization Hierarchy level.
        2. In the list of alerts, only the devices that you have access to are shown.
        3. When you apply the Time period filter, the list is updated with the alerts based on the time when they first occurred.
Column Header Description
Severity The severity of the alert. This can be Critical, Major, or Minor.
Alert Rule The user-defined name for the Alert.
Org Hierarchy The selected organization level and all the levels under it.
Asset The Asset to which a sensor has been assigned. In case the sensor is not assigned to any asset, this value will be empty.
Device The type of device for which the alert event has occurred.
Note: If a device is deleted from the system, but has alert(s) associated with it, then the device name appears as Deleted.
First Occurrence The timestamp when the alert occurred for the first time.
Last Occurrence The last timestamp when an existing open alert was triggered again.
Status The current status of the alert. This can be Active Unacknowledged, Active Acknowledged, Cleared Acknowledged or Cleared Unacknowledged.
* Active — This indicates that the alert is still present.
* Cleared — This indicates that the alert is removed.
* Acknowledged — This indicates that the user has acknowledged the alert.
* Unacknowledged — This indicates that the user has not yet acknowledged the alert.
Events Count The number of times the alert event has occurred.
Actions Options to acknowledge and clear the alerts.

View Alert details

  1. Click on the name of the Alert Rule to view the alert details. A sidebar opens up displaying the details of the alerts.
    1. Among other details, the asset, the sensor, the network device, or the bridge to which the alert is associated is shown. You can click on them to view their details.
    2. Click Acknowledge or Clear to acknowledge and clear the alert respectively. These actions are reflected in the Status field in the details view. You can perform these actions only once.
  2. Under the Actions column, click Clear to clear an Alert. To clear multiple alerts, select the required alerts and click Clear.
  3. Under the Actions column, click Acknowledge to acknowledge an Alert. To acknowledge multiple alerts, select the required alerts and click Acknowledge.

Alert Rules

Alert rules are used to define thresholds for sensor and bridge attributes which when combined with Templates can be used to notify users when sensor or bridge telemetry indicates that those thresholds are crossed. If an alert is raised on a threshold telemetry and if the same threshold telemetry is crossed again, then an alert notification is not sent to the user by email or SMS.

Add Alert Rules

  1. From the left pane, click Alerts.
  2. From the right pane, click the Alert Rules tab > Add Rule.
  3. In the Add Alert Rule page, enter the name for the alert and an optional description in the Alert Name and Alert Description fields respectively.
  4. In the Choose Device Type drop-down list, select Cisco Sensor or Analog/Digital Sensor.
  5. If the Choose Device Type is:
    • Cisco Sensor, then Choose Alert Type section shows options for various alert types
    • Analog/Digital Sensor, then Choose Input Type section shows Analog Input and Digital Input as options
  6. Select an alert/input type and click Next.
  7. Based on the alert type, set the threshold value in the Define Threshold field.

    Note: The Define Threshold field is different for different alert types.

  8. For Analog/Digital Sensor, select the Operator, Output Unit, or Output Alias based on the chosen input type.
  9. Select an option for the Severity Level. It can be Critical, Major, or Minor.
  10. Select Auto Clear Alert to clear the alert automatically when it is resolved.
  11. Click Next. Review the changes and click Add to add the newly created alert to the system.

Manage Alert Rules

View an Alert Rule

  1. From the left pane, click Alerts.
  2. From the right pane, click the Alert Rules tab.

The list of Alert Rules is displayed.

Column Header Description
Name The name of the Alert Rule.
Severity The severity of the alert. This can be Critical, Major, or Minor.
Type The specific type of Alert Rule. For example, Door Status, Geofence, Water Leak, etc.
Auto Clear This shows whether the Auto Clear option is enabled or disabled.
Description The optional description of the alert specified while creating the Alert Rule.
Created By The email ID of the user who created the Alert Rule.
Created Time The date and time when the Alert Rule was created.
  1. Click on an Alert Rule name to view its details.

Edit an Alert Rule

  1. From the left pane, click Alerts.
  2. From the right pane, click the Alert Rules tab.
  3. Click on the Alert Rule that you want to edit.
  4. Click Edit, change the required fields and click Update.

Notes:

  1. For Analog/Digital sensors, you can't modify the Choose Input Type and Choose Device Type fields.
  2. In the Threshold page, in the Define Threshold field, the Choose Item drop-down list is disabled if the alert rule is associated with a template. You can edit it only if the alert rule is not associated with a template.

Delete an Alert Rule

Note: When an Alert Rule is deleted, any associated template(s), will be automatically disassociated.

  1. From the left pane, click Alerts.
  2. From the right pane, click the Alert Rules tab then select an Alert Rule to delete.
  3. Click Delete and then click Yes when prompted.

OR

  1. From the left pane, click Alerts.
  2. From the right pane, click the Alert Rules tab then select one or more checkboxes of Alert Rule(s) to delete.
  3. Click Delete and then click Yes when prompted.