Alert Rules defines when alerts are triggered based on the rate of events related to the Alert Rule.

Events are related to the Alert Rule by the Event Rule that triggers the events. An Alert Rule can monitor the rate of events for a single Event Rule or for all Event Rules within an Event Category.

The monitoring of the rate of events can be filtered for specific needs by:

• Minimum Severity
• Trigger Window
• Location
• Minimum Number of Computers
• Minimum Percentage of Computers

If a minimum number of computers from the selected location report an event within the Event category having a severity at least the minimum severity, an alert will be created. For more information about rules and events, view Event Management.

An Alert rule has three main sections:

Basic Information

This section contains general information about the Alert rule.

• Name: The name of the alert rule. Used for reference and appears all over in the web interface.
• Description: Descriptive text to help identify the purpose of the alert rule.
• Enabled: This attribute tells whether the alert rule has effect or not. If disabled, no alerts will be triggered even if the conditions are met.

Event Filter

This section contains the essential information about when the alert rule should generate an alert.

• Event Rule or Category: Events must be created by this event rule or fall within this event category.
• Minimum Event Severity: Events must have at least this severity level. If an event is triggered with a severity lower than specified here, it will be ignored by the Alert Rule.
• Trigger Window: A sliding windows in minutes. The number of affected computers is calculated within this sliding window. Events cannot be triggered more often by this alert rule than the Trigger Window.
• Location: Events must be generated in this location.
• Minimum Number of Computers: At least this number of computers must have reported events.
• Minimum Percentage of Computers: At least this percentage of online computers must have reported events

Alert Information

This section determines some attributes for the alerts created this alert rule.

• Alert Categories: An alert can belong zero or more alert categories. This is very useful when you want a notification rule to subscribe to many different alerts that may belong to the same category.
• Alert Severity: All alerts have a severity, that may be used by notification rules for filtering.
• Alert Period: A time interval in minutes. When calculating KPI values, the alert period determines the down time or unhealthy period caused by this alert.

You can set up your own Alert Rules just like you did with Events Rules.

Set up Alert Rules

Select Alert Rules in the menu and click the Create new alert rule button. Fill out the required fields. Again, all of them have been mentioned above, so we'll focus only on the few that are relatively important when setting up a new alert rule:

• Minimum Event Severity: You can use the severity to determine how the event will be processed by PerformanceGuard. If you can't determine then just select the default severity, Normal. Read more about these events severity levels Severity Levels.
• Trigger Window: Specify how many minutes the alert rule should wait for events to occur.

• Alert Categories: Only relevant if you create multiple alert rules, and you want to group them into areas of interest. If you want to know more, read Use Categories to Group Events and Alerts.
• Alert Severity: This can be different from the event severity. This means that you're able to say that if an event happens on multiple computers within a few minutes, you want to treat it more seriously than if the event just happened on a single computer. In your case, you've already decided what should happen, so just select the default severity, Normal.
• Alert Period: This is a timeout period that determines how long it must take before a new alert can be triggered by the alert rule. You can use this to limit the number of alerts.

Click the Create button and you have setup your own Alert Rule.