Creating a custom error-detection rule

To perform this procedure, you must have Operator-level access, or higher.

To create a custom error-detection rule

In a Real User Analyzer, select Administration > Thresholds and problem detection and click Error detection rules.
On the Action menu, click Add a custom rule.
The Add a custom rule page appears.
In the Order box, specify the priority of rule firing.
If you leave Append, the rule will be added to the end of the rules list. If you want to set the particular order of firing, select a corresponding number.
In the Match Policy list, specify what the system does when this rule is triggered:
- Proceed — The system proceeds detecting other errors.
- Stop — The system halts the error-detection process.
In the Alerting box, select an alerting policy for this rule:
- Do not send an alert — When the error is triggered, the system does not send any alert when the error is triggered.
- Send an SNMP trap — When the error is triggered, the system sends an SNMP trap.
- Send an email alert — When the error is triggered, the system sends an email alert.
- Send an SNMP trap and an email alert — When the error is triggered, the system sends an SNMP trap and an email alert.
In the Severity box, select the severity of the error:
- Informational conditions are not counted toward availability in any of the system's error-based reporting but are displayed in user sessions.
- Error conditions are displayed in user sessions and reported as alerts.

From the following categories, select the one to which this error condition belongs:

Error condition categories

Category	Description
Network	Errors relating to networking and protocol corruption, network latency, high round-trip time, and so on
Client	Errors that relate to the client, including "not found" and authentication problems
Server	Problems that the server had with a request but that did not relate to the application itself (for example, if the HTTP service on a system prematurely terminated a session but the application remained unaware of the problem)
Application	Problems with the application server's computation or access to back-end resources (typically, application errors, such as HTTP 500 messages, are known to the application server's logging system)
Content	Error conditions in which the request and response appear to be correct but are somehow wrong (for example, a 200 OK with zero bytes of response would be an apparently correct, but in fact broken, response)
Custom	Application-specific errors; you might want to label error.jsp pages as a custom error type.

If you select the Monitor in AIM box, the system automatically creates an Availability incident-detection rule to monitor errors (that have been detected by this rule) for incidents.
This option is available only for rules with Error severity. Informational conditions cannot be monitored for incidents.
Enter a meaningful description.
Enter the filter expression that identifies this error condition, using the Expression Builder, as needed.
Click Save.

The new custom error-detection rule is added to the system.

Return to the Administration > Thresholds and problem detection > Error detection rules page to turn the rule on (or off) and monitor its status.
Configure email settings for error alerts.
Configure SNMP traps.