• Spaces
  • Collections
  • Help
    • ×
     
     
    •  
    BMC TrueSight App Visibility Manager 10.7

    Page tree

    You can specify how the system identifies problems for a given incident detection rule:

    • Specify when to begin collecting data about abnormal behavior in your traffic. For example, if fewer than 5 requests per second occur, you might want to ignore SLT violations in your traffic.
    • Specify thresholds that determine whether traffic is abnormal
    • Specify thresholds for a period of abnormal behavior and an urgency rating
    • Specify when to terminate an incident

    To perform this procedure, you must have Operator-level access, or higher.

    Detecting fewer incidents for a rule

    If you receive too many email about incidents, edit the detection settings so that the system declares only incidents that are significant to you.

    You will modify detection settings so that:

    • The system looks for abnormal traffic only when more than 10 requests per second occur or at least 10% of pages violate their SLTs.
    • The system defines traffic as abnormal when the percentage of pages violating SLTs is at least 4.0 standard deviations from the baseline or more than 60% of pages violate SLTs.
    • The system declares an incident when traffic has been abnormal for at least 15 minutes or the urgency rating is 50 or higher.

    Urgency rating — A value between 1 and 100 that indicates how important an incident is relative to other incidents (1 is the least urgent, and 100 is most urgent). To calculate the urgency, the system takes into account the duration of the incident, its abnormality, and the number of user sessions affected.

    1. In the Real User Analyzer, point to On the Administration > Thresholds and problem detection and click Incident detection.

    2. On the shortcut menu for the incident detection rule, click Edit.
    3. Click the Detection tab.
    4. In the Look for abnormal traffic section, do the following:
      1. Click Only When.
      2. Select There are at least ... request(s) per second and type 10.
      3. Select OR at least ... % of pages violate SLTs and type 10.
    5. In the Define traffic as abnormal when area, do the following:
      1. Select SLT violation frequency is at least ... standard deviations from baseline check box and type 4.0 in the text box.
      2. Select the OR at least ... % of pages violate SLTs and type 60.
    6. In the Declare an incident when section, do the following:
      1. Select Traffic behavior is abnormal for at least ... minutes and type 12.
      2. Select OR the urgency rating is ... or higher check box and type 50.
    7. Click Save.

      The system will now detect fewer incidents.

    Related topic

    Adding an incident detection rule on the Analyzer

    © Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.