• Spaces
  • Collections
  • Help
    • ×
     
     
    •  
    BMC TrueSight App Visibility Manager 10.7

    Page tree

    When the system detects an incident, the incident appears in the list of incidents on the Incidents page of the Real User Analyzer.

    Use the filters at the top of the page to monitor only the incidents that you are interested in:

    • Time Range — Shows the incidents that occurred during a specified period of time
    • Incidents — Shows incidents by type (Performance, Volume, Availability, All incidents)
    • Status — Shows incidents by status (New, Acknowledged, Archived, Any)

    List of incidents

    The list of incidents is presented with the following columns:

    • Critical — The incident criticality marker. You can configure notifications based on the criticality criteria (urgency value, number of affected users and so on).
    • Event time — The date and time when the incident occurred
    • Urgency — A value between 1 and 100 that indicates how important an incident is, relative to other incidents. 1 is the least urgent, and 100 is the most urgent. To calculate the urgency, the system takes into account the duration of the incident, the number of user sessions it affected, and how abnormal the incident was.
    • ID — Unique incident ID
    • Rule ID — ID of the incident-detection rule that triggered the incident
    • Watchpoint — The Watchpoint associated with the incident
    • Duration — Duration of the abnormal behavior caused by the incident
    • AbnormalityAbnormality rate
    • Sessions — The number of distinct sessions detected for the Watchpoint during the specified period when the incident occurred
    • Type — Incident type (performance, volume, or availability)
    • NotificationIncident notifications that have been sent
    • Status — Incident status: New, Acknowledged, or Archived (see below)

    You can perform the following operations with incidents:

    • Mark acknowledged – When you are aware of a certain incident, mark it as Acknowledged so that you can filter it from the list. An Acknowledged incident is not displayed in the Incident Triage dashlet.
    • Mark New – To restore an incident from the Acknowledged or Archived state, mark it as New.
    • Mark Archived – To hide an incident from the Incidents page and from the dashlets, mark it as Archived. The incident remains in the system in the Archived state.
    • Purge incident data – To purge all historical data on the existing incidents. All incident settings will remain in the system. For more information, see Clearing the incident data.
    • Analyze incident — Observe incident symptoms (see below)

    Analyzing an incident

    To find out more about an incident, select it from the list of incidents. The system displays a visual representation of the incident over time.

    Incident details

    Hover the mouse pointer over the graph to see tooltips that contain the detailed information. You can browse the data displayed in the chart by clicking Grid View.

    To observe symptoms that triggered this incident, click Analyze this incident.

    You will see how many values changed significantly for each traffic property, and how big this change is in each case. See the following figure:

    Analyzing incident symptoms

    You can also explore sessions affected by the incident in the Session Browser. This feature is useful if you want to see a list of all sessions that had any of the symptoms of the incident.

    Related topics

    Using incident notifications

    Using incident dashlets

    © Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.