Analyzing synthetic health event details

For applications with synthetic transaction monitoring enabled and as the application operator, you can identify and diagnose application issues by examining a single event and see the violations that contributed to the event. You can use the event details to help identify the source of application issues.

This topic contains the following information:

Before you begin

Before you can examine a single event and see the violations that contributed to it, ensure that your system meets the following conditions:

To access the Synthetic Health tab, you must be logged in with Application Operator-level access, or higher.
(Optional) Synthetic metric rules are defined, usually by an application specialist in your organization.
If you do not define your own synthetic metric rules, only the global metric rules for performance, availability, accuracy, and execution events are evaluated.

To view the details of a synthetic health event

From the navigation pane in the TrueSight console, select Monitoring > Applications.
Select one application that you want to examine in detail.
Under the Synthetic Health tab, in the Events table, click a value in the Violation Frequency column to see the Event Details view for that event.

The Synthetic Health > Event Details view has two sections.

The header displays specific information about the event.
The Violations table displays details for all violations that contributed to opening and updating the event.

Evaluating the Event Details header

The following event details are displayed in the header:

When the event's severity changes, the event is updated with the current severity status.

Description of the Event Details header

Parameter	Description
Event Details	Click to collapse or expand the header section. From the action menu , you can close an open event.
Severity	Indicates if the event severity is Minor or Critical.
Current Status	Indicates if the event is currently Open or Closed If the event is Closed, the time the event was closed is also displayed.
Start Time	Time the event was opened.
Metric Rule	Name of the synthetic metric rule that defines the criteria for opening this event Click the name of the rule to view its settings and fine tune the criteria for the results you want to see.
Execution Plan	Name of the Execution Plan through which the transaction was executed on the application
Transaction	Name of the transaction on which the event occurred
Violation Frequency	Defined number of impacted execution cycles within the defined number of total execution cycles. The violation frequency is defined in the synthetic metric rule.
Location Threshold	Defined in the synthetic metric rule, the location threshold
Impacted Locations	Locations where the metric thresholds were breached: If a single location is impacted, the name of the location is displayed. If more than one location is impacted, the number of impacted locations is displayed. Click to expand the list of impacted locations.
Metrics	Metrics that breached thresholds: If a single metric breached its threshold, the name of the metric is displayed. If more than one metric breached its threshold, the number of metrics is displayed. Click to expand the list of impacted metrics.

What is the difference between an event and a violation?

A violation occurs when the value of a metric breaches the defined minor or critical threshold (as defined in the rule).

An event is generated based on all the definitions in a synthetic metric rule:

The metrics breached the defined threshold (according to the AND or OR logical operator).
The breaches occurred over the defined number of locations.
The breaches occurred at the defined violation frequency.

Examining the violations associated with an event

In the Violations table you see data about metrics that breached defined thresholds in selected locations, which contributed to the event status.

By default, only the violations that caused the last event update are displayed in the table. That is, only the specific combination of the definitions in the synthetic metric rules that caused the event to open or change severity are displayed. If you want to see all the violations that occurred from the time the event opened until its current status and severity, clear the Show only violations that caused the event update check box.

Description of the Violations table

Column	Description
Action menu	For each violation, you can perform the following actions: Download Execution Log—Download the Execution Log for the execution. Custom Timers—Display all custom timers defined for this transaction and their latency. Page Timers—Display all page timers defined for this transaction and their latency. Error Messages—Display all error messages issued for this transaction.
Severity	Indicates if the violation is Minor or Critical
Location	Name of the location where the violation occurred
Metric	Name of the measured metric For predefined metrics, the name of the metric can be one of the following: Availability Performance Accuracy Execution For timers, the name of the timer is as it is defined in your script
Threshold	Defined threshold for the metric
Value	Actual value that breached the threshold
Evaluation Time	Time that the execution cycle starts and ends. An execution cycle comprises a single run of an Execution Plan in all of its defined locations.
Transaction End Time	Time that the transaction ended

Where to go from here

Analyzing-a-synthetic-transaction

Investigate application issues reported by synthetic health events.

If necessary, adjust synthetic metric rules to reflect better the critical data you need for your environment.