Alerts

Alerts

Netskope has enhanced Digital Experience Management (DEM) by adding Alerts. This purpose-built framework enables customers to subscribe to key events that can be sent to any destination of your choosing. Depending on your subscription, these alerts provide coverage for Network, Platform, and Private Application events.

Alerts Dashboard Overview

• Network, Platform, and Private Application Events: Gain a comprehensive overview with alerts covering network, platform, and private application-specific events. From network tunnel events to platform disruptions and private application publisher issues, Netskope keeps you updated.

• Detailed Alert Information: Each alert comes with a comprehensive set of details for quick and accurate incident analysis. Access critical information such as current status, severity level, time of opening, last evaluation timestamp, closure time, recipient details, alert category, type, configuration specifics, and a unique alert ID for reference.

• Enhanced Contextual Enrichment: Understand the bigger picture by leveraging enriched data points. Identify specific geographic locations, sites, and publishers that were impacted by the reported issues. This enrichment provides invaluable insights into the scope and potential reach of each event.

How to Filter Alerts 

Use the Filter Menu to filter alerts. You can select from the following filters:

• Add Filter
  • Alert Category
    • Network
    • Platform
    • Private Apps
  • Alert Type
    • Tunnel Down
    • Tunnel Throughput
    • Tunnel Flapping
    • Traffic Volume Change
    • Netskope Service Status Changes
    • Publisher Resource Consumption
  • Severity
    • Critical
    • High
    • Medium
    • Low
    • Info
• Alert ID Search

Alerts Overview

The Alerts dashboard provides a brief snapshot of the alerts that can be sorted. For additional details about an alert, click the alert to view the alerts details page.

To View Alerts

1. Select the alerts you want to view by utilizing the filter menu.
2. Sort the alerts by using the Sort by drop-down menu.
3. Open alerts are shown by default. Use the Show Closed Alerts toggle to view open and closed alerts.
4. Click an alert to view the alert details page for a specific alert.

About Alert Details Pages

Types of Alert Details Pages

• Impacted Sites
• Impact POPs
• Impacted Publishers

Alert Details

1. Status: The status of the alert. The status is Open for unresolved alerts and Resolved for closed alerts.

Note: If there are multiple impacted Sites, POPs, or Publishers for one alert, and one or more remain Open, then the Status will remain Open for 24 hours. If the status is not resolved for all the events that triggered the alert within 24 hours, then a new alert will be generated.

2. Severity: The level of severity that an alert poses.
3. Opened Time: The time that the alert was created for this event.
4. Last Evaluated: The last time the alert was evaluated.
5. Closed Time: The time that the alert was closed.
6. Sent to: The email address, webhook url, or Slack destination to which the alert notification was sent.
7. Alert Category & Type: The category and type of alert.
8. Alert Configuration: The alert configuration that triggered the alert
9. Alert ID: The identification number of the alert.

Note: You can copy the Alert ID by clicking the copy icon.

About Impacted Sites Details Page

The Impacted Sites alert details page provides detailed information on which POPs are impacted by the following information:

• Site: The name of the IPSec or GRE site.
• POP: The Point of Presence (POP) where the IPSec or GRE tunnel event occurred. 
• Source IP:  The public source IP Address of the IPSec or GRE tunnel.
• Site Throughput: The IPSec or GRE site throughput seen by the Netskope POP.
• Current Status: The current status of the alert condition.

About Impacted POPs Details Page

The Impacted POPs alert details page provides detailed information on which POPs are impacted by the following information:

• POP: The Point of Presence (POP). 
• Service: The specific service at the POP that triggered the alert condition.
• Service Status: The current status of the service.
• Current Status: The current status of the alert condition.

About Impacted Publishers Details Page

The Impacted Publishers alert details page provides detailed information on which Publishers are impacted by the following information:

• Publisher: The NPA Publisher with the triggered alert condition.
• Resource: The specific NPA Publisher resource with the triggered alert condition.
• Resource Consumption: The time series view of which data points triggered the alert condition.
• Current Status: The current status of the alert condition.