Service Operations Insight

  • Private Community
 View Only

  • 1.  SOI & Spectrum: Suppressed Messages still show in SOI?

    Posted Feb 10, 2015 04:23 PM

    Hello, just wondering about the following situation and if this is or isn't in SOI's ability to work with Spectrum?

    In Spectrum we can have the following layout situation: 

     

    Router1   > Device1

                   > Device2

     

    Spectrum has the ability to determine that if Device1 goes down, it will produce an alert on Device1. SOI Sees this alert and displays on the SOI Console.

    Spectrum then tries to ping all neighbor devices relative to Device1. If it find that the neighbors are up then it leaves the alert until it is resolved.

     

    If it finds the the neighbors of Device1 are also down, then it tests the upstream device Router1. If Router1 is down then what Spectrum does is then create 1 alert on Router1 and then "Supresses" all the devices downstream from Router1. All Device1, and Deive2 alarms are then removed from the Spectrum console. This is the part where SOI is lacking. SOI keeps these alarms on it's console for all the device# alerts that got generated. It doesn't clear or hide them form the console.

     

    This is really bad since if we have auto-ticketing turned on for a service/site, and all the downstream devices throw an alert in SOI, all alerts get tickets cut.

    We could be talking 100+ tickets when really there should be 1 ticket cut b/c the Router connecting all those devices is down. Spectrum behaves correctly but on the SOI side those alerts should be suppressed or removed when Spectrum does this. We would have a delay of about 2 minutes set in our AEP policy that would wait before the ticket is cut. That would give enough time for Spectrum to make the determination if the issue lies upstream or if the actual device is down. If the Device is down alerts are not removed from the SOI console then tickets get cut. This is an issue.



  • 2.  Re: SOI & Spectrum: Suppressed Messages still show in SOI?

    Posted Mar 25, 2015 08:43 AM

    The latest versions of the SOI Spectrum Connector support the "RootCause" feature. With this connector and the corrsponding feature on the SOI Manager enabled you will actually see the same behavior as in Spectrum, with the difference that besides the root cause alert you will see symptom alerts mentioning the rootcause alert as their root cause. The feature on the connector can be turned on by setting enableRCA to 1 on the connector page (Administration tab) and the feature on the SOI Manager configuration can be set on the Global Settings page (Administration tab) by setting the "Root Cause Analysis" mode to Domain Manager (vs. CA SOI, or Combined).



  • 3.  Re: SOI & Spectrum: Suppressed Messages still show in SOI?

    Posted Feb 29, 2016 02:46 PM

    Dan,

    I'm having the same situation.

    Did you ever resolve this issue? If so, how did you do it?

    Thanks.



  • 4.  Re: SOI & Spectrum: Suppressed Messages still show in SOI?

    Posted Mar 01, 2016 05:17 AM

    Hi Mike,

     

    as Vincent mentioned:  The behaviour of SOI can be adjusted by setting the RCA mode in SOI to "Domain Manager" and activating the RCA flag on the Spectrum Connector.

    SOI does not perform any analysis itself, but it will take over the Symptom and Impact attributes from Spectrum.

    You can also make use of these attributes in your Escalation policies and as Filters on the Console.

     

    MichaelBoehm