Platform

    Get real-time insights and automation for comprehensive, seamless monitoring with agentless architecture.

    Platform Overview
  • Infrastructure
    monitoring
  • Cloud monitoring
  • Digital experience
  • AIOPS

      • Solutions

      Whether you work in MSP, Enterprise IT or somewhere in between, the solution is clear.

      Solutions Overview
    By Initiative
    By Industry

      About us

      Get to know LogicMonitor and our team.

      About us
    Get to know us
    Connect
    Services

      Documentation

      Read through our documentation, check out our latest release notes, or submit a ticket to our world-class customer service team.

      View Resources
    Support

    Product Documentation

    What do the different alert severities mean?

    Last updated on 20 January, 2020

    LogicMonitor categorizes alerts into one of three alert severity levels: critical, error, or warning. When configuring alerting conditions for various aspects of your environment, you can assign alert severity levels as appropriate. As discussed next, alert severities are intended to provide an indication of how serious an issue is and, therefore, how promptly it needs to be addressed.

    Critical Alerts

    A critical level alert should be a worst-case scenario – there is an issue that requires attention. They are designed to be reactive alerts, meaning someone should react to these alerts as soon as possible.

    Error Alerts

    An error level alert is less severe and should convey that something is wrong or isn’t behaving normally, but there isn’t necessarily a specific action that has to be taken. You should know about these scenarios, but they shouldn’t have the same sense of urgency as a critical alert. Error alerts are designed to be more proactive than critical alerts, but you may want to know about them sooner and they may be treated more as reactive alerts depending on your use case.

    Warning Alerts

    A warning alert indicates that there is something you should be aware of, but it may not be causing a problem yet. Warning alerts are designed to usually be proactive alerts, meaning we’re notifying you that there may be a future problem so that you can avoid the problem all together.

    Reactive vs. Proactive Alerts

    You probably don’t want to be notified every time a warning alert triggers. However, you likely do always want to be notified for critical alerts. In fact, if an alert is triggered because multiple drives in a RAID array are failing, taking volumes offline, you probably want an email, text, or voice alert sent to somebody who can resolve this issue.

    Therefore, as best practice, we recommend that you route reactive alerts to people within your infrastructure who are capable of resolving the problem, and that you periodically review proactive alerts in LogicMonitor reports.

    The reason that we recommend this, is that viewing proactive alerts, such as warnings, in alert reports, can greatly reduce the number of alerts you are being notified for. Reports can show you where your noise is coming from, and help you figure out if there are alerts that you actually do want to route to email or SMS messages. Additionally, some types of alerts tend to be more useful when viewed in a report format (rather than received in individual emails) because they can be reviewed next to other alerts from the same time-frame to detect network trends or even relationships between events. For an overview of the alert reports available, see Which report should I use?