Tuning alert thresholds

Receiving too many meaningless LogicMonitor alert notification emails can ultimately lead to people ignoring important alerts. On the other end of the spectrum, not receiving an alert for an important issue could result in service downtime or even an outage. The key to avoiding both of these situations is to keep your alert thresholds, as configured on a per datapoint basis, tuned for your environment. We try to do most of the work for you by having our DataSource developers set default datapoint thresholds based on device documentation, industry best practices, research, years of experience, and customer feedback.

However, it is impossible for our DataSource engineers to set default thresholds that work well for every use case. LogicMonitor's default DataSource thresholds work well most of the time for critical production infrastructure, but they won't work for everyone. In addition, there are some situations where we can't set default thresholds for datapoints that you probably want to receive alerts for. Therefore, to ensure that your alerting implementation is both sufficient and noise free, you should constantly be tuning away non-meaningful alerts by customizing your alert thresholds.

How do I tune my alert thresholds?

Remember that each DataSource includes one or more datapoints, which are the individual metrics being collected. To tune alert thresholds:

  1. Determine which datapoint(s) you want to tune.
  2. Establish whether you are looking to adjust the value-based thresholds set for these datapoints, whether you are looking to set No Data alerts for these datapoints (i.e. alerting based on the absence of expected data), or both. (For more information on the strategies behind these two types of datapoint alerts, see the Datapoints section of the Creating a DataSource support article.)
  3. Determine the level at which you want to adjust thresholds: device, group, or global. (For more information on these levels, see Where should I adjust thresholds?)