LogicMonitor recognized as a Customers' Choice by Gartner Peer Insights™ in 2024 Gartner Voice of the Customer for Observability platforms.

Read More

    Platform

    Get real-time insights and automation for comprehensive, seamless monitoring with agentless architecture.

  • Infrastructure
    monitoring
  • Cloud monitoring
  • Digital experience
  • AIOPS

      • Solutions

      Whether you work in MSP, Enterprise IT or somewhere in between, the solution is clear.

    By Initiative
    By Industry

      About us

      Get to know LogicMonitor and our team.

    Get to know us
    Services

      Resources

      Explore our blogs, guides, case studies, eBooks, and more actionable insights to enhance your IT monitoring and observability.

    Learn

      Documentation

      Read through our documentation, check out our latest release notes, or submit a ticket to our world-class customer service team.

    Support

    Product Documentation

    Example of an Action in Dexda

    Last updated on 06 August, 2024

    The following is a walk-through of the steps and actions in the preconfigured LM Alert Processing Action.

    Flowchart illustrating the process of creating and managing alerts and incidents in a monitoring system.
    SequenceDescription
    Create a new alertIf the event severity is > 0, and there is no existing open alert, a new alert is created (outcome alert cleared).
    Update existing alertIf the outcome of the previous step is alert exists, and the alert is not closed, then the existing alert is updated.
    Find a LM-DX reference for this alertIf the outcome of the previous step was an update alert, then find the reference to the ServiceNow ticket.
    Update ServiceNow incident linked to this alertIf the outcome of the previous step was rowkey found, then update the ServiceNow incident.
    Update alertSets the value of the incident ID to pending The process requested an incident creation in ServiceNow, and eventually, a ServiceNow record will be returned.
    Update associated insightMaintain the severities, last event timestamp, and state of any associated Insight
    Find a LM-DX reference for this insightFind any ServiceNow LM-DX reference for this Insight
    Update ServiceNow incident linked to this insightUpdate any existing Incident for which we found a row key
    Update insightUpdate the insight based on SNC incident update
    Create ServiceNow incident for this insightCreates a new ServiceNow incident when the previous action does not have an existing insight record
    Store rowkeyStore a mapping between the insight and the ServiceNow LM-DX reference
    Update insightUpdate the insight based on the SNC incident update
    Wait for correlationWait at least 15 mins to allow this new alert to correlate
    Create ServiceNow incident for this alertIf the alert is not yet correlated (Escalation equals correlated), then directly create an incident for this alert. Do not create an incident if the alert has only reached indeterminate (maintenance).
    Store rowkeyThe flow for a new alert. The rowkey was looked up in ServiceNow in a previous step, and here it is returned. It is stored only if the outcome was that an incident was created. The external record type is sncIncident, and the internal record type is alerts.
    Update alertUpdate the alert state to indicate that an Incident has been requested
    Wait for 7 daysWait time for uncorrelated alerts to be investigated
    Auto-close alert if created more than 7 daysSets the alert escalation to closed, and the alert disappears from the list of Uncorrelated Alerts on the dashboard. This only happens if the alerts haven’t been touched during the 7 days. Note that any associated ServiceNow incident record is still available, and you can access the alert details in Dexda from the link in ServiceNow.