Configure Service Desk Alerts (SDA) to Alert on Device Health Issues

Aternity sends service desk alerts (SDA) to draw attention to devices which encounter the same health events repeatedly, like application crashes, system errors or hardware issues. You can receive an SDA as an automated email, or you can view it in Aternity's REST API (learn more). Alternatively, if you have ServiceNow, you can send SDA directly to the Aternity App for ServiceNow (beta). With the Service Desk Alerts screen, you can configure the rules for Aternity to generate SDA alerts as well as to run remediation actions.

For example, you can receive an SDA whenever a device suffers from the same crash more than twice a week. Creating alerts is possible only for existing health events.

View and edit the rules which trigger an SDA
Tip

If a row is gray, Aternity does not send that alert. To enable it, select the row's context menu on the right > Edit.

This screen does not display the generated SDA. It only configures the settings which govern when Aternity generates an SDA. You can view the alerts in several ways:

View SDA by Description
Email

To receive service desk alerts as an automated email, you can specify different email addresses for each type of alert. Then create your own email processing rules to route the mails to your ticketing system.

REST API

To view SDA via the REST API query, use the SERVICE_DESK_ALERTS_RAW API, and filter the query to analyze the alerts. Learn more.

ServiceNow

If you route service desk alerts to your enterprise's ServiceNow, each alert would automatically generate a ServiceNow incident. You must set up the integration between Aternity and ServiceNow, then configure the types of SDA which you want to route to ServiceNow. Learn more.

Aternity can send service desk alerts as an email, REST API or to ServiceNow

Aternity sends SDA when it detects the same health event on the same device repeatedly. Learn more about Aternity's health events.

Procedure

  1. Step 1 Access the configuration wizard for the rules that trigger service desk alerts by selecting the Gear Icon > Alerts.
    Select the Service Desk Alerts tab.
    View and edit the rules when Aternity sends an SDA
    Field Description
    Integrate with ServiceNow

    Select to integrate ServiceNow to Aternity if you want to route your SDA into your enterprise's ServiceNow. Learn more.

    Add New Alert

    Create as many rules as you need to automatically trigger actions, based on your criteria (e.g. sending emails or executing different remediation actions for different locations).

    Alert Rule Name

    Displays the name of the predefined SDA. Aternity sends alerts when health events occur according to the rules you configure.

    For details, see the complete list of health events.

    Event Type

    Displays the type of health event.

    For details, see the complete list of health events.

    Category

    Displays the category of the SDA and its underlying health event:

    • Hardware: A hardware health event for a device is a significant hardware problem on a device which impacts its overall health, like memory paging, or disk related errors and so on.

    • System: A system health event for a device is a significant problem at the level of the operating system which impacts on the device's overall health, like BSODs or other system crashes.

    • Application: A health event for an application occurs if it crashes, or for web applications, if it encounters a web error (like if the requested page is not found).

    Business Impact

    Displays the impact to the business of this alert. Use this to determine the urgency for resolving it.

    Trigger

    Displays the number of times this health event must occur within a set time period to trigger the health alert.

    Cooling Period

    Displays the time to wait before issuing another identical health alert on this device. Use this to avoid receiving a flood of alerts.

    Notification

    Displays whether Aternity sends automatic email notifications to the customer about health event that triggered this health alert or not and specifies the type of notification (Email, ServiceNow).

    Remediation

    Displays whether Aternity sends an automatic remediation action to the end user device on which occurred the health event that triggered this health alert or not and specifies the name of the action.

    Last Modified

    Displays the date when you last changed the rules which trigger this alert.

  2. Step 2 Activate an SDA by selecting Add New Alert.

    Enter the name for this alert. Fill in all necessary information. Click Next to move to the next tab. You can select Back any time. Click Save when done.

    Add the rules triggering an SDA alert
    Field Description
    Enable Alert

    Select to toggle whether Aternity sends this SDA alert in your organization.

    Name

    Displays the predefined name of the SDA alert.

    Fill in the name in order to continue.

    Event Type

    Displays the type of health event.

    For details, see the complete list of health events.

    Category

    Displays the category of the SDA and its underlying health event:

    • Hardware: A hardware health event for a device is a significant hardware problem on a device which impacts its overall health, like memory paging, or disk related errors and so on.

    • System: A system health event for a device is a significant problem at the level of the operating system which impacts on the device's overall health, like BSODs or other system crashes.

    • Application: A health event for an application occurs if it crashes, or for web applications, if it encounters a web error (like if the requested page is not found).

    Business Impact

    Displays the impact to the business of this alert. Use this to determine the urgency for resolving it.

    Trigger Alert

    Select Always to trigger on the first occurrence of this health event, or select When to enter the conditions which trigger this alert:

    • Enter the number of times the health event must occur (up to 99).

    • Enter the time window where Aternity counts the number of times this health event occurred (up to 99 times).

    For example, you can specify that Aternity triggers this alert when a device has this event twice within any 24 hours, or within a seven day period, and so on.

    Cooling Period

    Displays the time to wait before issuing another identical health alert on this device. Use this to avoid receiving a flood of alerts.

    Next Click Next to continue to the next step or Cancel to cancel the setup.
    Filter by Event Identifier

    Limit the alerts generated by this rule to a subset of the relevant health event by filtering the component(s) to include in alert(s).

    Event Identifier refers to Component Type. In some cases a component type will already appear according to the selected event type, and in other cases you will see Event Identifier. Understand what the event identifier is by looking at the Component Type for the relevant health event in the Analyze Device Health dashboard when you filter by the same heath event.

    For example, for Application Crash (After Hang) health event, filter by Application, for HD Failure by Drive.

    Another example, if you want to alert about a specific Background Process Crash and not every background process (for example, Anti-Malware), then you need to create a rule on top of Background Process Crash health event, and use MsMpEng.exe Component Name as the Event Identifier. You can see in the Analyze Device Health dashboard that the component type of the background process crash is Process.

    Use the Component Name as a value when defining a filter for the rule. To locate the Component Name by which you want to filter, see in the Device Health dashboard or in the REST API query. Remember to add .exe as well.

    Include or exclude one or several event Identifiers. To enter more than one filter, separate them with a comma. Event Identifiers are case sensitive and can include * as a wildcard character. The string length (the full list of attributes) should be up to 1000 characters.

    Filter by Attribute

    Select for which devices to get alerts about health events.

    Include one or several attributes, or exclude one or several attributes. To enter more than one attribute, separate them with a comma. The attributes are case sensitive and can include * as a wildcard character. The string length (the full list of attributes) should be up to 1000 characters.

    For example, if your organization is split by location, then each service desk of each location should create its own rules and include the Business Location filter in each rule. Thus, you get alerts for health events on devices located in Paris only, and not in London.

    As for Filter by Device, if you defined custom attributes for devices, then you can filter by them too.

    Notify by Email

    (Optional) Select to enable sending this specific SDA to the email addresses which you specify below.

    Notify by Email > Email Addresses

    Enter the email addresses of the recipients of this SDA alert. To enter more than one, separate them with a semi-colon.

    Notify in ServiceNow

    (Optional) Select to enable sending this specific SDA to your enterprise's ServiceNow. Learn more.

    Notify in ServiceNow > Environment

    Select the ServiceNow environment which you want to route all occurrences of this SDA. You must first set up each environment in the ServiceNow Settings page. You can only set up two ServiceNow environments called Test and Production. Learn more.

    Notify in ServiceNow > Set up integration

    Select to enter the settings which connect Aternity to your ServiceNow, for routing the selected service desk alerts to ServiceNow. Learn more.

    Run an automatic remediation action

    Select to enable running a remediation action. When Aternity generates this SDA alert, the action will be automatically executed.

    Once enabled, select an action from the drop-down list.

    Do not enable this option if you do not want to execute remediation actions automatically.

    This functionality applies only to Windows end-user devices with Agent 12 or later. Install the Agent for End User Devices locally on a Windows desktop or laptop.

  3. Step 3 Change the rules which trigger an SDA by selecting the row's context menu on the right > Edit.
    Change the rules triggering an SDA alert

    To disable an alert rule, select the row's context menu on the right > Edit > Disable.

    To delete an alert rule, select the row's context menu on the right > Edit > Delete.

  4. Step 4 If you enabled email alerts, check for SDA emails at the address you entered, where each mail is a list of fields for easy automatic parsing.
    Example of SDA email
  5. Step 5 To send service desk alerts directly to your enterprise's ServiceNow, select Integrate with ServiceNow.

    Integrate Aternity with ServiceNow if you want to automatically route service desk alerts (SDA) to ServiceNow. Learn more.

    Integrate Aternity with your ServiceNow

    While establishing a connection to ServiceNow, you can verify if the login credentials you entered were correct and whether the connection can be established. To perform verification, select Verify after entering credentials.