Alerts

Follow

Contents

The Alerts section of BetterCloud allows you to enable and customize a library of alerts for your domain, to help keep you apprised of security concerns and monitor important settings. Alerts can also be used to trigger workflows, allowing you to dynamically manage security concerns, redundancies, and routine admin tasks across your organization. This article will walk through how to set up, customize, manage and audit alerts.  

Exploring and Managing Alerts

The Alerts section of BetterCloud can be accessed via the left side navigation bar. When you click on it, you'll be provided with three dropdown menu options. Select "Manage" to be directed to the Alerts Manager.

By default, the Alerts Manager will hold the library of system alerts included with the BetterCloud app. When custom alerts are created for your domain, they will also be displayed here.

The Alerts Manager will display alert information in several default columns: 

  1. Type - Denotes whether an alert is a default "System" alert or a "Custom" alert
  2. Name - Lists the alert's full name
  3. Connector - Displays the icon of the connector that the alert's triggering data point is associated with
  4. Description - Displays the description of the alert
  5. Severity - Lists the severity designated to the alert as "Minor", "Major" or "Critical"

There is one column that is hidden by default, and an unlabeled column for alert management actions that are nested beneath a dropdown carrot icon: 

  1. Dropdown carrot - contains options to edit, duplicate, or delete the alert (only custom and duplicate alerts can be deleted)
  2. Enabled - Lists whether an alert is enabled or disabled by "Yes" or "No"

Columns in the Alerts Manager can be managed and customized further by clicking on each column header.

Most columns can be filtered down to a particular content type, or filtered for unique search content within. Columns that contains text entries, except for "Description", can be sorted to display its information in ascending or descending alphabetical order. All columns except for "Name" and the dropdown actions carrot can be hidden. And from each column, you have the option to restore others that have already been hidden. 

Here's what two different column examples look like: "Name" displays options for searching by content, and "Connector" displays options for filtering by content type. 

Setting Up System Alerts

When you click on an alert's name from the Alert Manager, or select "Edit" from the dropdown carrot associated with that alert, a right side flyout tab will appear. 

This tab offers the ability to change the alert's severity setting, number of instances necessary to trigger the alert, and notification preferences:  

Alert Details

Alert Details contains the alert's associated connector, name, description, and current alert type. In system alerts, these fields are read-only. In custom alerts, name and description can be edited. 

Alert Trigger Conditions

Alert trigger conditions govern the data point that the alert is monitoring, when enabled. In system alerts the connector, object and event type are predetermined and read-only. 

However, if applicable, you can also click the "Add Condition" button to duplicate the system alert and create a custom alert from it, which will allow you to add up to two additional conditions. For instructions on creating custom alerts, please see Customizing Alerts below.

Timing & Thresholds

Timing & Thresholds allow you to scope your conditions by setting the threshold that must be exceeded before the alert will trigger, causing it to appear in the Triggered Alerts section. Time Period and Operator fields are predetermined and read-only, and threshold count can be scaled up or down. 

Notifications

When an enabled alert exceeds its threshold and is triggered, it will appear in the Triggered Alerts section of BetterCloud. The Notifications section of the flyout allows you to set an alert's severity level, enable or disable the alert, and configure additional notification methods that will take place when this alert is triggered. 

"Send an alert notification email" requires a recipient email address, subject and message. 

"Send an alert SMS message" requires a U.S. domestic phone number and message.

"Send an alert via Webhook" requires a valid webhook and message. 

When you have taken all of the required setup steps, you can save your alert at the bottom of the tab. Enabled alerts, when they exceed their set threshold, will then appear in the Triggered Alerts section for review. All alerts, whether enabled or disabled, will continue to appear in the Alerts Manager.

Customizing Alerts

By adding trigger conditions to a default system alert that are specific to your domain, you can create custom alerts in BetterCloud. Any existing system alert, whether enabled or not, can be used as a template to build a custom alert.

To begin, navigate to the Alerts Manager and click the name of the system alert you wish to start with. In the "Alert Trigger Conditions" section of the alert's flyout tab, click "Add Condition". You'll be prompted with a popup box in which to enter the name of your new custom alert. From this popup, click "Cancel" to exit back out to the system alert's tab, or "Continue" when you've entered a name for your new custom alert.

*Please note: Some system alerts cannot be customized. In these cases, an "Add Condition" option will not appear in the alert's flyout tab.

When you continue, the alert's name in the flyout tab will now be set to your custom alert's name. You can now also change the alert's description, so that your custom alert can be more easily distinguished from the system template it was copied from.

Next, you can add up to two custom conditions to the alert, in addition to the primary condition that the alert came equipped with. All conditions will operate in combined "AND" behavior (i.e. when a user is created in Google, AND that user has been placed in org unit "XYZ".)

To customize your conditions, you'll need to select a relevant "Data Point" from the associated field's dropdown menu, an "Operator" from the associated field's dropdown menu that will determine how the condition scopes, and then enter the data point's value in the following "Operand" field. If need be, you can remove an added condition by clicking the "x" box to the right of the condition. 

Finally, select "Timing & Thresholds" and "Notifications" settings to complete your alert, which will be the same as when setting up a system alert. Save the alert at the bottom of the flyout. 

In the Alert Manager, this alert will now be listed as "Custom" in the "Type" column. Enabled alerts, when they exceed their set threshold, will then appear in the Triggered Alerts section for review.

Auditing Triggered Alerts

When enabled alerts exceed their designated threshold, they will appear in the Triggered Alerts section of BetterCloud. This section can be reached by clicking "Triggered Alerts", under "Alerts" in the left side navigation bar. 

Triggered Alerts will display alert information in several default columns: 

  1. Status - Lists each alert's visibility status as either "New" or "Read"
  2. Triggered - lists the date that the alert was most recently triggered
  3. Severity - Displays the severity listing of "Minor", "Major" or "Critical", that the alert was given when set up
  4. Name - Lists the alert's full name
  5. Connector - Displays the icon of the connector that the alert's triggering data point is associated with
  6. Count - Lists the number of events over the threshold that the alert has been triggered by
  7. Threshold - Lists the threshold count that the alert is currently set to

Columns in Triggered Alerts can be managed and customized further by clicking on each column header.

Some columns can be filtered down to a particular content type, or filtered for unique search content within. All columns except for "Count" can be sorted to display their information in ascending or descending order. All columns except for "Name" can be hidden, and from each column you have the option to restore others that have already been hidden. 

Here's an example of what the "Connector" column will look like: 

You can review the results of a triggered alert by clicking on its name from the grid, which will cause a right side flyout tab to appear. The name of the alert will be displayed at the top of the tab, and the "Details" section below will collate the information also displayed in the grid. Next, a subgrid will show a history of the users who triggered the alert, listed by their email addresses, and the date and timestamp when they did so. 

Clicking on a user's email address from this grid will prompt their User 360 flyout tab to appear. You can read more about the information you can see in this tab and the changes you can make here

You can also use this grid to select users by their checkboxes individually or in bulk, and make changes to address their alerted state using the "Actions" dropdown that will appear at the top of the tab. You can read more about manual and bulk user change actions here

Suggesting Alerts

From anywhere in the BetterCloud app, you can click on "Alerts" > "Suggest an Alert" from the left side navigation menu. Over your current place in the app, a popup window will appear that will allow you to enter and submit your suggestion. 

Alerts as Workflow Events

Alerts in BetterCloud can now be used to trigger and automate workflow actions across connectors! When a configured alert is used as the WHEN event in a published workflow, triggers that cause the alert's threshold to be exceeded will also trigger the workflow to run and take its set actions. This combination will allow you to dynamically manage security concerns, redundancies, and routine admin tasks across your organization.

For more information, please see here: Using an Alert as a Workflow Event

Important / Requirements

  • If configuring an alert to notify you via SMS text message, please note that this functionality will only support U.S. domestic phone numbers. 
  • Alerts associated with a given connector, and webhook notifications sent to other connectors, will only be available after the connector has been enabled in BetterCloud. For more information on connecting a supported app, please see here
  • Please note: Some system alerts cannot be customized. In these cases, an "Add Condition" option will not appear in the alert's flyout tab.
  • When creating a custom alert, up to two custom conditions can be added, in addition to the primary condition that the alert came equipped with.
  • All custom alert conditions will operate in combined "AND" behavior (i.e. when a user is created in Google, AND that user has been placed in org unit "XYZ".)
  • Only custom and duplicate alerts can be deleted.
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request